Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ivc): support_circuit::p_out calc #403

Open
wants to merge 1 commit into
base: 369-feat-sangria-instances-markers-len
Choose a base branch
from
Open

feat(ivc): support_circuit::p_out calc #403

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
243 changes: 124 additions & 119 deletions src/gadgets/ecc/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
use std::{cmp, marker::PhantomData};

use rand_core::OsRng;
use tracing::*;

use crate::{
halo2_proofs::{
arithmetic::{CurveAffine, Field},
circuit::Chip,
halo2curves::ff::PrimeField,
halo2curves::ff::{PrimeField, PrimeFieldBits},
plonk::Error,
},
main_gate::{AssignedValue, RegionCtx},
Expand Down Expand Up @@ -343,154 +344,158 @@ impl<C: CurveAffine, G: EccGate<C::Base>> EccChip<C, G> {
}
}

#[cfg(test)]
pub(crate) mod tests {
use std::num::NonZeroUsize;
/// Auxiliary class that performs the off-circuit version of ecc gadget calculations
#[derive(Clone, Debug)]
pub(crate) struct Point<C: CurveAffine> {
x: C::Base,
y: C::Base,
is_inf: bool,
}
impl<C: CurveAffine> From<C> for Point<C> {
fn from(value: C) -> Self {
let c = value.coordinates().unwrap();

use halo2_proofs::{circuit::Value, halo2curves::ff::PrimeFieldBits};
use rand_core::OsRng;
use tracing_test::traced_test;
Self {
x: *c.x(),
y: *c.y(),
is_inf: value.is_identity().into(),
}
}
}

use super::*;
use crate::{
create_and_verify_proof,
ff::Field,
halo2_proofs::{
circuit::{Chip, Layouter, SimpleFloorPlanner},
plonk::{Circuit, Column, ConstraintSystem, Instance},
},
halo2curves::pasta::{pallas, EqAffine, Fp, Fq},
main_gate::{MainGate, MainGateConfig},
run_mock_prover_test,
util::ScalarToBase,
};
impl<C: CurveAffine> Point<C> {
pub fn into_curve(self) -> C {
let Self { x, y, is_inf: _ } = self;
C::from_xy(x, y).unwrap()
}
pub fn into_pair(self) -> (C::Base, C::Base) {
(self.x, self.y)
}
}

#[derive(Clone, Debug)]
pub(crate) struct Point<C: CurveAffine> {
x: C::Base,
y: C::Base,
is_inf: bool,
impl<C: CurveAffine> Point<C> {
fn default() -> Self {
Self {
x: C::Base::ZERO,
y: C::Base::ZERO,
is_inf: true,
}
}
impl<C: CurveAffine> From<C> for Point<C> {
fn from(value: C) -> Self {
let c = value.coordinates().unwrap();

Self {
x: *c.x(),
y: *c.y(),
is_inf: value.is_identity().into(),
/// Add any two points
pub fn add(&self, other: &Point<C>) -> Self {
if self.x == other.x {
// If self == other then call double
if self.y == other.y {
self.double()
} else {
// if self.x == other.x and self.y != other.y then return infinity
Self {
x: C::Base::ZERO,
y: C::Base::ZERO,
is_inf: true,
}
}
} else {
self.add_internal(other)
}
}

impl<C: CurveAffine> Point<C> {
pub fn into_curve(self) -> C {
let Self { x, y, is_inf: _ } = self;
C::from_xy(x, y).unwrap()
/// Add two different points
pub fn add_internal(&self, other: &Point<C>) -> Self {
if self.is_inf {
return other.clone();
}

if other.is_inf {
return self.clone();
}

let lambda = (other.y - self.y) * (other.x - self.x).invert().unwrap();
let x = lambda * lambda - self.x - other.x;
let y = lambda * (self.x - x) - self.y;
Self {
x,
y,
is_inf: false,
}
}

impl<C: CurveAffine> Point<C> {
fn default() -> Self {
Self {
pub fn double(&self) -> Self {
if self.is_inf {
return Self {
x: C::Base::ZERO,
y: C::Base::ZERO,
is_inf: true,
}
};
}

/// Add any two points
pub fn add(&self, other: &Point<C>) -> Self {
if self.x == other.x {
// If self == other then call double
if self.y == other.y {
self.double()
} else {
// if self.x == other.x and self.y != other.y then return infinity
Self {
x: C::Base::ZERO,
y: C::Base::ZERO,
is_inf: true,
}
}
} else {
self.add_internal(other)
}
let lambda = C::Base::from(3)
* self.x
* self.x
* ((C::Base::ONE + C::Base::ONE) * self.y).invert().unwrap();
let x = lambda * lambda - self.x - self.x;
let y = lambda * (self.x - x) - self.y;
Self {
x,
y,
is_inf: false,
}
}

/// Add two different points
pub fn add_internal(&self, other: &Point<C>) -> Self {
if self.is_inf {
return other.clone();
}

if other.is_inf {
return self.clone();
}
pub fn scalar_mul<F: PrimeFieldBits>(&self, scalar: &F) -> Self {
let mut res = Self {
x: C::Base::ZERO,
y: C::Base::ZERO,
is_inf: true,
};

let lambda = (other.y - self.y) * (other.x - self.x).invert().unwrap();
let x = lambda * lambda - self.x - other.x;
let y = lambda * (self.x - x) - self.y;
Self {
x,
y,
is_inf: false,
let bits = scalar.to_le_bits();
for i in (0..bits.len()).rev() {
res = res.double();
if bits[i] {
res = self.add(&res);
}
}
res
}

pub fn double(&self) -> Self {
if self.is_inf {
fn random_vartime() -> Self {
loop {
let x = C::Base::random(&mut OsRng);
let y = (x.square() * x + C::b()).sqrt();
if y.is_some().unwrap_u8() == 1 {
return Self {
x: C::Base::ZERO,
y: C::Base::ZERO,
is_inf: true,
x,
y: y.unwrap(),
is_inf: false,
};
}

let lambda = C::Base::from(3)
* self.x
* self.x
* ((C::Base::ONE + C::Base::ONE) * self.y).invert().unwrap();
let x = lambda * lambda - self.x - self.x;
let y = lambda * (self.x - x) - self.y;
Self {
x,
y,
is_inf: false,
}
}
}
}

pub fn scalar_mul<F: PrimeFieldBits>(&self, scalar: &F) -> Self {
let mut res = Self {
x: C::Base::ZERO,
y: C::Base::ZERO,
is_inf: true,
};
#[cfg(test)]
pub(crate) mod tests {
use std::num::NonZeroUsize;

let bits = scalar.to_le_bits();
for i in (0..bits.len()).rev() {
res = res.double();
if bits[i] {
res = self.add(&res);
}
}
res
}
use halo2_proofs::{circuit::Value, halo2curves::ff::PrimeFieldBits};
use rand_core::OsRng;
use tracing_test::traced_test;

fn random_vartime() -> Self {
loop {
let x = C::Base::random(&mut OsRng);
let y = (x.square() * x + C::b()).sqrt();
if y.is_some().unwrap_u8() == 1 {
return Self {
x,
y: y.unwrap(),
is_inf: false,
};
}
}
}
}
use super::*;
use crate::{
create_and_verify_proof,
ff::Field,
halo2_proofs::{
circuit::{Chip, Layouter, SimpleFloorPlanner},
plonk::{Circuit, Column, ConstraintSystem, Instance},
},
halo2curves::pasta::{pallas, EqAffine, Fp, Fq},
main_gate::{MainGate, MainGateConfig},
run_mock_prover_test,
util::ScalarToBase,
};

const T: usize = 4;
#[derive(Clone, Debug)]
Expand Down
1 change: 0 additions & 1 deletion src/ivc/cyclefold/incrementally_verifiable_computation/public_params.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,6 @@ where
l0: CMain::Base::ZERO,
p1: CMain::identity(),
l1: CMain::Base::ZERO,
p_out: CMain::identity(),
}
.into_instance();

Expand Down
29 changes: 9 additions & 20 deletions src/ivc/cyclefold/support_circuit/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ use std::{marker::PhantomData, num::NonZeroUsize};
use tracing::*;

use crate::{
gadgets::ecc,
gadgets::ecc::{self, Point},
halo2_proofs::{
circuit::{Layouter, SimpleFloorPlanner},
halo2curves::{
Expand Down Expand Up @@ -34,8 +34,6 @@ pub struct InstanceInput<C: CurveAffine> {

pub p1: C,
pub l1: C::Base,

pub p_out: C,
}

impl<C: CurveAffine> InstanceInput<C>
Expand All @@ -45,11 +43,15 @@ where
pub fn into_instance(self) -> Vec<Vec<C::Base>> {
let p0 = self.p0.coordinates().unwrap();
let p1 = self.p1.coordinates().unwrap();
let p_out = self.p_out.coordinates().unwrap();

let (p_out_x, p_out_y) = Point::from(self.p0)
.scalar_mul(&self.l0)
.add(&Point::from(self.p1).scalar_mul(&self.l1))
.into_pair();

let instance: [C::Base; INSTANCES_LEN] = [
*p_out.x(),
*p_out.y(),
p_out_x,
p_out_y,
*p0.x(),
*p0.y(),
self.l0,
Expand Down Expand Up @@ -163,7 +165,6 @@ mod tests {

use super::*;
use crate::{
gadgets::ecc::tests::Point,
halo2_proofs::dev::MockProver,
prelude::{bn256::C1Affine as Curve, Field},
};
Expand All @@ -189,22 +190,10 @@ mod tests {
let l0 = Base::from_repr(l0.to_repr()).unwrap();
let l1 = Base::from_repr(l1.to_repr()).unwrap();

let p_out = Point::from(p0)
.scalar_mul(&l0)
.add(&Point::from(p1).scalar_mul(&l1))
.into_curve();

MockProver::run(
SupportCircuit::<Curve>::MIN_K_TABLE_SIZE,
&circuit,
InstanceInput {
p0,
l0,
p1,
l1,
p_out,
}
.into_instance(),
InstanceInput { p0, l0, p1, l1 }.into_instance(),
)
.unwrap()
.verify()
Expand Down
Loading