Merge branch 'develop'

Consensys · Feb 14, 2023 · 7594ef5 · 7594ef5
2 parents f9e5574 + f8673c4
commit 7594ef5
Show file tree

Hide file tree

Showing 101 changed files with 3,157 additions and 6,866 deletions.
diff --git a/README.md b/README.md
@@ -70,6 +70,15 @@ Refer to the [`gnark` User Documentation]
 Here is what `x**3 + x + 5 = y` looks like
 
 ```golang
+package main
+
+import (
+	"github.com/consensys/gnark-crypto/ecc"
+	"github.com/consensys/gnark/backend/groth16"
+	"github.com/consensys/gnark/frontend"
+	"github.com/consensys/gnark/frontend/cs/r1cs"
+)
+
 // CubicCircuit defines a simple circuit
 // x**3 + x + 5 == y
 type CubicCircuit struct {
@@ -87,21 +96,24 @@ func (circuit *CubicCircuit) Define(api frontend.API) error {
 	return nil
 }
 
-// compiles our circuit into a R1CS
-var circuit CubicCircuit
-ccs, err := frontend.Compile(ecc.BN254.ScalarField(), r1cs.NewBuilder, &circuit)
+func main() {
+	// compiles our circuit into a R1CS
+	var circuit CubicCircuit
+	ccs, _ := frontend.Compile(ecc.BN254, r1cs.NewBuilder, &circuit)
 
-// groth16 zkSNARK: Setup
-pk, vk, err := groth16.Setup(ccs)
+	// groth16 zkSNARK: Setup
+	pk, vk, _ := groth16.Setup(ccs)
 
-// witness definition
-assignment := CubicCircuit{X: 3, Y: 35}
-witness, err := frontend.NewWitness(&assignment, ecc.BN254.ScalarField())
-publicWitness, _ := witness.Public()
+	// witness definition
+	assignment := CubicCircuit{X: 3, Y: 35}
+	witness, _ := frontend.NewWitness(&assignment, ecc.BN254)
+	publicWitness, _ := witness.Public()
+
+	// groth16: Prove & Verify
+	proof, _ := groth16.Prove(ccs, pk, witness)
+	groth16.Verify(proof, vk, publicWitness)
+}
 
-// groth16: Prove & Verify
-proof, err := groth16.Prove(ccs, pk, witness)
-err := groth16.Verify(proof, vk, publicWitness)
 ```
 
 ## Citing

diff --git a/backend/hint/registry.go b/backend/hint/registry.go
@@ -9,7 +9,7 @@ import (
 var registry = make(map[ID]Function)
 var registryM sync.RWMutex
 
-// Register registers an hint function in the global registry.
+// Register registers a hint function in the global registry.
 func Register(hintFns ...Function) {
 	registryM.Lock()
 	defer registryM.Unlock()

diff --git a/backend/plonk/plonk_test.go b/backend/plonk/plonk_test.go
@@ -0,0 +1,169 @@
+package plonk_test
+
+import (
+	"bytes"
+	"math/big"
+	"testing"
+
+	"github.com/consensys/gnark"
+	"github.com/consensys/gnark-crypto/ecc"
+	"github.com/consensys/gnark-crypto/kzg"
+	"github.com/consensys/gnark/backend/plonk"
+	"github.com/consensys/gnark/constraint"
+	"github.com/consensys/gnark/frontend"
+	"github.com/consensys/gnark/frontend/cs/scs"
+	"github.com/consensys/gnark/test"
+	"github.com/stretchr/testify/require"
+)
+
+//--------------------//
+//     benches		  //
+//--------------------//
+
+func TestProver(t *testing.T) {
+
+	for _, curve := range getCurves() {
+		t.Run(curve.String(), func(t *testing.T) {
+			var b1, b2 bytes.Buffer
+			assert := require.New(t)
+
+			ccs, _solution, srs := referenceCircuit(curve)
+			fullWitness, err := frontend.NewWitness(_solution, curve.ScalarField())
+			assert.NoError(err)
+
+			publicWitness, err := fullWitness.Public()
+			assert.NoError(err)
+
+			pk, vk, err := plonk.Setup(ccs, srs)
+			assert.NoError(err)
+
+			// write the PK to ensure it is not mutated
+			_, err = pk.WriteTo(&b1)
+			assert.NoError(err)
+
+			proof, err := plonk.Prove(ccs, pk, fullWitness)
+			assert.NoError(err)
+
+			// check pk
+			_, err = pk.WriteTo(&b2)
+			assert.NoError(err)
+
+			assert.True(bytes.Equal(b1.Bytes(), b2.Bytes()), "plonk prover mutated the proving key")
+
+			err = plonk.Verify(proof, vk, publicWitness)
+			assert.NoError(err)
+
+		})
+
+	}
+}
+
+func BenchmarkSetup(b *testing.B) {
+	for _, curve := range getCurves() {
+		b.Run(curve.String(), func(b *testing.B) {
+			ccs, _, srs := referenceCircuit(curve)
+			b.ResetTimer()
+			for i := 0; i < b.N; i++ {
+				_, _, _ = plonk.Setup(ccs, srs)
+			}
+		})
+	}
+}
+
+func BenchmarkProver(b *testing.B) {
+	for _, curve := range getCurves() {
+		b.Run(curve.String(), func(b *testing.B) {
+			ccs, _solution, srs := referenceCircuit(curve)
+			fullWitness, err := frontend.NewWitness(_solution, curve.ScalarField())
+			if err != nil {
+				b.Fatal(err)
+			}
+			pk, _, err := plonk.Setup(ccs, srs)
+			if err != nil {
+				b.Fatal(err)
+			}
+			b.ResetTimer()
+			for i := 0; i < b.N; i++ {
+				_, _ = plonk.Prove(ccs, pk, fullWitness)
+			}
+		})
+	}
+}
+
+func BenchmarkVerifier(b *testing.B) {
+	for _, curve := range getCurves() {
+		b.Run(curve.String(), func(b *testing.B) {
+			ccs, _solution, srs := referenceCircuit(curve)
+			fullWitness, err := frontend.NewWitness(_solution, curve.ScalarField())
+			if err != nil {
+				b.Fatal(err)
+			}
+			publicWitness, err := fullWitness.Public()
+			if err != nil {
+				b.Fatal(err)
+			}
+
+			pk, vk, err := plonk.Setup(ccs, srs)
+			if err != nil {
+				b.Fatal(err)
+			}
+			proof, err := plonk.Prove(ccs, pk, fullWitness)
+			if err != nil {
+				panic(err)
+			}
+
+			b.ResetTimer()
+			for i := 0; i < b.N; i++ {
+				_ = plonk.Verify(proof, vk, publicWitness)
+			}
+		})
+	}
+}
+
+type refCircuit struct {
+	nbConstraints int
+	X             frontend.Variable
+	Y             frontend.Variable `gnark:",public"`
+}
+
+func (circuit *refCircuit) Define(api frontend.API) error {
+	for i := 0; i < circuit.nbConstraints; i++ {
+		circuit.X = api.Mul(circuit.X, circuit.X)
+	}
+	api.AssertIsEqual(circuit.X, circuit.Y)
+	return nil
+}
+
+func referenceCircuit(curve ecc.ID) (constraint.ConstraintSystem, frontend.Circuit, kzg.SRS) {
+	const nbConstraints = 40000
+	circuit := refCircuit{
+		nbConstraints: nbConstraints,
+	}
+	ccs, err := frontend.Compile(curve.ScalarField(), scs.NewBuilder, &circuit)
+	if err != nil {
+		panic(err)
+	}
+
+	var good refCircuit
+	good.X = 2
+
+	// compute expected Y
+	expectedY := new(big.Int).SetUint64(2)
+	exp := big.NewInt(1)
+	exp.Lsh(exp, nbConstraints)
+	expectedY.Exp(expectedY, exp, curve.ScalarField())
+
+	good.Y = expectedY
+	srs, err := test.NewKZGSRS(ccs)
+	if err != nil {
+		panic(err)
+	}
+	return ccs, &good, srs
+}
+
+func getCurves() []ecc.ID {
+	if testing.Short() {
+		return []ecc.ID{ecc.BN254}
+	}
+	return gnark.Curves()
+}
diff --git a/backend/witness/witness.go b/backend/witness/witness.go
@@ -171,7 +171,27 @@ func (w *witness) WriteTo(wr io.Writer) (n int64, err error) {
 	n += 4
 
 	// write the vector
-	m, err := w.vector.(io.WriterTo).WriteTo(wr)
+	var m int64
+	switch t := w.vector.(type) {
+	case fr_bn254.Vector:
+		m, err = t.WriteTo(wr)
+	case fr_bls12377.Vector:
+		m, err = t.WriteTo(wr)
+	case fr_bls12381.Vector:
+		m, err = t.WriteTo(wr)
+	case fr_bw6761.Vector:
+		m, err = t.WriteTo(wr)
+	case fr_bls24317.Vector:
+		m, err = t.WriteTo(wr)
+	case fr_bls24315.Vector:
+		m, err = t.WriteTo(wr)
+	case fr_bw6633.Vector:
+		m, err = t.WriteTo(wr)
+	case tinyfield.Vector:
+		m, err = t.WriteTo(wr)
+	default:
+		panic("invalid input")
+	}
 	n += m
 	return n, err
 }

diff --git a/constant/constant.go b/constant/constant.go
diff --git a/constraint/bls12-377/solution.go b/constraint/bls12-377/solution.go
diff --git a/constraint/bls12-381/solution.go b/constraint/bls12-381/solution.go
diff --git a/constraint/bls24-315/solution.go b/constraint/bls24-315/solution.go
diff --git a/constraint/bls24-317/solution.go b/constraint/bls24-317/solution.go
diff --git a/constraint/bn254/solution.go b/constraint/bn254/solution.go
diff --git a/constraint/bw6-633/solution.go b/constraint/bw6-633/solution.go