feat: allow for separate vk render on-chain (#697)

zkonduit · Jan 25, 2024 · bc7c331 · bc7c331
1 parent df72e01
commit bc7c331
Show file tree

Hide file tree

Showing 9 changed files with 400 additions and 42 deletions.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -313,6 +313,8 @@ jobs:
         run: (hash svm 2>/dev/null || cargo install svm-rs) && svm install 0.8.20 && solc --version
       - name: Install Anvil
         run: cargo install --git https://github.com/foundry-rs/foundry --rev 95a93cd397f25f3f8d49d2851eb52bc2d52dd983 --profile local --locked anvil --force
+      - name: KZG prove and verify tests (EVM + VK rendered seperately)
+        run: cargo nextest run --release --verbose tests_evm::kzg_evm_prove_and_verify_render_seperately_ --test-threads 1
       - name: KZG prove and verify tests (EVM + kzg all)
         run: cargo nextest run --release --verbose tests_evm::kzg_evm_kzg_all_prove_and_verify --test-threads 1
       - name: KZG prove and verify tests (EVM + kzg inputs)
@@ -653,4 +655,3 @@ jobs:
         run: source .env/bin/activate; cargo nextest run py_tests::tests::tictactoe_ --no-capture
       # - name: Postgres tutorials
       #   run: source .env/bin/activate; cargo nextest run py_tests::tests::postgres_ --test-threads 1
-
diff --git a/src/circuit/ops/poly.rs b/src/circuit/ops/poly.rs
@@ -237,7 +237,7 @@ impl<F: PrimeField + TensorType + PartialOrd + Serialize + for<'de> Deserialize<
             }
             PolyOp::Neg => layouts::neg(config, region, values[..].try_into()?)?,
             PolyOp::Iff => layouts::iff(config, region, values[..].try_into()?)?,
-            PolyOp::Einsum { equation } => layouts::einsum(config, region, &values, equation)?,
+            PolyOp::Einsum { equation } => layouts::einsum(config, region, values, equation)?,
             PolyOp::Sum { axes } => {
                 layouts::sum_axes(config, region, values[..].try_into()?, axes)?
             }

diff --git a/src/commands.rs b/src/commands.rs
@@ -59,6 +59,8 @@ pub const DEFAULT_SOL_CODE_DA: &str = "evm_deploy_da.sol";
 pub const DEFAULT_CONTRACT_ADDRESS: &str = "contract.address";
 /// Default contract address for data attestation
 pub const DEFAULT_CONTRACT_ADDRESS_DA: &str = "contract_da.address";
+/// Default contract address for vk
+pub const DEFAULT_CONTRACT_ADDRESS_VK: &str = "contract_vk.address";
 /// Default check mode
 pub const DEFAULT_CHECKMODE: &str = "safe";
 /// Default calibration target
@@ -75,6 +77,12 @@ pub const DEFAULT_CALIBRATION_FILE: &str = "calibration.json";
 pub const DEFAULT_LOOKUP_SAFETY_MARGIN: &str = "2";
 /// Default Compress selectors
 pub const DEFAULT_COMPRESS_SELECTORS: &str = "false";
+/// Default render vk seperately
+pub const DEFAULT_RENDER_VK_SEPERATELY: &str = "false";
+/// Default VK sol path
+pub const DEFAULT_VK_SOL: &str = "vk.sol";
+/// Default VK abi path
+pub const DEFAULT_VK_ABI: &str = "vk.abi";
 
 impl std::fmt::Display for TranscriptType {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
@@ -584,6 +592,31 @@ pub enum Commands {
         /// The path to output the Solidity verifier ABI
         #[arg(long, default_value = DEFAULT_VERIFIER_ABI)]
         abi_path: PathBuf,
+        /// Whether the verifier key should be rendered as a separate contract.
+        /// We recommend disabling selector compression if this is enabled.
+        /// To save the verifier key as a separate contract, set this to true and then call the create-evm-vk command.        
+        #[arg(long, default_value = DEFAULT_RENDER_VK_SEPERATELY)]
+        render_vk_seperately: bool,
+    },
+    #[cfg(not(target_arch = "wasm32"))]
+    /// Creates an EVM verifier for a single proof
+    #[command(name = "create-evm-vk")]
+    CreateEVMVK {
+        /// The path to SRS, if None will use $EZKL_REPO_PATH/srs/kzg{logrows}.srs
+        #[arg(long)]
+        srs_path: Option<PathBuf>,
+        /// The path to load circuit settings .json file from (generated using the gen-settings command)
+        #[arg(short = 'S', long, default_value = DEFAULT_SETTINGS)]
+        settings_path: PathBuf,
+        /// The path to load the desired verification key file
+        #[arg(long, default_value = DEFAULT_VK)]
+        vk_path: PathBuf,
+        /// The path to output the Solidity code
+        #[arg(long, default_value = DEFAULT_VK_SOL)]
+        sol_code_path: PathBuf,
+        /// The path to output the Solidity verifier ABI
+        #[arg(long, default_value = DEFAULT_VK_ABI)]
+        abi_path: PathBuf,
     },
     #[cfg(not(target_arch = "wasm32"))]
     /// Creates an EVM verifier that attests to on-chain inputs for a single proof
@@ -629,6 +662,11 @@ pub enum Commands {
         // logrows used for aggregation circuit
         #[arg(long, default_value = DEFAULT_AGGREGATED_LOGROWS)]
         logrows: u32,
+        /// Whether the verifier key should be rendered as a separate contract.
+        /// We recommend disabling selector compression if this is enabled.
+        /// To save the verifier key as a separate contract, set this to true and then call the create-evm-vk command.        
+        #[arg(long, default_value = DEFAULT_RENDER_VK_SEPERATELY)]
+        render_vk_seperately: bool,
     },
     /// Verifies a proof, returning accept or reject
     Verify {
@@ -680,6 +718,25 @@ pub enum Commands {
         private_key: Option<String>,
     },
     #[cfg(not(target_arch = "wasm32"))]
+    /// Deploys an evm verifier that is generated by ezkl
+    DeployEvmVK {
+        /// The path to the Solidity code (generated using the create-evm-verifier command)
+        #[arg(long, default_value = DEFAULT_VK_SOL)]
+        sol_code_path: PathBuf,
+        /// RPC URL for an Ethereum node, if None will use Anvil but WON'T persist state
+        #[arg(short = 'U', long)]
+        rpc_url: Option<String>,
+        #[arg(long, default_value = DEFAULT_CONTRACT_ADDRESS_VK)]
+        /// The path to output the contract address
+        addr_path: PathBuf,
+        /// The optimizer runs to set on the verifier. Lower values optimize for deployment cost, while higher values optimize for gas cost.
+        #[arg(long, default_value = DEFAULT_OPTIMIZER_RUNS)]
+        optimizer_runs: usize,
+        /// Private secp256K1 key in hex format, 64 chars, no 0x prefix, of the account signing transactions. If None the private key will be generated by Anvil
+        #[arg(short = 'P', long)]
+        private_key: Option<String>,
+    },
+    #[cfg(not(target_arch = "wasm32"))]
     /// Deploys an evm verifier that allows for data attestation
     #[command(name = "deploy-evm-da")]
     DeployEvmDataAttestation {
@@ -721,6 +778,9 @@ pub enum Commands {
         /// does the verifier use data attestation ?
         #[arg(long)]
         addr_da: Option<H160>,
+        // is the vk rendered seperately, if so specify an address
+        #[arg(long)]
+        addr_vk: Option<H160>,
     },
 
     /// Print the proof in hexadecimal

diff --git a/src/eth.rs b/src/eth.rs
@@ -101,17 +101,18 @@ pub async fn setup_eth_backend(
 }
 
 ///
-pub async fn deploy_verifier_via_solidity(
+pub async fn deploy_contract_via_solidity(
     sol_code_path: PathBuf,
     rpc_url: Option<&str>,
     runs: usize,
     private_key: Option<&str>,
+    contract_name: &str,
 ) -> Result<ethers::types::Address, Box<dyn Error>> {
     // anvil instance must be alive at least until the factory completes the deploy
     let (anvil, client) = setup_eth_backend(rpc_url, private_key).await?;
 
     let (abi, bytecode, runtime_bytecode) =
-        get_contract_artifacts(sol_code_path, "Halo2Verifier", runs)?;
+        get_contract_artifacts(sol_code_path, contract_name, runs)?;
 
     let factory = get_sol_contract_factory(abi, bytecode, runtime_bytecode, client.clone())?;
     let contract = factory.deploy(())?.send().await?;
@@ -335,11 +336,16 @@ pub async fn update_account_calls(
 pub async fn verify_proof_via_solidity(
     proof: Snark<Fr, G1Affine>,
     addr: ethers::types::Address,
+    addr_vk: Option<H160>,
     rpc_url: Option<&str>,
 ) -> Result<bool, Box<dyn Error>> {
     let flattened_instances = proof.instances.into_iter().flatten();
 
-    let encoded = encode_calldata(None, &proof.proof, &flattened_instances.collect::<Vec<_>>());
+    let encoded = encode_calldata(
+        addr_vk.as_ref().map(|x| x.0),
+        &proof.proof,
+        &flattened_instances.collect::<Vec<_>>(),
+    );
 
     info!("encoded: {:#?}", hex::encode(&encoded));
     let (anvil, client) = setup_eth_backend(rpc_url, None).await?;
@@ -439,6 +445,7 @@ pub async fn verify_proof_with_data_attestation(
     proof: Snark<Fr, G1Affine>,
     addr_verifier: ethers::types::Address,
     addr_da: ethers::types::Address,
+    addr_vk: Option<H160>,
     rpc_url: Option<&str>,
 ) -> Result<bool, Box<dyn Error>> {
     use ethers::abi::{Function, Param, ParamType, StateMutability, Token};
@@ -452,8 +459,11 @@ pub async fn verify_proof_with_data_attestation(
         public_inputs.push(u);
     }
 
-    let encoded_verifier =
-        encode_calldata(None, &proof.proof, &flattened_instances.collect::<Vec<_>>());
+    let encoded_verifier = encode_calldata(
+        addr_vk.as_ref().map(|x| x.0),
+        &proof.proof,
+        &flattened_instances.collect::<Vec<_>>(),
+    );
 
     info!("encoded: {:#?}", hex::encode(&encoded_verifier));