Skip to content

Commit

Permalink
chore!: remove SchnorrVerify opcode (#9897)
Browse files Browse the repository at this point in the history 
Please read [contributing guidelines](CONTRIBUTING.md) and remove this
line.
  • Loading branch information
@TomAFrench
TomAFrench authored Dec 3, 2024
1 parent ac7c0da commit 93cd323
Show file tree
Hide file tree
Showing 56 changed files with 98 additions and 1,648 deletions.
2 changes: 1 addition & 1 deletion barretenberg/cpp/src/barretenberg/dsl/CMakeLists.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,4 +20,4 @@ endif()
barretenberg_module(
dsl
${DSL_DEPENDENCIES}
)
)
8 changes: 0 additions & 8 deletions barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_format.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,14 +109,6 @@ void build_constraints(Builder& builder,
constraint_system.original_opcode_indices.sha256_compression[i]);
}

// Add schnorr constraints
for (size_t i = 0; i < constraint_system.schnorr_constraints.size(); ++i) {
const auto& constraint = constraint_system.schnorr_constraints.at(i);
create_schnorr_verify_constraints(builder, constraint);
gate_counter.track_diff(constraint_system.gates_per_opcode,
constraint_system.original_opcode_indices.schnorr_constraints.at(i));
}

// Add ECDSA k1 constraints
for (size_t i = 0; i < constraint_system.ecdsa_k1_constraints.size(); ++i) {
const auto& constraint = constraint_system.ecdsa_k1_constraints.at(i);
Expand Down
4 changes: 0 additions & 4 deletions barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_format.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
#include "poseidon2_constraint.hpp"
#include "range_constraint.hpp"
#include "recursion_constraint.hpp"
#include "schnorr_verify.hpp"
#include "sha256_constraint.hpp"
#include <cstdint>
#include <utility>
Expand All @@ -41,7 +40,6 @@ struct AcirFormatOriginalOpcodeIndices {
std::vector<size_t> range_constraints;
std::vector<size_t> aes128_constraints;
std::vector<size_t> sha256_compression;
std::vector<size_t> schnorr_constraints;
std::vector<size_t> ecdsa_k1_constraints;
std::vector<size_t> ecdsa_r1_constraints;
std::vector<size_t> blake2s_constraints;
Expand Down Expand Up @@ -85,7 +83,6 @@ struct AcirFormat {
std::vector<RangeConstraint> range_constraints;
std::vector<AES128Constraint> aes128_constraints;
std::vector<Sha256Compression> sha256_compression;
std::vector<SchnorrConstraint> schnorr_constraints;
std::vector<EcdsaSecp256k1Constraint> ecdsa_k1_constraints;
std::vector<EcdsaSecp256r1Constraint> ecdsa_r1_constraints;
std::vector<Blake2sConstraint> blake2s_constraints;
Expand Down Expand Up @@ -134,7 +131,6 @@ struct AcirFormat {
range_constraints,
aes128_constraints,
sha256_compression,
schnorr_constraints,
ecdsa_k1_constraints,
ecdsa_r1_constraints,
blake2s_constraints,
Expand Down
217 changes: 1 addition & 216 deletions barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_format.test.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
#include "acir_format.hpp"
#include "acir_format_mocks.hpp"
#include "barretenberg/common/streams.hpp"
#include "barretenberg/crypto/schnorr/schnorr.hpp"
#include "barretenberg/plonk/composer/standard_composer.hpp"
#include "barretenberg/plonk/composer/ultra_composer.hpp"
#include "barretenberg/plonk/proof_system/types/proof.hpp"
Expand Down Expand Up @@ -45,7 +44,6 @@ TEST_F(AcirFormatTests, TestASingleConstraintNoPubInputs)
.range_constraints = {},
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = {},
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
Expand Down Expand Up @@ -165,7 +163,6 @@ TEST_F(AcirFormatTests, TestLogicGateFromNoirCircuit)
.range_constraints = { range_a, range_b },
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = {},
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
Expand Down Expand Up @@ -205,215 +202,6 @@ TEST_F(AcirFormatTests, TestLogicGateFromNoirCircuit)
EXPECT_EQ(verifier.verify_proof(proof), true);
}

TEST_F(AcirFormatTests, TestSchnorrVerifyPass)
{
std::vector<RangeConstraint> range_constraints;
std::vector<size_t> range_opcode_indices;
size_t current_opcode = 0;
for (uint32_t i = 0; i < 10; i++) {
range_constraints.push_back(RangeConstraint{
.witness = i,
.num_bits = 15,
});
range_opcode_indices.push_back(current_opcode++);
}

std::array<uint32_t, 64> signature;
for (uint32_t i = 0, value = 12; i < 64; i++, value++) {
signature[i] = value;
range_constraints.push_back(RangeConstraint{
.witness = value,
.num_bits = 15,
});
range_opcode_indices.push_back(current_opcode++);
}

SchnorrConstraint schnorr_constraint{
.message = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 },
.public_key_x = 10,
.public_key_y = 11,
.result = 76,
.signature = signature,
};

AcirFormat constraint_system{
.varnum = 81,
.num_acir_opcodes = 76,
.public_inputs = {},
.logic_constraints = {},
.range_constraints = range_constraints,
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = { schnorr_constraint },
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_permutations = {},
.poseidon2_constraints = {},
.multi_scalar_mul_constraints = {},
.ec_add_constraints = {},
.recursion_constraints = {},
.honk_recursion_constraints = {},
.avm_recursion_constraints = {},
.ivc_recursion_constraints = {},
.bigint_from_le_bytes_constraints = {},
.bigint_to_le_bytes_constraints = {},
.bigint_operations = {},
.assert_equalities = {},
.poly_triple_constraints = { poly_triple{
.a = schnorr_constraint.result,
.b = schnorr_constraint.result,
.c = schnorr_constraint.result,
.q_m = 0,
.q_l = 0,
.q_r = 0,
.q_o = 1,
.q_c = fr::neg_one(),
} },
.quad_constraints = {},
.big_quad_constraints = {},
.block_constraints = {},
.original_opcode_indices = create_empty_original_opcode_indices(),
};
mock_opcode_indices(constraint_system);

std::string message_string = "tenletters";
schnorr_key_pair<grumpkin::fr, grumpkin::g1> account;
account.private_key = grumpkin::fr::random_element();
account.public_key = grumpkin::g1::one * account.private_key;
schnorr_signature signature_raw =
schnorr_construct_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(message_string, account);
uint256_t pub_x = account.public_key.x;
uint256_t pub_y = account.public_key.y;
WitnessVector witness{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, pub_x, pub_y, 5, 202, 31, 146,
81, 242, 246, 69, 43, 107, 249, 153, 198, 44, 14, 111, 191, 121, 137, 166,
160, 103, 18, 181, 243, 233, 226, 95, 67, 16, 37, 128, 85, 76, 19, 253,
30, 77, 192, 53, 138, 205, 69, 33, 236, 163, 83, 194, 84, 137, 184, 221,
176, 121, 179, 27, 63, 70, 54, 16, 176, 250, 39, 239, 1, 0, 0, 0 };
for (size_t i = 0; i < 32; ++i) {
witness[13 + i - 1] = signature_raw.s[i];
witness[13 + 32 + i - 1] = signature_raw.e[i];
}
for (size_t i = 0; i < 10; ++i) {
witness[i] = message_string[i];
}

auto builder = create_circuit(constraint_system, /*recursive*/ false, /*size_hint*/ 0, witness);

auto composer = Composer();
auto prover = composer.create_ultra_with_keccak_prover(builder);
auto proof = prover.construct_proof();

auto verifier = composer.create_ultra_with_keccak_verifier(builder);

EXPECT_EQ(verifier.verify_proof(proof), true);
}

TEST_F(AcirFormatTests, TestSchnorrVerifySmallRange)
{
std::vector<RangeConstraint> range_constraints;
std::vector<size_t> range_opcode_indices;
size_t current_opcode = 0;

for (uint32_t i = 0; i < 10; i++) {
range_constraints.push_back(RangeConstraint{
.witness = i,
.num_bits = 8,
});
range_opcode_indices.push_back(current_opcode++);
}

std::array<uint32_t, 64> signature;
for (uint32_t i = 0, value = 12; i < 64; i++, value++) {
signature[i] = value;
range_constraints.push_back(RangeConstraint{
.witness = value,
.num_bits = 8,
});
range_opcode_indices.push_back(current_opcode++);
}

SchnorrConstraint schnorr_constraint{
.message = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 },
.public_key_x = 10,
.public_key_y = 11,
.result = 76,
.signature = signature,
};
AcirFormat constraint_system{
.varnum = 81,
.num_acir_opcodes = 76,
.public_inputs = {},
.logic_constraints = {},
.range_constraints = range_constraints,
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = { schnorr_constraint },
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
.blake3_constraints = {},
.keccak_permutations = {},
.poseidon2_constraints = {},
.multi_scalar_mul_constraints = {},
.ec_add_constraints = {},
.recursion_constraints = {},
.honk_recursion_constraints = {},
.avm_recursion_constraints = {},
.ivc_recursion_constraints = {},
.bigint_from_le_bytes_constraints = {},
.bigint_to_le_bytes_constraints = {},
.bigint_operations = {},
.assert_equalities = {},
.poly_triple_constraints = { poly_triple{
.a = schnorr_constraint.result,
.b = schnorr_constraint.result,
.c = schnorr_constraint.result,
.q_m = 0,
.q_l = 0,
.q_r = 0,
.q_o = 1,
.q_c = fr::neg_one(),
} },
.quad_constraints = {},
.big_quad_constraints = {},
.block_constraints = {},
.original_opcode_indices = create_empty_original_opcode_indices(),
};
mock_opcode_indices(constraint_system);

std::string message_string = "tenletters";
schnorr_key_pair<grumpkin::fr, grumpkin::g1> account;
account.private_key = grumpkin::fr::random_element();
account.public_key = grumpkin::g1::one * account.private_key;
schnorr_signature signature_raw =
schnorr_construct_signature<Blake2sHasher, grumpkin::fq, grumpkin::fr, grumpkin::g1>(message_string, account);
uint256_t pub_x = account.public_key.x;
uint256_t pub_y = account.public_key.y;
WitnessVector witness{ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, pub_x, pub_y, 5, 202, 31, 146,
81, 242, 246, 69, 43, 107, 249, 153, 198, 44, 14, 111, 191, 121, 137, 166,
160, 103, 18, 181, 243, 233, 226, 95, 67, 16, 37, 128, 85, 76, 19, 253,
30, 77, 192, 53, 138, 205, 69, 33, 236, 163, 83, 194, 84, 137, 184, 221,
176, 121, 179, 27, 63, 70, 54, 16, 176, 250, 39, 239, 1, 0, 0, 0 };
for (size_t i = 0; i < 32; ++i) {
witness[13 + i - 1] = signature_raw.s[i];
witness[13 + 32 + i - 1] = signature_raw.e[i];
}
for (size_t i = 0; i < 10; ++i) {
witness[i] = message_string[i];
}

// TODO: actually sign a schnorr signature!
auto builder = create_circuit(constraint_system, /*recursive*/ false, /*size_hint*/ 0, witness);

auto composer = Composer();
auto prover = composer.create_ultra_with_keccak_prover(builder);
auto proof = prover.construct_proof();
auto verifier = composer.create_ultra_with_keccak_verifier(builder);
EXPECT_EQ(verifier.verify_proof(proof), true);
}

TEST_F(AcirFormatTests, TestKeccakPermutation)
{
Keccakf1600
Expand Down Expand Up @@ -457,7 +245,6 @@ TEST_F(AcirFormatTests, TestKeccakPermutation)
.range_constraints = {},
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = {},
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
Expand Down Expand Up @@ -530,7 +317,6 @@ TEST_F(AcirFormatTests, TestCollectsGateCounts)
.range_constraints = {},
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = {},
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
Expand Down Expand Up @@ -660,7 +446,6 @@ TEST_F(AcirFormatTests, TestBigAdd)
.range_constraints = {},
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = {},
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
Expand Down Expand Up @@ -695,4 +480,4 @@ TEST_F(AcirFormatTests, TestBigAdd)
EXPECT_TRUE(CircuitChecker::check(builder));
auto verifier = composer.create_verifier(builder);
EXPECT_EQ(verifier.verify_proof(proof), true);
}
}
4 changes: 0 additions & 4 deletions barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_format_mocks.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ acir_format::AcirFormatOriginalOpcodeIndices create_empty_original_opcode_indice
.range_constraints = {},
.aes128_constraints = {},
.sha256_compression = {},
.schnorr_constraints = {},
.ecdsa_k1_constraints = {},
.ecdsa_r1_constraints = {},
.blake2s_constraints = {},
Expand Down Expand Up @@ -45,9 +44,6 @@ void mock_opcode_indices(acir_format::AcirFormat& constraint_system)
for (size_t i = 0; i < constraint_system.sha256_compression.size(); i++) {
constraint_system.original_opcode_indices.sha256_compression.push_back(current_opcode++);
}
for (size_t i = 0; i < constraint_system.schnorr_constraints.size(); i++) {
constraint_system.original_opcode_indices.schnorr_constraints.push_back(current_opcode++);
}
for (size_t i = 0; i < constraint_system.ecdsa_k1_constraints.size(); i++) {
constraint_system.original_opcode_indices.ecdsa_k1_constraints.push_back(current_opcode++);
}
Expand Down
12 changes: 0 additions & 12 deletions barretenberg/cpp/src/barretenberg/dsl/acir_format/acir_to_constraint_buf.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -560,18 +560,6 @@ void handle_blackbox_func_call(Program::Opcode::BlackBoxFuncCall const& arg,
af.constrained_witness.insert(output);
}
af.original_opcode_indices.blake3_constraints.push_back(opcode_index);
} else if constexpr (std::is_same_v<T, Program::BlackBoxFuncCall::SchnorrVerify>) {
auto input_pkey_x = get_witness_from_function_input(arg.public_key_x);
auto input_pkey_y = get_witness_from_function_input(arg.public_key_y);
af.schnorr_constraints.push_back(SchnorrConstraint{
.message = map(arg.message, [](auto& e) { return get_witness_from_function_input(e); }),
.public_key_x = input_pkey_x,
.public_key_y = input_pkey_y,
.result = arg.output.value,
.signature = map(arg.signature, [](auto& e) { return get_witness_from_function_input(e); }),
});
af.original_opcode_indices.schnorr_constraints.push_back(opcode_index);
af.constrained_witness.insert(af.schnorr_constraints.back().result);
} else if constexpr (std::is_same_v<T, Program::BlackBoxFuncCall::EcdsaSecp256k1>) {
af.ecdsa_k1_constraints.push_back(EcdsaSecp256k1Constraint{
.hashed_message =
Expand Down
Loading

0 comments on commit 93cd323

Please sign in to comment.