-
Notifications
You must be signed in to change notification settings - Fork 219
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: simplify constant calls to
poseidon2_permutation
, `schnorr_ve…
…rify` and `embedded_curve_add` (#5140) # Description ## Problem\* Resolves <!-- Link to GitHub Issue --> ## Summary\* Now that we have rust implementations of all blackbox functions, we can perform any pedersen operations with constant inputs at compile-time. We couldn't do this before as it would have required an async initialisation step for the wasm compiler but that is no longer an issue. I've done this by using compile-time flags to select the blackbox solver we're using. If nargo is compiled with a non-bn254 field then it will not perform these optimizations. The ultimate plan is for this solver to be specified by the end user in a similar way to the way the field definition is. ## Additional Context ## Documentation\* Check one: - [x] No documentation needed. - [ ] Documentation included in this PR. - [ ] **[For Experimental Features]** Documentation to be submitted in a separate PR. # PR Checklist\* - [x] I have tested the changes locally. - [x] I have formatted the changes with [Prettier](https://prettier.io/) and/or `cargo fmt` on default settings.
- Loading branch information
1 parent
716a774
commit 2823ba7
Showing
17 changed files
with
357 additions
and
22 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
190 changes: 190 additions & 0 deletions
190
compiler/noirc_evaluator/src/ssa/ir/instruction/call/blackbox.rs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,190 @@ | ||
use std::rc::Rc; | ||
|
||
use acvm::{acir::AcirField, BlackBoxFunctionSolver, BlackBoxResolutionError, FieldElement}; | ||
use iter_extended::vecmap; | ||
|
||
use crate::ssa::ir::{ | ||
dfg::DataFlowGraph, instruction::SimplifyResult, types::Type, value::ValueId, | ||
}; | ||
|
||
use super::{array_is_constant, make_constant_array, to_u8_vec}; | ||
|
||
pub(super) fn simplify_ec_add( | ||
dfg: &mut DataFlowGraph, | ||
solver: impl BlackBoxFunctionSolver<FieldElement>, | ||
arguments: &[ValueId], | ||
) -> SimplifyResult { | ||
match ( | ||
dfg.get_numeric_constant(arguments[0]), | ||
dfg.get_numeric_constant(arguments[1]), | ||
dfg.get_numeric_constant(arguments[2]), | ||
dfg.get_numeric_constant(arguments[3]), | ||
dfg.get_numeric_constant(arguments[4]), | ||
dfg.get_numeric_constant(arguments[5]), | ||
) { | ||
( | ||
Some(point1_x), | ||
Some(point1_y), | ||
Some(point1_is_infinity), | ||
Some(point2_x), | ||
Some(point2_y), | ||
Some(point2_is_infinity), | ||
) => { | ||
let Ok((result_x, result_y, result_is_infinity)) = solver.ec_add( | ||
&point1_x, | ||
&point1_y, | ||
&point1_is_infinity, | ||
&point2_x, | ||
&point2_y, | ||
&point2_is_infinity, | ||
) else { | ||
return SimplifyResult::None; | ||
}; | ||
|
||
let result_x = dfg.make_constant(result_x, Type::field()); | ||
let result_y = dfg.make_constant(result_y, Type::field()); | ||
let result_is_infinity = dfg.make_constant(result_is_infinity, Type::bool()); | ||
|
||
let typ = Type::Array(Rc::new(vec![Type::field()]), 3); | ||
let result_array = | ||
dfg.make_array(im::vector![result_x, result_y, result_is_infinity], typ); | ||
|
||
SimplifyResult::SimplifiedTo(result_array) | ||
} | ||
_ => SimplifyResult::None, | ||
} | ||
} | ||
|
||
pub(super) fn simplify_poseidon2_permutation( | ||
dfg: &mut DataFlowGraph, | ||
solver: impl BlackBoxFunctionSolver<FieldElement>, | ||
arguments: &[ValueId], | ||
) -> SimplifyResult { | ||
match (dfg.get_array_constant(arguments[0]), dfg.get_numeric_constant(arguments[1])) { | ||
(Some((state, _)), Some(state_length)) if array_is_constant(dfg, &state) => { | ||
let state: Vec<FieldElement> = state | ||
.iter() | ||
.map(|id| { | ||
dfg.get_numeric_constant(*id) | ||
.expect("value id from array should point at constant") | ||
}) | ||
.collect(); | ||
|
||
let Some(state_length) = state_length.try_to_u32() else { | ||
return SimplifyResult::None; | ||
}; | ||
|
||
let Ok(new_state) = solver.poseidon2_permutation(&state, state_length) else { | ||
return SimplifyResult::None; | ||
}; | ||
|
||
let result_array = make_constant_array(dfg, new_state, Type::field()); | ||
|
||
SimplifyResult::SimplifiedTo(result_array) | ||
} | ||
_ => SimplifyResult::None, | ||
} | ||
} | ||
|
||
pub(super) fn simplify_schnorr_verify( | ||
dfg: &mut DataFlowGraph, | ||
solver: impl BlackBoxFunctionSolver<FieldElement>, | ||
arguments: &[ValueId], | ||
) -> SimplifyResult { | ||
match ( | ||
dfg.get_numeric_constant(arguments[0]), | ||
dfg.get_numeric_constant(arguments[1]), | ||
dfg.get_array_constant(arguments[2]), | ||
dfg.get_array_constant(arguments[3]), | ||
) { | ||
(Some(public_key_x), Some(public_key_y), Some((signature, _)), Some((message, _))) | ||
if array_is_constant(dfg, &signature) && array_is_constant(dfg, &message) => | ||
{ | ||
let signature = to_u8_vec(dfg, signature); | ||
let signature: [u8; 64] = | ||
signature.try_into().expect("Compiler should produce correctly sized signature"); | ||
|
||
let message = to_u8_vec(dfg, message); | ||
|
||
let Ok(valid_signature) = | ||
solver.schnorr_verify(&public_key_x, &public_key_y, &signature, &message) | ||
else { | ||
return SimplifyResult::None; | ||
}; | ||
|
||
let valid_signature = dfg.make_constant(valid_signature.into(), Type::bool()); | ||
SimplifyResult::SimplifiedTo(valid_signature) | ||
} | ||
_ => SimplifyResult::None, | ||
} | ||
} | ||
|
||
pub(super) fn simplify_hash( | ||
dfg: &mut DataFlowGraph, | ||
arguments: &[ValueId], | ||
hash_function: fn(&[u8]) -> Result<[u8; 32], BlackBoxResolutionError>, | ||
) -> SimplifyResult { | ||
match dfg.get_array_constant(arguments[0]) { | ||
Some((input, _)) if array_is_constant(dfg, &input) => { | ||
let input_bytes: Vec<u8> = to_u8_vec(dfg, input); | ||
|
||
let hash = hash_function(&input_bytes) | ||
.expect("Rust solvable black box function should not fail"); | ||
|
||
let hash_values = vecmap(hash, |byte| FieldElement::from_be_bytes_reduce(&[byte])); | ||
|
||
let result_array = make_constant_array(dfg, hash_values, Type::unsigned(8)); | ||
SimplifyResult::SimplifiedTo(result_array) | ||
} | ||
_ => SimplifyResult::None, | ||
} | ||
} | ||
|
||
type ECDSASignatureVerifier = fn( | ||
hashed_msg: &[u8], | ||
public_key_x: &[u8; 32], | ||
public_key_y: &[u8; 32], | ||
signature: &[u8; 64], | ||
) -> Result<bool, BlackBoxResolutionError>; | ||
|
||
pub(super) fn simplify_signature( | ||
dfg: &mut DataFlowGraph, | ||
arguments: &[ValueId], | ||
signature_verifier: ECDSASignatureVerifier, | ||
) -> SimplifyResult { | ||
match ( | ||
dfg.get_array_constant(arguments[0]), | ||
dfg.get_array_constant(arguments[1]), | ||
dfg.get_array_constant(arguments[2]), | ||
dfg.get_array_constant(arguments[3]), | ||
) { | ||
( | ||
Some((public_key_x, _)), | ||
Some((public_key_y, _)), | ||
Some((signature, _)), | ||
Some((hashed_message, _)), | ||
) if array_is_constant(dfg, &public_key_x) | ||
&& array_is_constant(dfg, &public_key_y) | ||
&& array_is_constant(dfg, &signature) | ||
&& array_is_constant(dfg, &hashed_message) => | ||
{ | ||
let public_key_x: [u8; 32] = to_u8_vec(dfg, public_key_x) | ||
.try_into() | ||
.expect("ECDSA public key fields are 32 bytes"); | ||
let public_key_y: [u8; 32] = to_u8_vec(dfg, public_key_y) | ||
.try_into() | ||
.expect("ECDSA public key fields are 32 bytes"); | ||
let signature: [u8; 64] = | ||
to_u8_vec(dfg, signature).try_into().expect("ECDSA signatures are 64 bytes"); | ||
let hashed_message: Vec<u8> = to_u8_vec(dfg, hashed_message); | ||
|
||
let valid_signature = | ||
signature_verifier(&hashed_message, &public_key_x, &public_key_y, &signature) | ||
.expect("Rust solvable black box function should not fail"); | ||
|
||
let valid_signature = dfg.make_constant(valid_signature.into(), Type::bool()); | ||
SimplifyResult::SimplifiedTo(valid_signature) | ||
} | ||
_ => SimplifyResult::None, | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 7 additions & 0 deletions
7
test_programs/compile_success_empty/embedded_curve_add_simplification/Nargo.toml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
[package] | ||
name = "embedded_curve_add_simplification" | ||
type = "bin" | ||
authors = [""] | ||
compiler_version = ">=0.23.0" | ||
|
||
[dependencies] |
11 changes: 11 additions & 0 deletions
11
test_programs/compile_success_empty/embedded_curve_add_simplification/src/main.nr
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
use std::embedded_curve_ops::{EmbeddedCurvePoint, EmbeddedCurveScalar, multi_scalar_mul}; | ||
|
||
fn main() { | ||
let zero = EmbeddedCurvePoint::point_at_infinity(); | ||
let g1 = EmbeddedCurvePoint { x: 1, y: 17631683881184975370165255887551781615748388533673675138860, is_infinite: false }; | ||
|
||
assert(g1 + zero == g1); | ||
assert(g1 - g1 == zero); | ||
assert(g1 - zero == g1); | ||
assert(zero + zero == zero); | ||
} |
7 changes: 7 additions & 0 deletions
7
test_programs/compile_success_empty/poseidon2_simplification/Nargo.toml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
[package] | ||
name = "poseidon2_simplification" | ||
type = "bin" | ||
authors = [""] | ||
compiler_version = ">=0.33.0" | ||
|
||
[dependencies] |
7 changes: 7 additions & 0 deletions
7
test_programs/compile_success_empty/poseidon2_simplification/src/main.nr
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
use std::hash::poseidon2; | ||
|
||
fn main() { | ||
let digest = poseidon2::Poseidon2::hash([0], 1); | ||
let expected_digest = 0x2710144414c3a5f2354f4c08d52ed655b9fe253b4bf12cb9ad3de693d9b1db11; | ||
assert_eq(digest, expected_digest); | ||
} |
6 changes: 6 additions & 0 deletions
6
test_programs/compile_success_empty/schnorr_simplification/Nargo.toml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
[package] | ||
name = "schnorr_simplification" | ||
type = "bin" | ||
authors = [""] | ||
|
||
[dependencies] |
Oops, something went wrong.