logos-storage/logos-storage-proofs-circuits
1
0
Fork 0
mirror of https://github.com/logos-storage/logos-storage-proofs-circuits.git synced 2026-01-05 06:53:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

circuit: remove trailing spaces

Browse Source
This commit is contained in:
Mark Spanbroek 2024-02-08 13:40:44 +01:00
parent 2b88a00fb0
commit bbc97a796a
8 changed files with 48 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
circuit/binary_compare.circom
View File

@ -3,8 +3,8 @@ pragma circom 2.0.0;
//------------------------------------------------------------------------------
//
// given two numbers in `n`-bit binary decomposition (little-endian), we compute
//
// given two numbers in `n`-bit binary decomposition (little-endian), we compute
//
// / -1 if A < B
// out := { 0 if A == B
// \ +1 if A > B
@ -12,7 +12,7 @@ pragma circom 2.0.0;
// NOTE: we don't check that the digits are indeed binary;
// that's the responsibility of the caller!
//
// This version uses `(3*n-1)` nonlinear constraints.
// This version uses `(3*n-1)` nonlinear constraints.
// Question: can we do better? (note that this has to work with n >= 254 digits too!)
//
@ -42,11 +42,11 @@ template BinaryCompare(n) {
//------------------------------------------------------------------------------
//
// given two numbers in `n`-bit binary decomposition (little-endian), we compute
// given two numbers in `n`-bit binary decomposition (little-endian), we compute
//
// out := (A <= B) ? 1 : 0
//
// NOTE: we don't check that the digits are indeed binary;
// NOTE: we don't check that the digits are indeed binary;
// that's the responsibility of the caller!
//
@ -69,11 +69,11 @@ template BinaryLessOrEqual(n) {
//------------------------------------------------------------------------------
//
// given two numbers in `n`-bit binary decomposition (little-endian), we compute
// given two numbers in `n`-bit binary decomposition (little-endian), we compute
//
// out := (A >= B) ? 1 : 0
//
// NOTE: we don't check that the digits are indeed binary;
// NOTE: we don't check that the digits are indeed binary;
// that's the responsibility of the caller!
//

10
circuit/extract_bits.circom
View File

@ -5,12 +5,12 @@ include "misc.circom";
//------------------------------------------------------------------------------
//
//
// extract the lowest `n` bits from a field element.
//
// NOTE: this is rather nontrivial, as everything is computed modulo `r`,
// NOTE: this is rather nontrivial, as everything is computed modulo `r`,
// so naive bit decomposition does not work (there are multiple solutions).
//
//
// TODO: optimize this
//
@ -33,7 +33,7 @@ template ExtractLowerBits(n) {
le.out === -1; // enforce `A < B`, that is, `bits < prime`
// extract the lowest `n` bits
for(var i=0; i<n; i++) {
for(var i=0; i<n; i++) {
tb.out[i] ==> out[i];
}
@ -66,7 +66,7 @@ template ExtractLowerBits_testfield65537(n) {
le.out === -1; // enforce `A < B`, that is, `bits < prime`
// extract the lowest `n` bits
for(var i=0; i<n; i++) {
for(var i=0; i<n; i++) {
tb.out[i] ==> out[i];
}

16
circuit/log2.circom
View File

@ -3,7 +3,7 @@ pragma circom 2.0.0;
include "misc.circom";
//------------------------------------------------------------------------------
//
//
// given an input `inp`, this template checks that inp == 2^out
// with 0 < out <= n
//
@ -13,14 +13,14 @@ include "misc.circom";
template Log2(n) {
signal input inp;
signal output out;
signal output out;
signal output mask[n+1];
// mask will be a vector [1,1,1,...1,0,...,0,0]
// which can change only where inp == 2^out
var log2 = -1;
for(var i=0; i<=n; i++) {
for(var i=0; i<=n; i++) {
mask[i] <-- ((2**i) < inp) ? 1 : 0;
if (2**i == inp) { log2 = i; }
}
@ -31,17 +31,17 @@ template Log2(n) {
mask[n] === 0;
var sum = 0;
for(var i=0; i<n; i++) {
for(var i=0; i<n; i++) {
sum += (2**(i+1)) * (mask[i] - mask[i+1]);
0 === (mask[i] - mask[i+1]) * (i + 1 - out);
}
inp === sum;
inp === sum;
}
//------------------------------------------------------------------------------
//
//
// given an input `inp`, this template computes `out := k` such that 2^k <= inp < 2^{k+1}
// it also returns the binary decomposition of `inp-1`, and the binary deocmpositiom
// of the mask `(2^k-1)`
@ -54,12 +54,12 @@ template Log2(n) {
template CeilingLog2(n) {
signal input inp;
signal output out;
signal output out;
signal output bits[n];
signal output mask[n+1];
component tb = ToBits(n);
tb.inp <== inp - 1;
tb.inp <== inp - 1;
tb.out ==> bits;
signal aux[n+1];

8
circuit/merkle.circom
View File

@ -25,7 +25,7 @@ include "misc.circom";
//
template RootFromMerklePath( maxDepth ) {
signal input leaf;
signal input pathBits[ maxDepth ]; // bits of the linear index
signal input lastBits[ maxDepth ]; // bits of the last linear index `= size-1`
@ -37,14 +37,14 @@ template RootFromMerklePath( maxDepth ) {
signal aux[ maxDepth+1 ];
aux[0] <== leaf;
// compute which prefixes (in big-endian) of the index is
// compute which prefixes (in big-endian) of the index is
// the same as the corresponding prefix of the last index
component eq[ maxDepth ];
signal isLast[ maxDepth+1 ];
isLast[ maxDepth ] <== 1;
for(var i=maxDepth-1; i>=0; i--) {
eq[i] = IsEqual();
eq[i].A <== pathBits[i];
eq[i].A <== pathBits[i];
eq[i].B <== lastBits[i];
isLast[i] <== isLast[i+1] * eq[i].out;
}
@ -63,7 +63,7 @@ template RootFromMerklePath( maxDepth ) {
var R = merklePath[i];
// based on pathBits[i], we switch or not
switch[i] <== (R-L) * pathBits[i];
comp[i].key <== bottom + 2*odd;
comp[i].inp[0] <== L + switch[i];

4
circuit/misc.circom
View File

@ -33,11 +33,11 @@ template IsZero() {
out <== 1 - inp * inv;
// enfore that either `inp` or `out` must be zero
inp*out === 0;
inp*out === 0;
}
//------------------------------------------------------------------------------
// check equality of two field elements; that is, computes `(A==B) ? 1 : 0`
// check equality of two field elements; that is, computes `(A==B) ? 1 : 0`
template IsEqual() {
signal input A,B;

20
circuit/poseidon2_perm.circom
View File

@ -1,7 +1,7 @@
pragma circom 2.0.0;
//
// The Poseidon2 permutation for bn128 and t=3
// The Poseidon2 permutation for bn128 and t=3
//
//------------------------------------------------------------------------------
@ -24,7 +24,7 @@ template InternalRound(i) {
signal input inp[3];
signal output out[3];
var round_consts[56] =
var round_consts[56] =
[ 0x15ce7e5ae220e8623a40b3a3b22d441eff0c9be1ae1d32f1b777af84eea7e38c
, 0x1bf60ac8bfff0f631983c93e218ca0d4a4059c254b4299b1d9984a07edccfaf0
, 0x0fab0c9387cb2bec9dc11b2951088b9e1e1d2978542fc131f74a8f8fdac95b40
@ -99,11 +99,11 @@ template ExternalRound(i) {
signal input inp[3];
signal output out[3];
var round_consts[8][3] =
var round_consts[8][3] =
[ [ 0x2c4c51fd1bb9567c27e99f5712b49e0574178b41b6f0a476cddc41d242cf2b43
, 0x1c5f8d18acb9c61ec6fcbfcda5356f1b3fdee7dc22c99a5b73a2750e5b054104
, 0x2d3c1988b4541e4c045595b8d574e98a7c2820314a82e67a4e380f1c4541ba90
, 0x2d3c1988b4541e4c045595b8d574e98a7c2820314a82e67a4e380f1c4541ba90
]
, [ 0x052547dc9e6d936cab6680372f1734c39f490d0cb970e2077c82f7e4172943d3
, 0x29d967f4002adcbb5a6037d644d36db91f591b088f69d9b4257694f5f9456bc2
@ -120,19 +120,19 @@ template ExternalRound(i) {
, [ 0x25672a14b5d085e31a30a7e1d5675ebfab034fb04dc2ec5e544887523f98dede
, 0x0cf702434b891e1b2f1d71883506d68cdb1be36fa125674a3019647b3a98accd
, 0x1837e75235ff5d112a5eddf7a4939448748339e7b5f2de683cf0c0ae98bdfbb3
]
]
, [ 0x1cd8a14cff3a61f04197a083c6485581a7d836941f6832704837a24b2d15613a
, 0x266f6d85be0cef2ece525ba6a54b647ff789785069882772e6cac8131eecc1e4
, 0x0538fde2183c3f5833ecd9e07edf30fe977d28dd6f246d7960889d9928b506b3
]
]
, [ 0x07a0693ff41476abb4664f3442596aa8399fdccf245d65882fce9a37c268aa04
, 0x11eb49b07d33de2bd60ea68e7f652beda15644ed7855ee5a45763b576d216e8e
, 0x08f8887da6ce51a8c06041f64e22697895f34bacb8c0a39ec12bf597f7c67cfc
]
]
, [ 0x2a912ec610191eb7662f86a52cc64c0122bd5ba762e1db8da79b5949fdd38092
, 0x2031d7fd91b80857aa1fef64e23cfad9a9ba8fe8c8d09de92b1edb592a44c290
, 0x0f81ebce43c47711751fa64d6c007221016d485641c28c507d04fd3dc7fba1d2
]
]
];
component sb[3];
@ -154,7 +154,7 @@ template LinearLayer() {
signal output out[3];
out[0] <== 2*inp[0] + inp[1] + inp[2];
out[1] <== inp[0] + 2*inp[1] + inp[2];
out[2] <== inp[0] + inp[1] + 2*inp[2];
out[2] <== inp[0] + inp[1] + 2*inp[2];
}
//------------------------------------------------------------------------------
@ -172,7 +172,7 @@ template Permutation() {
component ext[8];
for(var k=0; k<8; k++) { ext[k] = ExternalRound(k); }
component int[56];
for(var k=0; k<56; k++) { int[k] = InternalRound(k); }

10
circuit/poseidon2_sponge.circom
View File

@ -17,10 +17,10 @@ function min(a,b) {
// c = capacity (1 or 2)
// r = rate = t - c
//
// everything is measured in number of field elements
// everything is measured in number of field elements
//
// we use the padding `10*` from the original Poseidon paper,
// and initial state constant zero. Note that this is different
// and initial state constant zero. Note that this is different
// from the "SAFE padding" recommended in the Poseidon2 paper
// (which uses `0*` padding and a nontrivial initial state)
//
@ -47,7 +47,7 @@ template PoseidonSponge(t, capacity, input_len, output_len) {
signal padded[padded_len];
for(var i=0; i<input_len; i++) { padded[i] <== inp[i]; }
padded[input_len ] <== 1;
for(var i=input_len+1; i<padded_len; i++) { padded[i] <== 0; }
for(var i=input_len+1; i<padded_len; i++) { padded[i] <== 0; }
signal state [nblocks+nout][t ];
signal sorbed[nblocks ][rate];
@ -58,7 +58,7 @@ template PoseidonSponge(t, capacity, input_len, output_len) {
// initialize state
for(var i=0; i<t-1; i++) { state[0][i] <== 0; }
state[0][t-1] <== civ;
state[0][t-1] <== civ;
component absorb [nblocks];
component squeeze[nout-1];
@ -70,7 +70,7 @@ template PoseidonSponge(t, capacity, input_len, output_len) {
var b = padded[m*rate+i];
sorbed[m][i] <== a + b;
}
absorb[m] = Permutation();
for(var j=0 ; j<rate; j++) { absorb[m].inp[j] <== sorbed[m][j]; }
for(var j=rate; j<t ; j++) { absorb[m].inp[j] <== state [m][j]; }

14
circuit/sample_cells.circom
View File

@ -21,16 +21,16 @@ include "misc.circom";
//
template CalculateCellIndexBits( maxLog2N ) {
signal input entropy;
signal input slotRoot;
signal input counter;
signal input cellIndexBitMask[maxLog2N]; // bit mask for the cell index range
signal output indexBits[maxLog2N];
// calculate the hash
component pos = Poseidon2_hash_rate2( 3 ); // input is 3 field elements
component pos = Poseidon2_hash_rate2( 3 ); // input is 3 field elements
signal hash;
pos.inp[0] <== entropy;
pos.inp[1] <== slotRoot;
@ -49,7 +49,7 @@ template CalculateCellIndexBits( maxLog2N ) {
//------------------------------------------------------------------------------
//
//
// sample `nSamples` number of cells; calculate their hashes;
// reconstruct the slot root using the Merkle paths, then
// the dataset root too, and checks if everything is consistent.
@ -76,7 +76,7 @@ template SampleAndProve( maxDepth, maxLog2NSlots, blockTreeDepth, nFieldElemsPer
// -------------------------------------------------------
//
// first we prove the inclusion of the slot root in the dataset-level
// first we prove the inclusion of the slot root in the dataset-level
// (small) Merkle tree
component tbtp = ToBits( maxLog2NSlots );
@ -94,7 +94,7 @@ template SampleAndProve( maxDepth, maxLog2NSlots, blockTreeDepth, nFieldElemsPer
log("top root check = ", mtop.recRoot == dataSetRoot);
mtop.recRoot === dataSetRoot;
// -------------------------------------------------------
//
// then we prove the individual sampled cells
@ -118,7 +118,7 @@ log("top root check = ", mtop.recRoot == dataSetRoot);
calci[cnt] = CalculateCellIndexBits( maxDepth );
prove[cnt] = ProveSingleCell( nFieldElemsPerCell, blockTreeDepth, maxDepth );
// calci[cnt].cellIndexBitMask <== lg.mask;
for(var i=0; i<maxDepth; i++) { calci[cnt].cellIndexBitMask[i] <== lg.mask[i]; }