From 753389a2caa76e8e36b28f48abaf09c5b7ec4126 Mon Sep 17 00:00:00 2001 From: Linda Guiga <101227802+LindaGuiga@users.noreply.github.com> Date: Thu, 30 Jan 2025 21:02:20 +0100 Subject: [PATCH 1/4] Fix padding for LookupTableGate (#1661) --- plonky2/src/plonk/prover.rs | 1 - plonky2/src/plonk/vanishing_poly.rs | 8 ++++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/plonky2/src/plonk/prover.rs b/plonky2/src/plonk/prover.rs index 2b450b01..ff3bb0c6 100644 --- a/plonky2/src/plonk/prover.rs +++ b/plonky2/src/plonk/prover.rs @@ -94,7 +94,6 @@ pub fn set_lookup_wires< multiplicities[0] += 1; } - // We don't need to pad the last `LookupTableGate`; extra wires are set to 0 by default, which satisfies the constraints. for lut_entry in 0..lut_len { let row = first_lut_gate - lut_entry / num_lut_entries; let col = lut_entry % num_lut_entries; diff --git a/plonky2/src/plonk/vanishing_poly.rs b/plonky2/src/plonk/vanishing_poly.rs index 5d26f68e..48179ce6 100644 --- a/plonky2/src/plonk/vanishing_poly.rs +++ b/plonky2/src/plonk/vanishing_poly.rs @@ -36,8 +36,8 @@ pub(crate) fn get_lut_poly, const D: usize>( let b = deltas[LookupChallenges::ChallengeB as usize]; let mut coeffs = Vec::with_capacity(common_data.luts[lut_index].len()); let n = common_data.luts[lut_index].len(); - let nb_padded_elts = LookupTableGate::num_slots(&common_data.config) - - n % LookupTableGate::num_slots(&common_data.config); + let nb_slots = LookupTableGate::num_slots(&common_data.config); + let nb_padded_elts = (nb_slots - n % nb_slots) % nb_slots; let (padding_inp, padding_out) = common_data.luts[lut_index][0]; for (input, output) in common_data.luts[lut_index].iter() { coeffs.push(F::from_canonical_u16(*input) + b * F::from_canonical_u16(*output)); @@ -763,8 +763,8 @@ pub(crate) fn get_lut_poly_circuit, const D: usize> let b = deltas[LookupChallenges::ChallengeB as usize]; let delta = deltas[LookupChallenges::ChallengeDelta as usize]; let n = common_data.luts[lut_index].len(); - let nb_padded_elts = LookupTableGate::num_slots(&common_data.config) - - n % LookupTableGate::num_slots(&common_data.config); + let nb_slots = LookupTableGate::num_slots(&common_data.config); + let nb_padded_elts = (nb_slots - n % nb_slots) % nb_slots; let (padding_inp, padding_out) = common_data.luts[lut_index][0]; let mut coeffs: Vec = common_data.luts[lut_index] .iter() From 1aa32519eb839b12fc25d9670cd046069bbe5094 Mon Sep 17 00:00:00 2001 From: Robin Salen <30937548+Nashtare@users.noreply.github.com> Date: Thu, 30 Jan 2025 15:14:13 -0500 Subject: [PATCH 2/4] Fix clippy (#1662) --- field/src/fft.rs | 2 +- field/src/prime_field_testing.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/field/src/fft.rs b/field/src/fft.rs index 5fe29b31..d078ca6c 100644 --- a/field/src/fft.rs +++ b/field/src/fft.rs @@ -222,7 +222,7 @@ mod tests { // "random", the last degree_padded-degree of them are zero. let coeffs = (0..degree) .map(|i| F::from_canonical_usize(i * 1337 % 100)) - .chain(core::iter::repeat(F::ZERO).take(degree_padded - degree)) + .chain(core::iter::repeat_n(F::ZERO, degree_padded - degree)) .collect::>(); assert_eq!(coeffs.len(), degree_padded); let coefficients = PolynomialCoeffs { coeffs }; diff --git a/field/src/prime_field_testing.rs b/field/src/prime_field_testing.rs index 42dc9462..f3f4e001 100644 --- a/field/src/prime_field_testing.rs +++ b/field/src/prime_field_testing.rs @@ -160,7 +160,7 @@ macro_rules! test_prime_field_arithmetic { fn subtraction_double_wraparound() { type F = $field; - let (a, b) = (F::from_canonical_u64((F::ORDER + 1u64) / 2u64), F::TWO); + let (a, b) = (F::from_canonical_u64(F::ORDER.div_ceil(2u64)), F::TWO); let x = a * b; assert_eq!(x, F::ONE); assert_eq!(F::ZERO - x, F::NEG_ONE); From 0362deb648f1d72895170723e2d41b63a2a63861 Mon Sep 17 00:00:00 2001 From: Robin Salen Date: Thu, 30 Jan 2025 15:15:15 -0500 Subject: [PATCH 3/4] Bump patch version --- plonky2/Cargo.toml | 2 +- starky/Cargo.toml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/plonky2/Cargo.toml b/plonky2/Cargo.toml index 50ac22b8..8f1bf87e 100644 --- a/plonky2/Cargo.toml +++ b/plonky2/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "plonky2" description = "Recursive SNARKs based on PLONK and FRI" -version = "1.0.1" +version = "1.0.2" authors = ["Daniel Lubarov ", "William Borgeaud ", "Nicholas Ward "] readme = "README.md" edition.workspace = true diff --git a/starky/Cargo.toml b/starky/Cargo.toml index d34a9b43..1e8538fe 100644 --- a/starky/Cargo.toml +++ b/starky/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "starky" description = "Implementation of STARKs" -version = "1.0.1" +version = "1.0.2" authors = ["Daniel Lubarov ", "William Borgeaud "] readme = "README.md" edition.workspace = true @@ -27,7 +27,7 @@ serde = { workspace = true, features = ["rc"] } num-bigint = { version = "0.4.3", default-features = false } # Local dependencies -plonky2 = { version = "1.0.1", path = "../plonky2", default-features = false } +plonky2 = { version = "1.0.2", path = "../plonky2", default-features = false } plonky2_maybe_rayon = { version = "1.0.0", path = "../maybe_rayon", default-features = false } plonky2_util = { version = "1.0.0", path = "../util", default-features = false } From 4e0834d71150af6001a82411bd1934e0648fae2f Mon Sep 17 00:00:00 2001 From: Robin Salen <30937548+Nashtare@users.noreply.github.com> Date: Thu, 30 Jan 2025 15:46:51 -0500 Subject: [PATCH 4/4] Misc updates (#1663) --- LICENSE-APACHE | 2 +- LICENSE-MIT | 2 +- README.md | 10 ++++------ SECURITY.md | 6 ++++++ 4 files changed, 12 insertions(+), 8 deletions(-) diff --git a/LICENSE-APACHE b/LICENSE-APACHE index 1e5006dc..1671e4c4 100644 --- a/LICENSE-APACHE +++ b/LICENSE-APACHE @@ -186,7 +186,7 @@ APPENDIX: How to apply the Apache License to your work. same "printed page" as the copyright notice for easier identification within third-party archives. -Copyright [yyyy] [name of copyright owner] +Copyright [2022-2025] The Plonky2 Authors Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/LICENSE-MIT b/LICENSE-MIT index 86d690b2..5bfb7cb0 100644 --- a/LICENSE-MIT +++ b/LICENSE-MIT @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2022 The Plonky2 Authors +Copyright (c) 2022-2025 The Plonky2 Authors Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index c182f9cb..49a6ec05 100644 --- a/README.md +++ b/README.md @@ -84,7 +84,10 @@ at your option. ## Security -This code has not yet been audited, and should not be used in any production systems. +This code has been audited prior to the `v1.0.0` release. The audits reports and findings are available in the [audits](./audits/) folder of this repository. +An audited codebase isn't necessarily free of bugs and security exploits, hence we recommend care when using `plonky2` in production settings. + +If you find a security issue in the codebase, please refer to our [Security guidelines](./SECURITY.md) for private disclosure. While Plonky2 is configurable, its defaults generally target 100 bits of security. The default FRI configuration targets 100 bits of *conjectured* security based on the conjecture in [ethSTARK](https://eprint.iacr.org/2021/582). @@ -93,12 +96,7 @@ Plonky2's default hash function is Poseidon, configured with 8 full rounds, 22 p ## Links -#### Actively maintained - - [Polygon Zero's zkEVM](https://github.com/0xPolygonZero/zk_evm), an efficient Type 1 zkEVM built on top of Starky and plonky2 - -#### No longer maintained - - [System Zero](https://github.com/0xPolygonZero/system-zero), a zkVM built on top of Starky - [Waksman](https://github.com/0xPolygonZero/plonky2-waksman), Plonky2 gadgets for permutation checking using Waksman networks - [Insertion](https://github.com/0xPolygonZero/plonky2-insertion), Plonky2 gadgets for insertion into a list diff --git a/SECURITY.md b/SECURITY.md index d8e87e74..821ff566 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,5 +1,11 @@ # Polygon Technology Security Information +For findings related to plonky2 repository, please contact us with relevant information privately +through our security contact details: security@polygon.technology. + +Depending on the severity of the findings, the team may reserve the rights to keep the information private +while addressing it internally, and disclose it along a new release after having informed relevant parties. + ## Link to vulnerability disclosure details (Bug Bounty). - Websites and Applications: https://hackerone.com/polygon-technology - Smart Contracts: https://immunefi.com/bounty/polygon