Merge pull request #404 from mir-protocol/gmimc_config

GMiMC config
2026-01-05 15:23:06 +00:00 · 2021-12-20 19:23:58 +01:00 · 2021-12-20 19:23:58 +01:00 · 2fc1a6156a
commit 2fc1a6156a
parent 30cf4cd0a8 514cca7ebb
2 changed files with 96 additions and 51 deletions
--- a/src/plonk/config.rs
+++ b/src/plonk/config.rs
@ -8,10 +8,12 @@ use crate::field::extension_field::quadratic::QuadraticExtension;
 use crate::field::extension_field::{Extendable, FieldExtension};
 use crate::field::field_types::RichField;
 use crate::field::goldilocks_field::GoldilocksField;
+use crate::gates::gmimc::GMiMCGate;
 use crate::gates::poseidon::PoseidonGate;
 use crate::hash::hash_types::{BytesHash, HashOut};
 use crate::hash::hashing::{
-    compress, hash_n_to_hash, PlonkyPermutation, PoseidonPermutation, SPONGE_WIDTH,
+    compress, hash_n_to_hash, GMiMCPermutation, PlonkyPermutation, PoseidonPermutation,
+    SPONGE_WIDTH,
 };
 use crate::iop::target::{BoolTarget, Target};
 use crate::plonk::circuit_builder::CircuitBuilder;
@ -106,55 +108,54 @@ impl<F: RichField> AlgebraicHasher<F> for PoseidonHash {
    }
 }

-// TODO: Remove width from `GMiMCGate` to make this work.
-// #[derive(Copy, Clone, Debug, Eq, PartialEq)]
-// pub struct GMiMCHash;
-// impl<F: RichField> Hasher<F> for GMiMCHash {
-//     const HASH_SIZE: usize = 4 * 8;
-//     type Hash = HashOut<F>;
-//
-//     fn hash(input: Vec<F>, pad: bool) -> Self::Hash {
-//         hash_n_to_hash::<F, <Self as AlgebraicHasher<F>>::Permutation>(input, pad)
-//     }
-//
-//     fn two_to_one(left: Self::Hash, right: Self::Hash) -> Self::Hash {
-//         compress::<F, <Self as AlgebraicHasher<F>>::Permutation>(left, right)
-//     }
-// }
-//
-// impl<F: RichField> AlgebraicHasher<F> for GMiMCHash {
-//     type Permutation = GMiMCPermutation;
-//
-//     fn permute_swapped<const D: usize>(
-//         inputs: [Target; WIDTH],
-//         swap: BoolTarget,
-//         builder: &mut CircuitBuilder<F, D>,
-//     ) -> [Target; WIDTH]
-//     where
-//         F: Extendable<D>,
-//     {
-//         let gate_type = GMiMCGate::<F, D, W>::new();
-//         let gate = builder.add_gate(gate_type, vec![]);
-//
-//         let swap_wire = GMiMCGate::<F, D, W>::WIRE_SWAP;
-//         let swap_wire = Target::wire(gate, swap_wire);
-//         builder.connect(swap.target, swap_wire);
-//
-//         // Route input wires.
-//         for i in 0..W {
-//             let in_wire = GMiMCGate::<F, D, W>::wire_input(i);
-//             let in_wire = Target::wire(gate, in_wire);
-//             builder.connect(inputs[i], in_wire);
-//         }
-//
-//         // Collect output wires.
-//         (0..W)
-//             .map(|i| Target::wire(gate, input: GMiMCGate<F, D, W>::wire_output(i)))
-//             .collect::<Vec<_>>()
-//             .try_into()
-//             .unwrap()
-//     }
-// }
+#[derive(Copy, Clone, Debug, Eq, PartialEq)]
+pub struct GMiMCHash;
+impl<F: RichField> Hasher<F> for GMiMCHash {
+    const HASH_SIZE: usize = 4 * 8;
+    type Hash = HashOut<F>;
+
+    fn hash(input: Vec<F>, pad: bool) -> Self::Hash {
+        hash_n_to_hash::<F, <Self as AlgebraicHasher<F>>::Permutation>(input, pad)
+    }
+
+    fn two_to_one(left: Self::Hash, right: Self::Hash) -> Self::Hash {
+        compress::<F, <Self as AlgebraicHasher<F>>::Permutation>(left, right)
+    }
+}
+
+impl<F: RichField> AlgebraicHasher<F> for GMiMCHash {
+    type Permutation = GMiMCPermutation;
+
+    fn permute_swapped<const D: usize>(
+        inputs: [Target; SPONGE_WIDTH],
+        swap: BoolTarget,
+        builder: &mut CircuitBuilder<F, D>,
+    ) -> [Target; SPONGE_WIDTH]
+    where
+        F: Extendable<D>,
+    {
+        let gate_type = GMiMCGate::<F, D, SPONGE_WIDTH>::new();
+        let gate = builder.add_gate(gate_type, vec![]);
+
+        let swap_wire = GMiMCGate::<F, D, SPONGE_WIDTH>::WIRE_SWAP;
+        let swap_wire = Target::wire(gate, swap_wire);
+        builder.connect(swap.target, swap_wire);
+
+        // Route input wires.
+        for i in 0..SPONGE_WIDTH {
+            let in_wire = GMiMCGate::<F, D, SPONGE_WIDTH>::wire_input(i);
+            let in_wire = Target::wire(gate, in_wire);
+            builder.connect(inputs[i], in_wire);
+        }
+
+        // Collect output wires.
+        (0..SPONGE_WIDTH)
+            .map(|i| Target::wire(gate, GMiMCGate::<F, D, SPONGE_WIDTH>::wire_output(i)))
+            .collect::<Vec<_>>()
+            .try_into()
+            .unwrap()
+    }
+}

 /// Keccak-256 hash function.
 #[derive(Copy, Clone, Debug, Eq, PartialEq)]
@ -225,6 +226,16 @@ impl AlgebraicConfig<2> for PoseidonGoldilocksConfig {
    type InnerHasher = PoseidonHash;
 }

+/// Configuration using GMiMC over the Goldilocks field.
+#[derive(Debug, Copy, Clone, Eq, PartialEq)]
+pub struct GMiMCGoldilocksConfig;
+impl AlgebraicConfig<2> for GMiMCGoldilocksConfig {
+    type F = GoldilocksField;
+    type FE = QuadraticExtension<Self::F>;
+    type Hasher = GMiMCHash;
+    type InnerHasher = GMiMCHash;
+}
+
 /// Configuration using truncated Keccak over the Goldilocks field.
 #[derive(Debug, Copy, Clone, Eq, PartialEq)]
 pub struct KeccakGoldilocksConfig;
--- a/src/plonk/recursive_verifier.rs
+++ b/src/plonk/recursive_verifier.rs
@ -137,7 +137,9 @@ mod tests {
    use crate::hash::merkle_proofs::MerkleProofTarget;
    use crate::iop::witness::{PartialWitness, Witness};
    use crate::plonk::circuit_data::VerifierOnlyCircuitData;
-    use crate::plonk::config::{GenericConfig, KeccakGoldilocksConfig, PoseidonGoldilocksConfig};
+    use crate::plonk::config::{
+        GMiMCGoldilocksConfig, GenericConfig, KeccakGoldilocksConfig, PoseidonGoldilocksConfig,
+    };
    use crate::plonk::proof::{
        CompressedProofWithPublicInputs, OpeningSetTarget, Proof, ProofTarget,
        ProofWithPublicInputs,
@ -485,6 +487,38 @@ mod tests {
        Ok(())
    }

+    #[test]
+    #[ignore]
+    fn test_recursive_verifier_multi_hash() -> Result<()> {
+        init_logger();
+        const D: usize = 2;
+        type PC = PoseidonGoldilocksConfig;
+        type GC = GMiMCGoldilocksConfig;
+        type KC = KeccakGoldilocksConfig;
+        type F = <PC as GenericConfig<D>>::F;
+
+        let config = CircuitConfig::standard_recursion_config();
+        let (proof, vd, cd) = dummy_proof::<F, PC, D>(&config, 4_000)?;
+
+        let (proof, vd, cd) =
+            recursive_proof::<F, PC, PC, D>(proof, vd, cd, &config, &config, None, false, false)?;
+        test_serialization(&proof, &cd)?;
+
+        let (proof, vd, cd) =
+            recursive_proof::<F, GC, PC, D>(proof, vd, cd, &config, &config, None, false, false)?;
+        test_serialization(&proof, &cd)?;
+
+        let (proof, vd, cd) =
+            recursive_proof::<F, GC, GC, D>(proof, vd, cd, &config, &config, None, false, false)?;
+        test_serialization(&proof, &cd)?;
+
+        let (proof, _vd, cd) =
+            recursive_proof::<F, KC, GC, D>(proof, vd, cd, &config, &config, None, false, false)?;
+        test_serialization(&proof, &cd)?;
+
+        Ok(())
+    }
+
    /// Creates a dummy proof which should have roughly `num_dummy_gates` gates.
    fn dummy_proof<F: Extendable<D>, C: GenericConfig<D, F = F>, const D: usize>(
        config: &CircuitConfig,