From 5febea778be1efb0f53225dff0bca327a561e777 Mon Sep 17 00:00:00 2001 From: wborgeaud Date: Thu, 3 Mar 2022 08:14:56 +0100 Subject: [PATCH] Fixes --- plonky2/src/gadgets/curve_fixed_base.rs | 4 +- plonky2/src/gadgets/curve_msm.rs | 116 +----------------------- plonky2/src/iop/generator.rs | 62 ------------- 3 files changed, 3 insertions(+), 179 deletions(-) diff --git a/plonky2/src/gadgets/curve_fixed_base.rs b/plonky2/src/gadgets/curve_fixed_base.rs index 3c470044..e248d951 100644 --- a/plonky2/src/gadgets/curve_fixed_base.rs +++ b/plonky2/src/gadgets/curve_fixed_base.rs @@ -11,7 +11,7 @@ use crate::plonk::circuit_builder::CircuitBuilder; use crate::plonk::config::{GenericHashOut, Hasher}; impl, const D: usize> CircuitBuilder { - /// Do windowed fixed-base scalar multiplication, using a 4-bit window. + /// Compute windowed fixed-base scalar multiplication, using a 4-bit window. pub fn fixed_base_curve_mul( &mut self, base: AffinePoint, @@ -38,7 +38,7 @@ impl, const D: usize> CircuitBuilder { let mut result = self.constant_affine_point(rando); // `s * P = sum s_i * P_i` with `P_i = (16^i) * P` and `s = sum s_i * (16^i)`. for (limb, point) in limbs.into_iter().zip(scaled_base) { - // Holds `t * P_i` for `p=0..16`. + // `muls_point[t] = t * P_i` for `t=0..16`. let muls_point = (0..16) .scan(AffinePoint::ZERO, |acc, _| { let tmp = *acc; diff --git a/plonky2/src/gadgets/curve_msm.rs b/plonky2/src/gadgets/curve_msm.rs index 5d505c4d..99aa0f36 100644 --- a/plonky2/src/gadgets/curve_msm.rs +++ b/plonky2/src/gadgets/curve_msm.rs @@ -78,14 +78,10 @@ impl, const D: usize> CircuitBuilder { #[cfg(test)] mod tests { - use std::str::FromStr; - use anyhow::Result; - use num::BigUint; - use plonky2_field::secp256k1_base::Secp256K1Base; use plonky2_field::secp256k1_scalar::Secp256K1Scalar; - use crate::curve::curve_types::{AffinePoint, Curve, CurveScalar}; + use crate::curve::curve_types::{Curve, CurveScalar}; use crate::curve::secp256k1::Secp256K1; use crate::field::field_types::Field; use crate::iop::witness::PartialWitness; @@ -133,114 +129,4 @@ mod tests { verify(proof, &data.verifier_only, &data.common) } - - #[test] - fn test_naive_msm() -> Result<()> { - const D: usize = 2; - type C = PoseidonGoldilocksConfig; - type F = >::F; - - let config = CircuitConfig::standard_ecc_config(); - - let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); - - let p = - (CurveScalar(Secp256K1Scalar::rand()) * Secp256K1::GENERATOR_PROJECTIVE).to_affine(); - let q = - (CurveScalar(Secp256K1Scalar::rand()) * Secp256K1::GENERATOR_PROJECTIVE).to_affine(); - let n = Secp256K1Scalar::rand(); - let m = Secp256K1Scalar::rand(); - - let res = - (CurveScalar(n) * p.to_projective() + CurveScalar(m) * q.to_projective()).to_affine(); - let res_expected = builder.constant_affine_point(res); - builder.curve_assert_valid(&res_expected); - - let p_target = builder.constant_affine_point(p); - let q_target = builder.constant_affine_point(q); - let n_target = builder.constant_nonnative(n); - let m_target = builder.constant_nonnative(m); - - let res0_target = builder.curve_scalar_mul_windowed(&p_target, &n_target); - let res1_target = builder.curve_scalar_mul_windowed(&q_target, &m_target); - let res_target = builder.curve_add(&res0_target, &res1_target); - builder.curve_assert_valid(&res_target); - - builder.connect_affine_point(&res_target, &res_expected); - - dbg!(builder.num_gates()); - let data = builder.build::(); - let proof = data.prove(pw).unwrap(); - - verify(proof, &data.verifier_only, &data.common) - } - - #[test] - fn test_curve_lul() -> Result<()> { - const D: usize = 2; - type C = PoseidonGoldilocksConfig; - type F = >::F; - - let config = CircuitConfig::standard_ecc_config(); - - let pw = PartialWitness::new(); - let mut builder = CircuitBuilder::::new(config); - - let p = AffinePoint:: { - x: Secp256K1Base::from_biguint( - BigUint::from_str( - "95702873347299649035220040874584348285675823985309557645567012532974768144045", - ) - .unwrap(), - ), - y: Secp256K1Base::from_biguint( - BigUint::from_str( - "34849299245821426255020320369755722155634282348110887335812955146294938249053", - ) - .unwrap(), - ), - zero: false, - }; - let q = AffinePoint:: { - x: Secp256K1Base::from_biguint( - BigUint::from_str( - "66037057977021147605301350925941983227524093291368248236634649161657340356645", - ) - .unwrap(), - ), - y: Secp256K1Base::from_biguint( - BigUint::from_str( - "80942789991494769168550664638932185697635702317529676703644628861613896422610", - ) - .unwrap(), - ), - zero: false, - }; - - let n = BigUint::from_str("89874493710619023150462632713212469930").unwrap(); - let m = BigUint::from_str("76073901947022186525975758425319149118").unwrap(); - - let res = (CurveScalar(Secp256K1Scalar::from_biguint(n.clone())) * p.to_projective() - + CurveScalar(Secp256K1Scalar::from_biguint(m.clone())) * q.to_projective()) - .to_affine(); - let res_expected = builder.constant_affine_point(res); - builder.curve_assert_valid(&res_expected); - - let p_target = builder.constant_affine_point(p); - let q_target = builder.constant_affine_point(q); - let n_target = builder.constant_biguint(&n); - let m_target = builder.constant_biguint(&m); - - let res_target = builder.curve_msm(&p_target, &q_target, &n_target, &m_target); - builder.curve_assert_valid(&res_target); - - builder.connect_affine_point(&res_target, &res_expected); - - dbg!(builder.num_gates()); - let data = builder.build::(); - let proof = data.prove(pw).unwrap(); - - verify(proof, &data.verifier_only, &data.common) - } } diff --git a/plonky2/src/iop/generator.rs b/plonky2/src/iop/generator.rs index 4dcd11da..1569e889 100644 --- a/plonky2/src/iop/generator.rs +++ b/plonky2/src/iop/generator.rs @@ -89,68 +89,6 @@ pub(crate) fn generate_partial_witness< } pending_generator_indices = next_pending_generator_indices; - // for t in [ - // Target::VirtualTarget { index: 57934 }, - // Target::VirtualTarget { index: 57935 }, - // Target::VirtualTarget { index: 57936 }, - // Target::VirtualTarget { index: 57937 }, - // Target::VirtualTarget { index: 57938 }, - // Target::VirtualTarget { index: 57939 }, - // Target::VirtualTarget { index: 57940 }, - // Target::VirtualTarget { index: 57941 }, - // ] { - // if let Some(v) = witness.try_get_target(t) { - // println!("a {}", v); - // } - // } - // for t in [ - // Target::VirtualTarget { index: 57952 }, - // Target::VirtualTarget { index: 57953 }, - // Target::VirtualTarget { index: 57954 }, - // Target::VirtualTarget { index: 57955 }, - // Target::VirtualTarget { index: 57956 }, - // Target::VirtualTarget { index: 57957 }, - // Target::VirtualTarget { index: 57958 }, - // Target::VirtualTarget { index: 57959 }, - // ] { - // if let Some(v) = witness.try_get_target(t) { - // println!("b {}", v); - // } - // } - // - // let t = Target::Wire(Wire { - // gate: 141_857, - // input: 8, - // }); - // if let Some(v) = witness.try_get_target(t) { - // println!("prod_exp {}", v); - // } - // let t = Target::Wire(Wire { - // gate: 141_863, - // input: 22, - // }); - // if let Some(v) = witness.try_get_target(t) { - // println!("prod act {}", v); - // } - // let t = Target::Wire(Wire { gate: 9, input: 3 }); - // if let Some(v) = witness.try_get_target(t) { - // println!("modulus {}", v); - // } - // let t = Target::VirtualTarget { index: 57_976 }; - // if let Some(v) = witness.try_get_target(t) { - // println!("overflow {}", v); - // } - // let t = Target::Wire(Wire { - // gate: 141_885, - // input: 8, - // }); - // if let Some(v) = witness.try_get_target(t) { - // println!("mod time ov {}", v); - // } - // let t = Target::VirtualTarget { index: 57_968 }; - // if let Some(v) = witness.try_get_target(t) { - // println!("prod {}", v); - // } } assert_eq!(