Merge 79ff2399fc7bd24ef155ffb4d733a994c6bedd65 into 7ba808630f2e1fa3231503b82429b6f88290b07b

.gitignore

@@ -2,3 +2,4 @@
 build
 target
 a.out
+Cargo.lock

.gitmodules

@@ -13,3 +13,6 @@
 [submodule "hash/snark/src/hash-circuits"]
 	path = hash/snark/external/hash-circuits
 	url = https://github.com/faulhornlabs/hash-circuits
+[submodule "hash/risc0/external/risc0"]
+	path = hash/risc0/external/risc0
+	url = https://github.com/risc0/risc0.git

hash/cpu/external/Blake3

@@ -1 +1 @@
-Subproject commit dd30dcb00221591db3a983e0215b81d86cff941d
+Subproject commit 4d32708f511fd85c6b0fb131295cc73224246738

hash/cpu/external/constantine

@@ -1 +1 @@
-Subproject commit 4dd0a02f1afd338f5207e40a47cac6705196b490
+Subproject commit dbd2630daa6d599a9e78ad247e6858baf41664da

hash/cpu/external/zikkurat-algebra

@@ -1 +1 @@
-Subproject commit 96e349786bd004e64a9cf50e0122f89863b24e92
+Subproject commit 0fb198a9087531f32bb00bd13d4feaf813bc473a

hash/risc0/.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+    "rust-analyzer.linkedProjects": [
+        "./bench/methods/guest/Cargo.toml"
+    ]
+}

hash/risc0/README.md

@@ -0,0 +1,7 @@
+Benchmarking inside risc'0 zkvm
+--------------------------------
+
+- `external` folder contains risc0 as a git submodule.
+- `bench` folder contains the benchmarking for different hash functions. Go to the `bench/README.md` for more details.
+- `inner_proof` folder contains methods for generating the Receipt for sha256 which is being used as an inner proof in `composition`
+- `composition` folder contains methods of proof composition which uses `inner_proof`.

hash/risc0/bench/.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+    "rust-analyzer.linkedProjects": [
+        "./methods/guest/Cargo.toml"
+    ]
+}

hash/risc0/bench/Cargo.toml

@@ -0,0 +1,24 @@
+[package]
+name = "benchmark"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+risc0-zkvm = { path = "../external/risc0/risc0/zkvm", default-features = false, features = ["prove",] }
+serde = "1.0"
+rand = "0.8.3"
+sha2 ={ git = "https://github.com/risc0/RustCrypto-hashes", tag = "sha2-v0.10.6-risczero.0" }
+benchmark_methods = { path = "methods" }
+zkhash = { git = "https://github.com/HorizenLabs/poseidon2.git"}
+ark-ff = "0.4.2"
+hex = "0.4.3"
+ark-serialize = "0.4"
+risc0-core = { path = "../external/risc0/risc0/core" }
+tracing-subscriber = { version = "0.3", features = ["env-filter"] }
+
+[profile.dev]
+opt-level = 3
+
+[profile.release]
+debug = 1
+lto = true

hash/risc0/bench/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

hash/risc0/bench/README.md

@@ -0,0 +1,12 @@
+Benchmarking different hashes inside risc'0 zkvm
+-----------------------------------------------
+
+The benchmark is defined by the following shell scripts:
+
+- `build.sh` - build the code.
+
+- `run.sh` and `run2.sh` - run the benchmark itself (`run.sh` for sha256, keccak, blake2b, blake3 and `run2.sh` for poseidon2 over bn128 and babybear)
+
+Benchmarks can be parameterized using environment variables. By convention, we start the names of these environment variables with the `ZKBENCH_` prefix.
+
+Additional files `bench.cfg` and `bench_tree.cfg` specifies the configurations and parameters.

hash/risc0/bench/bench.cfg

@@ -0,0 +1,11 @@
+name:   "Hashes benchmarking using risc0 prover"
+author: 
+timeout: 200
+params:
+  [ HASH_TYPE:     [ "sha256", "keccak", "blake2b", "blake3"]
+  , INPUT_SIZE_BYTES: [ 256, 512, 1024, 2048 ]
+  ]
+tags: risc0, $HASH_TYPE
+comments:
+  The benchmarks includes for sha256, keccak, blake2b, blake3.
+  the hashing is done inside the guest and receipt is received which is verified. 

hash/risc0/bench/bench_tree.cfg

@@ -0,0 +1,11 @@
+name:   "Hashes benchmarking using risc0 prover"
+author: 
+timeout: 1000
+params:
+  [ HASH_TYPE_TREE:     [ "poseidon2_babybear", "poseidon2_babybear_native", "poseidon2_bn128"]
+  , TREE_DEPTH: [ 2, 4, 8, 16 ]
+  ]
+tags: risc0, $HASH_TYPE_TREE
+comments:
+  The benchmarks includes for poseidon2(merkle hashing) over bn128 and babybear.
+  the hashing is done inside the guest and receipt is received which is verified. 

hash/risc0/bench/build.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+ cargo build --release

hash/risc0/bench/methods/Cargo.toml

@@ -0,0 +1,10 @@
+[package]
+name = "benchmark_methods"
+version = "0.1.0"
+edition = "2021"
+
+[build-dependencies]
+risc0-build = { path = "../../external/risc0/risc0/build" }
+
+[package.metadata.risc0]
+methods = ["guest"]

hash/risc0/bench/methods/build.rs

@@ -0,0 +1,3 @@
+fn main() {
+    risc0_build::embed_methods();
+}

hash/risc0/bench/methods/guest/Cargo.toml

@@ -0,0 +1,21 @@
+[package]
+name = "method"
+version = "0.1.0"
+edition = "2021"
+
+[workspace]
+
+[dependencies]
+# If you want to try (experimental) std support, add `features = [ "std" ]` to risc0-zkvm
+risc0-zkvm = { path = "../../../external/risc0/risc0/zkvm", default-features = false,features = ["std"] }
+sha3 = { git = "https://github.com/risc0/RustCrypto-hashes", tag = "sha2-v0.10.6-risczero.0", default-features = false }
+sha2 ={ git = "https://github.com/risc0/RustCrypto-hashes", tag = "sha2-v0.10.6-risczero.0" }
+risc0-zkp = {path = "../../../external/risc0/risc0/zkp", default-features = false}
+blake3 = "1.5.0"
+zkhash = { git = "https://github.com/HorizenLabs/poseidon2.git"}
+ark-serialize = "0.4"
+ark-ff = "0.4.2"
+risc0-core = {path = "../../../external/risc0/risc0/core"}
+lazy_static = "1.4"
+# risc0-zkp-core = "0.10.0"
+rand = "0.8.5"

hash/risc0/bench/methods/guest/src/bin/blake2b.rs

@@ -0,0 +1,18 @@
+#![no_main]
+
+use risc0_zkvm::{guest::env, sha::Digest};
+use risc0_zkp::core::hash::blake2b::{Blake2b, Blake2bCpuImpl};
+use std::io::Read;
+
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let mut data = Vec::<u8>::new();
+    env::stdin().read_to_end(&mut data).unwrap();
+
+    let hash = Blake2bCpuImpl::blake2b(&data);
+    let digest: Digest = hash.into();
+    env::commit(&digest)
+
+}

hash/risc0/bench/methods/guest/src/bin/blake3.rs

@@ -0,0 +1,18 @@
+#![no_main]
+
+use risc0_zkvm::{guest::env, sha::Digest};
+use blake3::hash;
+use std::io::Read;
+
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let mut data = Vec::<u8>::new();
+    env::stdin().read_to_end(&mut data).unwrap();
+
+    let result = hash(&data);
+    let digest = Digest::try_from(*result.as_bytes()).unwrap();
+    env::commit(&digest)
+
+}

hash/risc0/bench/methods/guest/src/bin/keccak.rs

@@ -0,0 +1,18 @@
+#![no_main]
+
+use risc0_zkvm::{guest::env, sha::Digest};
+use sha3::{Digest as _, Keccak256};
+use std::io::Read;
+
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let mut data = Vec::<u8>::new();
+    env::stdin().read_to_end(&mut data).unwrap();
+
+    let hash: [u8;32] = Keccak256::digest(data).into();
+    let digest  = Digest::try_from(hash).unwrap();
+    env::commit(&digest)
+
+}

hash/risc0/bench/methods/guest/src/bin/poseidon2_babybear.rs

@@ -0,0 +1,125 @@
+#![no_main]
+#![allow(non_snake_case)]
+use risc0_zkvm::guest::env;
+use zkhash::poseidon2::poseidon2;
+use zkhash::poseidon2::poseidon2::Poseidon2;
+use zkhash::poseidon2::poseidon2_instance_babybear::{/*POSEIDON2_BABYBEAR_16_PARAMS , */POSEIDON2_BABYBEAR_24_PARAMS};
+use zkhash::fields::babybear::FpBabyBear;
+use ark_serialize::{CanonicalSerialize, CanonicalDeserialize};
+use std::marker::PhantomData;
+
+
+use ark_ff::PrimeField;
+
+pub trait MerkleTreeHash<F: PrimeField> {
+    fn compress(&self, input: &[&F]) -> Vec<F>;
+}
+
+#[derive(Clone, Debug)]
+pub struct MerkleTree<F: PrimeField, P: MerkleTreeHash<F>> {
+    perm: P,
+    field: PhantomData<F>,
+}
+
+impl<F: PrimeField, P: MerkleTreeHash<F>> MerkleTree<F, P> {
+    pub fn new(perm: P) -> Self {
+        MerkleTree {
+            perm,
+            field: PhantomData,
+        }
+    }
+
+    fn round_up_pow_n(input: usize, n: usize) -> usize {
+        debug_assert!(n >= 1);
+        let mut res = 1;
+        // try powers, starting from n
+        loop {
+            res *= n;
+            if res >= input {
+                break;
+            }
+        }
+        res
+    }
+
+    pub fn accumulate(&mut self, set: &[F]) -> Vec<F> {
+        assert!(set.len()%8 == 0);
+        let set_size = set.len() / 8; 
+        let mut bound = Self::round_up_pow_n(set_size, 2);
+        loop {
+            if bound >= 2 {
+                break;
+            }
+            bound *= 2;
+        }
+        let mut nodes: Vec<F> = Vec::with_capacity(bound * 8);
+        for s in set {
+            nodes.push(s.to_owned());
+        }
+        // pad
+        for _ in nodes.len()..bound {
+            nodes.push(nodes[set_size * 8 - 1].to_owned());
+        }
+
+        while nodes.len() > 8 {
+            let new_len = nodes.len() / 2;
+            let mut new_nodes: Vec<F> = Vec::with_capacity(new_len);
+            for i in (0..nodes.len()).step_by(16) {
+                let inp = [
+                    &nodes[i], &nodes[i + 1], &nodes[i + 2], &nodes[i + 3], &nodes[i + 4], &nodes[i + 5], &nodes[i + 6], &nodes[i + 7], 
+                    &nodes[i + 8], &nodes[i + 9], &nodes[i + 10], &nodes[i + 11], &nodes[i + 12], &nodes[i + 13], &nodes[i + 14], &nodes[i + 15]
+                ];
+                let dig = self.perm.compress(&inp);
+
+                for j in 0..8 {
+                    new_nodes.push(dig[j]);
+                }
+                
+            }
+            nodes = new_nodes;
+        }
+        vec![nodes[0].to_owned(), nodes[1].to_owned(), nodes[2].to_owned(), nodes[3].to_owned(), nodes[4].to_owned(), nodes[5].to_owned(), nodes[6].to_owned(), nodes[7].to_owned()]
+    }
+}
+
+impl<F: PrimeField> MerkleTreeHash<F> for Poseidon2<F> {
+    fn compress(&self, input: &[&F]) -> Vec<F> {
+        let p = self.permutation(&[
+            input[0].to_owned(), input[1].to_owned(),input[2].to_owned(), input[3].to_owned(),input[4].to_owned(), input[5].to_owned(),input[6].to_owned(), input[7].to_owned(),
+            input[8].to_owned(), input[9].to_owned(),input[10].to_owned(), input[11].to_owned(),input[12].to_owned(), input[13].to_owned(),input[14].to_owned(), input[15].to_owned(),
+            F::zero(), F::zero(), F::zero(), F::zero(), F::zero(), F::zero(), F::zero(), F::zero()
+        ]);
+
+        vec![p[0], p[1], p[2], p[3], p[4], p[5], p[6], p[7]]
+    }
+}
+
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let data: Vec<Vec<u8>> = env::read();
+    
+    let mut hash_data: Vec<FpBabyBear> = Vec::new();
+    for i in 0..data.len() {
+        let a_uncompressed = FpBabyBear::deserialize_uncompressed(&**data.get(i).unwrap()).unwrap();
+        hash_data.push(a_uncompressed);
+    }
+    
+    let permutation = poseidon2::Poseidon2::new(&POSEIDON2_BABYBEAR_24_PARAMS);
+    let mut merkle_tree = MerkleTree::new(permutation.clone());
+
+    let hash_final = merkle_tree.accumulate(&hash_data);
+
+    
+    let mut perm_seralised: Vec<Vec<u8>> = Vec::new();
+    for i in 0..8 {
+        let mut temp: Vec<u8> = Vec::new();
+        hash_final.get(i).unwrap().serialize_uncompressed(&mut temp).unwrap();
+        perm_seralised.push(temp);
+    }
+
+
+    env::commit(&perm_seralised);
+
+}

hash/risc0/bench/methods/guest/src/bin/poseidon2_babybear_native.rs

@@ -0,0 +1,24 @@
+#![no_main]
+#![allow(non_snake_case)]
+use risc0_core::field::baby_bear::BabyBearElem;
+use risc0_zkp::core::hash::poseidon2::Poseidon2HashSuite;
+use risc0_zkvm::guest::env;
+
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let data: Vec<u32> = env::read();
+    
+    let mut hash_data: Vec<BabyBearElem> = Vec::new();
+    for i in 0..data.len() {
+        let a_uncompressed = BabyBearElem::from(*data.get(i).unwrap());
+        hash_data.push(a_uncompressed);
+    }
+
+    let result = Poseidon2HashSuite::new_suite().hashfn.hash_elem_slice(&hash_data);
+
+    env::commit(&result);
+
+
+}

hash/risc0/bench/methods/guest/src/bin/poseidon2_bn128.rs

@@ -0,0 +1,33 @@
+#![no_main]
+use risc0_zkvm::guest::env;
+use zkhash::poseidon2::poseidon2;
+use zkhash::poseidon2::poseidon2_instance_bn256::POSEIDON2_BN256_PARAMS;
+use zkhash::merkle_tree::merkle_tree_fp::MerkleTree;
+use zkhash::fields::bn256::FpBN256;
+use ark_serialize::{CanonicalSerialize, CanonicalDeserialize};
+
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let data: Vec<Vec<u8>> = env::read();
+
+    let mut hash_data: Vec<FpBN256> = Vec::new();
+    for i in 0..data.len() {
+        let a_uncompressed = FpBN256::deserialize_uncompressed(&**data.get(i).unwrap()).unwrap();
+        hash_data.push(a_uncompressed);
+    }
+
+    
+    let permutation = poseidon2::Poseidon2::new(&POSEIDON2_BN256_PARAMS);
+    let mut merkle_tree = MerkleTree::new(permutation.clone());
+
+    let hash_final = merkle_tree.accumulate(&hash_data);
+
+    let mut hash_bytes: Vec<u8> = Vec::new();
+    hash_final.serialize_uncompressed(&mut hash_bytes).unwrap();
+    
+    env::commit(&hash_bytes);
+
+
+}

hash/risc0/bench/methods/guest/src/bin/sha256.rs

@@ -0,0 +1,16 @@
+#![no_main]
+
+use std::io::Read;
+use risc0_zkvm::{guest::env, sha, sha::Sha256};
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let mut data = Vec::<u8>::new();
+    env::stdin().read_to_end(&mut data).unwrap();
+
+    let hash = sha::Impl::hash_bytes(&data);
+
+    env::commit(&hash)
+}
+

hash/risc0/bench/methods/guest/src/bin/sha256_accelerated.rs

@@ -0,0 +1,20 @@
+
+// accelerated sha2 crate
+#![no_main]
+use std::io::Read;
+use risc0_zkvm::guest::env;
+use sha2::{Sha256, Digest};
+
+risc0_zkvm::guest::entry!(main);
+
+pub fn main() {
+
+    let mut data = Vec::<u8>::new();
+    env::stdin().read_to_end(&mut data).unwrap();
+
+    let result = Sha256::digest(data);
+
+    let result_bytes: [u8;32] = result.into();
+
+    env::commit(&result_bytes)
+}

hash/risc0/bench/methods/src/lib.rs

@@ -0,0 +1 @@
+include!(concat!(env!("OUT_DIR"), "/methods.rs"));

hash/risc0/bench/run.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+if [ -z ${ZKBENCH_HASH_TYPE} ]; then 
+ZKBENCH_HASH_TYPE="sha256"    
+fi
+
+if [ -z ${ZKBENCH_INPUT_SIZE_BYTES} ]; then 
+ZKBENCH_INPUT_SIZE_BYTES=1024
+fi
+
+echo "Running benchmarks with the following configurations:"
+echo "HASH            = $ZKBENCH_HASH_TYPE"
+echo "Input Size (Bytes) = $ZKBENCH_INPUT_SIZE_BYTES"
+
+# Run the benchmarks
+RUST_LOG=info ./target/release/benchmark $ZKBENCH_HASH_TYPE $ZKBENCH_INPUT_SIZE_BYTES

hash/risc0/bench/run_tree.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+if [ -z ${ZKBENCH_HASH_TYPE_TREE} ]; then 
+ZKBENCH_HASH_TYPE_TREE="poseidon2_babybear_native"    
+fi
+
+if [ -z ${ZKBENCH_TREE_DEPTH} ]; then 
+ZKBENCH_TREE_DEPTH=2
+fi
+
+echo "Running benchmarks with the following configurations:"
+echo "HASH            = $ZKBENCH_HASH_TYPE_TREE"
+echo "Tree Depth = $ZKBENCH_TREE_DEPTH"
+
+# Run the benchmarks
+RUST_LOG=info ./target/release/benchmark $ZKBENCH_HASH_TYPE_TREE $ZKBENCH_TREE_DEPTH

hash/risc0/bench/rust-toolchain.toml

@@ -0,0 +1,4 @@
+[toolchain]
+channel = "stable"
+components = ["rustfmt", "rust-src"]
+profile = "minimal"

hash/risc0/bench/src/benches/blake2b.rs

@@ -0,0 +1,58 @@
+use benchmark_methods::{
+    BLAKE2B_ELF, BLAKE2B_ID
+};
+use risc0_zkvm::{ExecutorEnv, sha, ExecutorImpl};
+use std::time::Instant;
+
+pub fn blake2b_bench(input: Vec<u8>) {
+   
+  let env = ExecutorEnv::builder()
+    .write_slice(&input)
+    .build()
+    .unwrap();
+
+  let mut exec = ExecutorImpl::from_elf(env, &BLAKE2B_ELF).unwrap();
+  let session = exec.run().unwrap();
+
+  // Produce a receipt by proving the specified ELF binary.
+  let (receipt, proving_time) = {
+
+    let start = Instant::now();
+    let receipt = session.prove().unwrap();
+    let elapsed = start.elapsed();
+
+    (receipt, elapsed)
+  };
+
+  //proof size
+  let proof_bytes = receipt
+    .inner
+    .composite()
+    .unwrap()
+    .segments
+    .iter()
+    .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+    as u32;
+  
+  //number of cycles
+  let cycles = session.total_cycles;
+
+  // verify your receipt
+  let verification_time = {
+
+    let start = Instant::now(); 
+    receipt.verify(BLAKE2B_ID).unwrap();
+    let elapsed = start.elapsed();
+
+    elapsed
+  };
+
+  let _output: sha::Digest = receipt.journal.decode().unwrap();
+
+  eprintln!("Proving Time: {:?}", proving_time);
+  eprintln!("Verification Time: {:?}", verification_time);
+  eprintln!("Proof Bytes: {:?}", proof_bytes);
+  eprintln!("Total Cycles: {:?}", cycles);
+  eprintln!("Hash: {:?}", _output);
+
+}

hash/risc0/bench/src/benches/blake3.rs

@@ -0,0 +1,58 @@
+use benchmark_methods::{
+    BLAKE3_ELF, BLAKE3_ID
+};
+use risc0_zkvm::{ExecutorEnv, sha, ExecutorImpl};
+use std::time::Instant;
+
+pub fn blake3_bench(input: Vec<u8>) {
+
+  let env = ExecutorEnv::builder()
+    .write_slice(&input)
+    .build()
+    .unwrap();
+
+  let mut exec = ExecutorImpl::from_elf(env, &BLAKE3_ELF).unwrap();
+  let session = exec.run().unwrap();
+
+  // Produce a receipt by proving the specified ELF binary.
+  let (receipt, proving_time) = {
+
+    let start = Instant::now();
+    let receipt = session.prove().unwrap();
+    let elapsed = start.elapsed();
+
+    (receipt, elapsed)
+  };
+  
+  //proof size
+  let proof_bytes = receipt
+    .inner
+    .composite()
+    .unwrap()
+    .segments
+    .iter()
+    .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+    as u32;
+  
+  //number of cycles
+  let cycles = session.total_cycles;
+
+  // verify your receipt
+  let verification_time = {
+
+    let start = Instant::now(); 
+    receipt.verify(BLAKE3_ID).unwrap();
+    let elapsed = start.elapsed();
+
+    elapsed
+  };
+
+  let _output: sha::Digest = receipt.journal.decode().unwrap();
+
+  eprintln!("Proving Time: {:?}", proving_time);
+  eprintln!("Verification Time: {:?}", verification_time);
+  eprintln!("Proof Bytes: {:?}", proof_bytes);
+  eprintln!("Total Cycles: {:?}", cycles);
+  eprintln!("Hash: {:?}", _output);
+
+}

hash/risc0/bench/src/benches/keccak.rs

@@ -0,0 +1,58 @@
+use benchmark_methods::{
+    KECCAK_ELF, KECCAK_ID
+};
+use risc0_zkvm::{ExecutorEnv, ExecutorImpl, sha};
+use std::time::Instant;
+
+pub fn keccak_bench(input: Vec<u8>) {
+
+  let env = ExecutorEnv::builder()
+    .write_slice(&input)
+    .build()
+    .unwrap();
+  
+  let mut exec = ExecutorImpl::from_elf(env, &KECCAK_ELF).unwrap();
+  let session = exec.run().unwrap();
+
+  // Produce a receipt by proving the specified ELF binary.
+  let (receipt, proving_time) = {
+
+    let start = Instant::now();
+    let receipt = session.prove().unwrap();
+    let elapsed = start.elapsed();
+
+    (receipt, elapsed)
+  };
+  
+  //proof size
+  let proof_bytes = receipt
+  .inner
+  .composite()
+  .unwrap()
+  .segments
+  .iter()
+  .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+  as u32;
+
+  //number of cycles
+  let cycles = session.total_cycles;
+
+  // verify your receipt
+  let verification_time = {
+
+    let start = Instant::now(); 
+    receipt.verify(KECCAK_ID).unwrap();
+    let elapsed = start.elapsed();
+
+    elapsed
+  };
+
+  let _output: sha::Digest = receipt.journal.decode().unwrap();
+
+  eprintln!("Proving Time: {:?}", proving_time);
+  eprintln!("verification Time: {:?}", verification_time);
+  eprintln!("Proof Bytes: {:?}", proof_bytes);
+  eprintln!("Total Cycles: {:?}", cycles);
+  eprintln!("Hash: {:?}", _output);
+
+}

hash/risc0/bench/src/benches/mod.rs

@@ -0,0 +1,8 @@
+pub mod sha256;
+pub mod sha256_accelerated;
+pub mod keccak;
+pub mod blake2b;
+pub mod blake3;
+pub mod poseidon2_bn128;
+pub mod poseidon2_babybear;
+pub mod poseidon2_babybear_native;

hash/risc0/bench/src/benches/poseidon2_babybear.rs

@@ -0,0 +1,87 @@
+#![allow(non_snake_case)]
+use benchmark_methods::{
+    POSEIDON2_BABYBEAR_ELF, 
+    POSEIDON2_BABYBEAR_ID
+};
+use risc0_zkvm::{
+    ExecutorImpl, 
+    ExecutorEnv
+};
+use zkhash::fields::{
+        babybear::FpBabyBear, 
+        utils::random_scalar
+    };
+use std::time::Instant;
+use ark_serialize::{
+    CanonicalSerialize, 
+    CanonicalDeserialize
+};
+
+
+pub fn poseidon2_babybear_bench(mt_depth: usize) {
+    
+    type Scalar = FpBabyBear;
+
+    let t = (1 << mt_depth) * 8;
+    let mut input_scalar: Vec<Vec<u8>> = Vec::new();
+
+    for _ in 0..t {
+        let mut uncompressed_bytes = Vec::new();
+        let a: Scalar = random_scalar();
+        a.serialize_uncompressed(&mut uncompressed_bytes).unwrap();
+        input_scalar.push(uncompressed_bytes);
+    }
+
+    let env = ExecutorEnv::builder().write(&input_scalar).unwrap().build().unwrap();
+
+    let mut exec = ExecutorImpl::from_elf(env, &POSEIDON2_BABYBEAR_ELF).unwrap();
+    let session = exec.run().unwrap();
+
+    // Produce a receipt by proving the specified ELF binary.
+    let (receipt, proving_time) = {
+
+        let start = Instant::now();
+        let receipt = session.prove().unwrap();
+        let elapsed = start.elapsed();
+
+        (receipt, elapsed)
+    };
+
+    //proof size
+    let proof_bytes = receipt
+        .inner
+        .composite()
+        .unwrap()
+        .segments
+        .iter()
+        .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+        as u32;
+    
+    //number of cycles
+    let cycles = session.total_cycles;
+
+    // verify your receipt
+    let verification_time = {
+
+    let start = Instant::now(); 
+    receipt.verify(POSEIDON2_BABYBEAR_ID).unwrap();
+    let elapsed = start.elapsed();
+
+    elapsed
+  };
+
+    let output: Vec<Vec<u8>> = receipt.journal.decode().unwrap();
+
+    let mut output_deseralised: Vec<Scalar> = Vec::new();
+
+    for i in 0..output.len() {
+        output_deseralised.push(Scalar::deserialize_uncompressed(&**output.get(i).unwrap()).unwrap());
+    }
+
+    eprintln!("Proving Time: {:?}", proving_time);
+    eprintln!("Verification Time: {:?}", verification_time);
+    eprintln!("Proof Bytes: {:?}", proof_bytes);
+    eprintln!("Total Cycles: {:?}", cycles);
+    eprintln!("hash: {:?}", output_deseralised);
+
+}

hash/risc0/bench/src/benches/poseidon2_babybear_native.rs

@@ -0,0 +1,71 @@
+#![allow(non_snake_case)]
+use benchmark_methods::{
+    POSEIDON2_BABYBEAR_NATIVE_ELF, 
+    POSEIDON2_BABYBEAR_NATIVE_ID
+};
+use risc0_zkvm::{
+    ExecutorImpl, 
+    ExecutorEnv,
+    sha::Digest
+};
+use std::time::Instant;
+use rand::Rng;
+
+pub fn poseidon2_babybear_native_bench(mt_depth: usize) {
+    
+    let t = (1 << mt_depth) * 8;
+    let mut input: Vec<u32> = Vec::new();
+
+    for _ in 0..t {
+        
+        let mut rng = rand::thread_rng();
+        let random_u32: u32 = rng.gen();
+        input.push(random_u32);
+    }
+
+    let env = ExecutorEnv::builder().write(&input).unwrap().build().unwrap();
+
+    let mut exec = ExecutorImpl::from_elf(env, &POSEIDON2_BABYBEAR_NATIVE_ELF).unwrap();
+    let session = exec.run().unwrap();
+  
+    // Produce a receipt by proving the specified ELF binary.
+    let (receipt, proving_time) = {
+  
+      let start = Instant::now();
+      let receipt = session.prove().unwrap();
+      let elapsed = start.elapsed();
+  
+      (receipt, elapsed)
+    };
+  
+    //proof size
+    let proof_bytes = receipt
+      .inner
+      .composite()
+      .unwrap()
+      .segments
+      .iter()
+      .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+      as u32;
+    
+    //number of cycles
+    let cycles = session.total_cycles;
+  
+    // verify your receipt
+    let verification_time = {
+  
+      let start = Instant::now(); 
+      receipt.verify(POSEIDON2_BABYBEAR_NATIVE_ID).unwrap();
+      let elapsed = start.elapsed();
+  
+      elapsed
+    };
+  
+    let output: Box<Digest> = receipt.journal.decode().unwrap();
+    
+    eprintln!("Proving Time: {:?}", proving_time);
+    eprintln!("Verification time: {:?}", verification_time);
+    eprintln!("Proof Bytes: {:?}", proof_bytes);
+    eprintln!("Total Cycles: {:?}", cycles);
+    eprintln!("Hash: {:?}", output);
+}

hash/risc0/bench/src/benches/poseidon2_bn128.rs

@@ -0,0 +1,70 @@
+use benchmark_methods::{
+    POSEIDON2_BN128_ELF, POSEIDON2_BN128_ID
+};
+use risc0_zkvm::{ExecutorImpl, ExecutorEnv};
+use zkhash::{fields::{bn256::FpBN256, utils::random_scalar}/* , poseidon2::poseidon2_instance_bn256::POSEIDON2_BN256_PARAMS*/};
+use std::time::Instant;
+use ark_serialize::{CanonicalSerialize, CanonicalDeserialize};
+
+
+pub fn poseidon2_bn128_bench(mt_depth: usize) {
+    
+    type Scalar = FpBN256;
+
+    let mut input_scalar: Vec<Vec<u8>> = Vec::new();
+    let number_of_leaves: u32 = 1 << mt_depth;
+    for _ in 0..number_of_leaves {
+        let mut uncompressed_bytes = Vec::new();
+        let a: Scalar = random_scalar();
+        a.serialize_uncompressed(&mut uncompressed_bytes).unwrap();
+        input_scalar.push(uncompressed_bytes);
+    }
+
+    let env = ExecutorEnv::builder().write(&input_scalar).unwrap().build().unwrap();
+
+    let mut exec = ExecutorImpl::from_elf(env, &POSEIDON2_BN128_ELF).unwrap();
+    let session = exec.run().unwrap();
+
+    // Produce a receipt by proving the specified ELF binary.
+    let (receipt, proving_time) = {
+
+        let start = Instant::now();
+        let receipt = session.prove().unwrap();
+        let elapsed = start.elapsed();
+
+        (receipt, elapsed)
+    };
+
+    //proof size
+    let proof_bytes = receipt
+        .inner
+        .composite()
+        .unwrap()
+        .segments
+        .iter()
+        .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+        as u32;
+    
+    //number of cycles
+    let cycles = session.total_cycles;
+
+    // verify your receipt
+    let verification_time = {
+
+        let start = Instant::now(); 
+        receipt.verify(POSEIDON2_BN128_ID).unwrap();
+        let elapsed = start.elapsed();
+
+        elapsed
+    };
+    
+    let output: Vec<u8> = receipt.journal.decode().unwrap();
+    let hash_final = Scalar::deserialize_uncompressed(&*output).unwrap();
+
+    eprintln!("Proving Time: {:?}", proving_time);
+    eprintln!("Verification time: {:?}", verification_time);
+    eprintln!("Proof Bytes: {:?}", proof_bytes);
+    eprintln!("Total Cycles: {:?}", cycles);
+    eprintln!("Hash: {:?}", hash_final);
+
+}

hash/risc0/bench/src/benches/sha256.rs

@@ -0,0 +1,57 @@
+use benchmark_methods::{
+    SHA256_ELF, SHA256_ID
+};
+use risc0_zkvm::{ExecutorEnv, ExecutorImpl, sha};
+use std::time::Instant;
+
+pub fn sha_bench(input: Vec<u8>) {
+   
+  let env = ExecutorEnv::builder()
+    .write_slice(&input)
+    .build()
+    .unwrap();
+  let mut exec = ExecutorImpl::from_elf(env, &SHA256_ELF).unwrap();
+  let session = exec.run().unwrap();
+
+  // Produce a receipt by proving the specified ELF binary.
+  let (receipt, proving_time) = {
+
+    let start = Instant::now();
+    let receipt = session.prove().unwrap();
+    let elapsed = start.elapsed();
+
+    (receipt, elapsed)
+  };
+
+  //proof size
+  let proof_bytes = receipt
+    .inner
+    .composite()
+    .unwrap()
+    .segments
+    .iter()
+    .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+    as u32;
+  
+  //number of cycles
+  let cycles = session.total_cycles;
+
+  // verify your receipt
+  let verification_time = {
+
+    let start = Instant::now(); 
+    receipt.verify(SHA256_ID).unwrap();
+    let elapsed = start.elapsed();
+
+    elapsed
+  };
+
+  let _output: sha::Digest = receipt.journal.decode().unwrap();
+
+  eprintln!("Proving Time: {:?}", proving_time);
+  eprintln!("Verification Time: {:?}", verification_time);
+  eprintln!("Proof Bytes: {:?}", proof_bytes);
+  eprintln!("Total Cycles: {:?}", cycles);
+  eprintln!("Hash: {:?}", _output);
+
+}

hash/risc0/bench/src/benches/sha256_accelerated.rs

@@ -0,0 +1,57 @@
+use benchmark_methods::{
+    SHA256_ACCELERATED_ELF, SHA256_ACCELERATED_ID
+};
+use risc0_zkvm::{ExecutorEnv, ExecutorImpl};
+use std::time::Instant;
+use hex::encode;
+pub fn sha_accelerated_bench(input: Vec<u8>) {
+   
+    let env = ExecutorEnv::builder()
+      .write_slice(&input)
+      .build()
+      .unwrap();
+    
+    let mut exec = ExecutorImpl::from_elf(env, &SHA256_ACCELERATED_ELF).unwrap();
+    let session = exec.run().unwrap();
+
+    // Produce a receipt by proving the specified ELF binary.
+    let (receipt, proving_time) = {
+
+      let start = Instant::now();
+      let receipt = session.prove().unwrap();
+      let elapsed = start.elapsed();
+
+      (receipt, elapsed)
+    };
+
+    //proof size
+    let proof_bytes = receipt
+    .inner
+    .composite()
+    .unwrap()
+    .segments
+    .iter()
+    .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+    as u32;
+
+    //number of cycles
+    let cycles = session.total_cycles;
+
+    // verify your receipt
+    let verification_time = {
+
+    let start = Instant::now(); 
+    receipt.verify(SHA256_ACCELERATED_ID).unwrap();
+    let elapsed = start.elapsed();
+
+    elapsed
+  };
+
+    let _output: [u8;32] = receipt.journal.decode().unwrap();
+    let hash = encode(_output);
+    eprintln!("Proving Time: {:?}", proving_time);
+    eprintln!("Verification Time: {:?}", verification_time);
+    eprintln!("Proof Bytes: {:?}", proof_bytes);
+    eprintln!("Total Cycles: {:?}", cycles);
+    eprintln!("Hash: {:?}", hash);
+}

hash/risc0/bench/src/main.rs

@@ -0,0 +1,99 @@
+mod benches;
+use benches::{
+    sha256::sha_bench,
+    sha256_accelerated::sha_accelerated_bench,
+    keccak::keccak_bench,
+    blake2b::blake2b_bench,
+    blake3::blake3_bench,
+    poseidon2_bn128::poseidon2_bn128_bench,
+    poseidon2_babybear::poseidon2_babybear_bench,
+    poseidon2_babybear_native::poseidon2_babybear_native_bench,
+};
+use rand::Rng;
+use std::process;
+
+fn generate_bytes(size: usize) -> Vec<u8> {
+    let mut rng = rand::thread_rng();
+    (0..size).map(|_| rng.gen()).collect()
+}
+
+
+
+fn main() {
+    let args: Vec<String> = std::env::args().collect();
+
+    if args.len() != 3 {
+        println!("Wrong number of arguments! The program expects two arguments: <hash_type> and <size>");
+        // Exit the program with a non-zero exit code
+        process::exit(1);
+    }
+    
+    let hash_type = &args[1];
+    let size = args[2].parse::<usize>().unwrap();
+    
+    tracing_subscriber::fmt()
+        .with_env_filter(tracing_subscriber::filter::EnvFilter::from_default_env())
+        .init();
+
+    match hash_type.as_str() {
+        "sha256" => {
+            println!("SHA256 Benchmarking: ");
+            eprintln!("data size(bytes): {:?}", size);
+            let input = generate_bytes(size);
+            sha_bench(input.clone());
+        }
+        "sha256_accelerated" => {
+            println!("Accelerated SHA256(Patched rustCrypto) Benchmarking: ");
+            eprintln!("data size(bytes): {:?}", size);
+            let input = generate_bytes(size);
+            sha_accelerated_bench(input.clone());
+        }
+        "keccak" => {
+            println!("KECCAK Benchmarking: ");
+            eprintln!("data size(bytes): {:?}", size);
+            let input = generate_bytes(size);
+            keccak_bench(input.clone());
+        }
+
+        "blake2b" => {
+            println!("Blake2b Benchmarking: ");
+            eprintln!("data size(bytes): {:?}", size);
+            let input = generate_bytes(size);
+            blake2b_bench(input.clone());
+        }
+
+        "blake3" => {
+            println!("Blake3 Benchmarking: ");
+            eprintln!("data size(bytes): {:?}", size);
+            let input = generate_bytes(size);
+            blake3_bench(input.clone());
+        }
+
+        "poseidon2_bn128" => {
+            println!("Poseidon2 Benchmarking on the BN128 field: ");
+            eprintln!("Tree Depth: {:?}", size);
+            poseidon2_bn128_bench(size);
+        }
+
+        "poseidon2_babybear" => {
+            println!("Poseidon2 Benchmarking on the BabyBear field: ");
+            eprintln!("Tree Depth: {:?}", size);
+            eprintln!("number of inputs {:?}",  (1 << size) * 8);
+            poseidon2_babybear_bench(size);
+        }
+
+        "poseidon2_babybear_native" => {
+            println!("Poseidon2 Benchmarking on the risc0's native BabyBear field: ");
+            eprintln!("Tree Depth: {:?}", size);
+            eprintln!("number of inputs {:?}",  (1 << size) * 8);
+            poseidon2_babybear_native_bench(size);
+        }
+
+        _ => {
+            println!("Wrong Benchmark Name!");
+        }
+    }
+
+    println!("All Done!");
+    
+}

hash/risc0/composition/Cargo.toml

@@ -0,0 +1,17 @@
+[package]
+name = "composition"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+composition-methods = { path = "methods" }
+inner_proof = { path = "../inner_proof" }
+risc0-zkvm = { path = "../external/risc0/risc0/zkvm" , default-features = false, features = ["prove",] }
+serde = "1.0"
+tracing-subscriber = { version = "0.3", features = ["env-filter"] }
+
+[features]
+cuda = ["risc0-zkvm/cuda"]
+default = []
+metal = ["risc0-zkvm/metal"]
+prove = ["risc0-zkvm/prove"]

hash/risc0/composition/build.sh

@@ -0,0 +1 @@
+cargo build --release

hash/risc0/composition/methods/Cargo.toml

@@ -0,0 +1,10 @@
+[package]
+name = "composition-methods"
+version = "0.1.0"
+edition = "2021"
+
+[build-dependencies]
+risc0-build = { path = "../../external/risc0/risc0/build" }
+
+[package.metadata.risc0]
+methods = ["guest"]

hash/risc0/composition/methods/build.rs

@@ -0,0 +1,17 @@
+// Copyright 2024 RISC Zero, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+fn main() {
+    risc0_build::embed_methods();
+}

hash/risc0/composition/methods/guest/Cargo.toml

@@ -0,0 +1,11 @@
+[package]
+name = "composition-method"
+version = "0.1.0"
+edition = "2021"
+
+[workspace]
+
+[dependencies]
+risc0-zkvm = { path = "../../../external/risc0/risc0/zkvm", features = ["std"], default-features = false }
+inner_proof-methods = { path = "../../../inner_proof/methods" }
+bytemuck = "1.14"

hash/risc0/composition/methods/guest/src/main.rs

@@ -0,0 +1,27 @@
+// Copyright 2024 RISC Zero, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use inner_proof_methods::INNER_PROOF_METHOD_ID;
+use risc0_zkvm::{guest::env, serde};
+use risc0_zkvm::sha;
+fn main() {
+    let hash: sha::Digest = env::read();
+    let hash2: sha::Digest = env::read();
+
+    env::verify(INNER_PROOF_METHOD_ID, &serde::to_vec(&hash).unwrap()).unwrap();
+    env::verify(INNER_PROOF_METHOD_ID, &serde::to_vec(&hash2).unwrap()).unwrap();
+
+    env::commit(&hash);
+}
+

hash/risc0/composition/methods/src/lib.rs

@@ -0,0 +1,15 @@
+// Copyright 2024 RISC Zero, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+include!(concat!(env!("OUT_DIR"), "/methods.rs"));

hash/risc0/composition/run.sh

@@ -0,0 +1 @@
+RUST_LOG=info ./target/release/composition 1024

hash/risc0/composition/src/main.rs

@@ -0,0 +1,96 @@
+// Copyright 2024 RISC Zero, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use composition_methods::{COMPOSITION_METHOD_ELF, COMPOSITION_METHOD_ID};
+use inner_proof::sha_bench;
+use risc0_zkvm::ExecutorEnv;
+use risc0_zkvm::sha;
+use std::time::Instant;
+use std::process;
+use risc0_zkvm::ExecutorImpl;
+
+fn main() {
+    
+    let args: Vec<String> = std::env::args().collect();
+
+    if args.len() != 2 {
+        println!("Wrong number of arguments! The program expects one arguments: <size>");
+        // Exit the program with a non-zero exit code
+        process::exit(1);
+    }
+    
+    let data_size = args[1].parse::<usize>().unwrap();
+    
+    // tracer added for logging info
+    tracing_subscriber::fmt()
+        .with_env_filter(tracing_subscriber::filter::EnvFilter::from_default_env())
+        .init();
+
+    let (hash_receipt, hash) = sha_bench(data_size.try_into().unwrap());
+    let (hash_receipt2, hash2) = sha_bench(data_size.try_into().unwrap());
+
+    let env = ExecutorEnv::builder()
+        // add_assumption makes the receipt to be verified available to the prover.
+        .add_assumption(hash_receipt)
+        .write(&hash)
+        .unwrap()
+        .add_assumption(hash_receipt2)
+        .write(&hash2)
+        .unwrap()
+        .build()
+        .unwrap();
+
+    let mut exec = ExecutorImpl::from_elf(env, &COMPOSITION_METHOD_ELF).unwrap();
+    let session = exec.run().unwrap();
+
+    // Produce a receipt by proving the specified ELF binary.
+    let (receipt, proving_time) = {
+
+        let start = Instant::now();
+        let receipt = session.prove().unwrap();
+        let elapsed = start.elapsed();
+
+        (receipt, elapsed)
+    };
+
+    //proof size
+    let proof_bytes = receipt
+        .inner
+        .composite()
+        .unwrap()
+        .segments
+        .iter()
+        .fold(0, |acc, segment| acc + segment.get_seal_bytes().len())
+        as u32;
+
+    //number of cycles
+    let cycles = session.total_cycles;
+
+    // verify your receipt
+    let verification_time = {
+
+        let start = Instant::now(); 
+        receipt.verify(COMPOSITION_METHOD_ID).unwrap();
+        let elapsed = start.elapsed();
+
+        elapsed
+    };
+
+    let hash: sha::Digest = receipt.journal.decode().unwrap();
+    eprintln!("Proving Time: {:?}", proving_time);
+    eprintln!("Verification Time: {:?}", verification_time);
+    eprintln!("Proof Bytes: {:?}", proof_bytes);
+    eprintln!("Total Cycles: {:?}", cycles);
+    eprintln!("Hash: {:?}", hash);
+}

hash/risc0/external/risc0

@@ -0,0 +1 @@
+Subproject commit 02fad7a498764d5c6cc851f246813b73b41c30b8

hash/risc0/inner_proof/Cargo.toml

@@ -0,0 +1,17 @@
+[package]
+name = "inner_proof"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+inner_proof-methods = { path = "methods" }
+risc0-zkvm = { path = "../external/risc0/risc0/zkvm" }
+serde = "1.0"
+rand = "0.8.3"
+
+
+[features]
+cuda = ["risc0-zkvm/cuda"]
+default = []
+metal = ["risc0-zkvm/metal"]
+prove = ["risc0-zkvm/prove"]

hash/risc0/inner_proof/methods/Cargo.toml

@@ -0,0 +1,10 @@
+[package]
+name = "inner_proof-methods"
+version = "0.1.0"
+edition = "2021"
+
+[build-dependencies]
+risc0-build = { path = "../../external/risc0/risc0/build" }
+
+[package.metadata.risc0]
+methods = ["guest"]

hash/risc0/inner_proof/methods/build.rs

@@ -0,0 +1,3 @@
+fn main() {
+    risc0_build::embed_methods();
+}

hash/risc0/inner_proof/methods/guest/Cargo.toml

@@ -0,0 +1,9 @@
+[package]
+name = "inner_proof_method"
+version = "0.1.0"
+edition = "2021"
+
+[workspace]
+
+[dependencies]
+risc0-zkvm = { path = "../../../external/risc0/risc0/zkvm", default-features = false, features = ["std"]}

hash/risc0/inner_proof/methods/guest/src/main.rs

@@ -0,0 +1,16 @@
+#![no_main]
+
+use risc0_zkvm::{guest::env, sha, sha::Sha256};
+use std::io::Read;
+
+risc0_zkvm::guest::entry!(main);
+
+fn main() {
+    let mut data = Vec::<u8>::new();
+    env::stdin().read_to_end(&mut data).unwrap();
+
+    let hash = sha::Impl::hash_bytes(&data);
+    env::commit(&hash)
+}
+
+

hash/risc0/inner_proof/methods/src/lib.rs

@@ -0,0 +1 @@
+include!(concat!(env!("OUT_DIR"), "/methods.rs"));

hash/risc0/inner_proof/src/lib.rs

@@ -0,0 +1,32 @@
+use inner_proof_methods::INNER_PROOF_METHOD_ELF;
+use risc0_zkvm::{default_prover, ExecutorEnv, Receipt};
+use risc0_zkvm::{ sha};
+use rand::Rng;
+
+
+fn generate_bytes(size: usize) -> Vec<u8> {
+    let mut rng = rand::thread_rng();
+    (0..size).map(|_| rng.gen()).collect()
+}
+
+pub fn sha_bench(size: usize) -> (Receipt, sha::Digest) {
+
+    let input = generate_bytes(size);
+
+    let env = ExecutorEnv::builder()
+        .write_slice(&input)
+        .build()
+        .unwrap();
+
+    // Obtain the default prover.
+    let prover = default_prover();
+
+    // Produce a receipt by proving the specified ELF binary.
+    let receipt = prover.prove(env, INNER_PROOF_METHOD_ELF).unwrap();
+
+    let _output: sha::Digest = receipt.journal.decode().expect(
+        "cannot deserialise",
+    );
+
+    (receipt, _output)
+}

hash/risc0/inner_proof/src/main.rs

@@ -0,0 +1,36 @@
+// Copyright 2024 RISC Zero, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+use inner_proof::sha_bench;
+use inner_proof_methods::INNER_PROOF_METHOD_ID;
+use std::process;
+
+fn main() {
+
+    let args: Vec<String> = std::env::args().collect();
+
+    if args.len() != 2 {
+        println!("Wrong number of arguments! The program expects two arguments: <number_of_composition> and <size>");
+        // Exit the program with a non-zero exit code
+        process::exit(1);
+    }
+    
+    let data_size = args[1].parse::<usize>().unwrap();
+
+    let (receipt, _output) = sha_bench(data_size.try_into().unwrap());
+
+    // Verify receipt, panic if it's wrong
+    receipt.verify(INNER_PROOF_METHOD_ID).expect(
+        "cannot verify",
+    );
+
+    eprintln!("hash: {:?}", _output);
+}

hash/snark/external/hash-circuits

@@ -1 +1 @@
-Subproject commit e6b99b20f038f27390f590313ce7de227d6dd42a
+Subproject commit 3ae1517526f1061a8d37a159270cc15727e6b503