diff --git a/.github/workflows/wasm.yml b/.github/workflows/wasm.yml index 57025f05..96253986 100644 --- a/.github/workflows/wasm.yml +++ b/.github/workflows/wasm.yml @@ -31,7 +31,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Build and check for changes in generated code - working-directory: tools/npm/garaga_rs + working-directory: tools/npm/garaga_ts run: | docker compose up --build --exit-code-from app git status --porcelain @@ -40,7 +40,7 @@ jobs: uses: actions/upload-artifact@v4 with: name: npm-package - path: tools/npm/garaga_rs/*.tgz + path: tools/npm/garaga_ts/*.tgz if-no-files-found: error test-integration: @@ -63,11 +63,11 @@ jobs: uses: actions/download-artifact@v4 with: name: npm-package - path: tools/npm/garaga_rs + path: tools/npm/garaga_ts - name: Build and tests integration test packages working-directory: tools/npm/integration-test-suite run: | - cp ../garaga_rs/garaga_rs-*.tgz garaga_rs.tgz + cp ../garaga_ts/garaga-*.tgz garaga.tgz npm i npm run build npx puppeteer browsers install diff --git a/.gitignore b/.gitignore index 2df11481..ece9a5ef 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,6 @@ Scarb.lock tests/contracts_e2e/devnet/* !hydra/garaga/starknet/groth16_contract_generator/examples/*.json + + +!tools/npm/garaga_rs/*.json diff --git a/hydra/garaga/modulo_circuit.py b/hydra/garaga/modulo_circuit.py index c7bbd4d8..0947494e 100644 --- a/hydra/garaga/modulo_circuit.py +++ b/hydra/garaga/modulo_circuit.py @@ -1066,9 +1066,9 @@ def compile_circuit_cairo_1( signature_input = "mut input: Array" if self.generic_circuit: - code = f"fn {function_name}({signature_input}, curve_index:usize)->{signature_output} {{\n" + code = f"#[inline(always)]\nfn {function_name}({signature_input}, curve_index:usize)->{signature_output} {{\n" else: - code = f"fn {function_name}({signature_input})->{signature_output} {{\n" + code = f"#[inline(always)]\nfn {function_name}({signature_input})->{signature_output} {{\n" # Define the input for the circuit. code, offset_to_reference_map, start_index = self.write_cairo1_input_stack( diff --git a/hydra/garaga/modulo_circuit_structs.py b/hydra/garaga/modulo_circuit_structs.py index 245b6689..5131e9e4 100644 --- a/hydra/garaga/modulo_circuit_structs.py +++ b/hydra/garaga/modulo_circuit_structs.py @@ -971,6 +971,14 @@ def extract_from_circuit_output( code += "};" return code + @property + def struct_name(self) -> str: + p = self.elmts[0].p + if p.bit_length() <= 288: + return "E12DMulQuotient" + else: + return "E12DMulQuotient" + def serialize(self, raw: bool = False, is_option: bool = False) -> str: if self.elmts is None: raw_struct = "Option::None" @@ -979,8 +987,17 @@ def serialize(self, raw: bool = False, is_option: bool = False) -> str: else: return f"let {self.name}:Option<{self.__class__.__name__}> = {raw_struct};\n" else: - assert len(self.elmts) == 11, f"Expected 11 elements, got {len(self.elmts)}" - raw_struct = f"{self.__class__.__name__}{{{','.join([f'w{i}: {int_to_u384(self.elmts[i].value)}' for i in range(len(self))])}}}" + assert len(self.elmts) == 11 + bits: int = self.elmts[0].p.bit_length() + if bits <= 288: + curve_id = 0 + else: + curve_id = 1 + + raw_struct = ( + f"{self.__class__.__name__}{{" + + f"{','.join([f'w{i}: {int_to_u2XX(self.elmts[i].value, curve_id=curve_id)}' for i in range(len(self))])}}}" + ) if is_option: raw_struct = f"Option::Some({raw_struct})" if raw: @@ -989,12 +1006,27 @@ def serialize(self, raw: bool = False, is_option: bool = False) -> str: return f"let {self.name} = {raw_struct};\n" def _serialize_to_calldata(self) -> list[int]: - return io.bigint_split_array(self.elmts, prepend_length=False) + bits: int = self.bits + if bits <= 288: + return io.bigint_split_array(self.elmts, n_limbs=3, prepend_length=False) + elif bits <= 384: + return io.bigint_split_array(self.elmts, n_limbs=4, prepend_length=False) + else: + raise ValueError(f"Unsupported bit length for E12D: {bits}") def dump_to_circuit_input(self) -> str: + bits: int = self.elmts[0].p.bit_length() code = "" - for i in range(len(self)): - code += f"circuit_inputs = circuit_inputs.next_2({self.name}.w{i});\n" + if bits <= 288: + for i in range(len(self)): + code += ( + f"circuit_inputs = circuit_inputs.next_u288({self.name}.w{i});\n" + ) + elif bits <= 384: + for i in range(len(self)): + code += f"circuit_inputs = circuit_inputs.next_2({self.name}.w{i});\n" + else: + raise ValueError(f"Unsupported bit length: {bits}") return code def __len__(self) -> int: diff --git a/hydra/garaga/starknet/groth16_contract_generator/generator.py b/hydra/garaga/starknet/groth16_contract_generator/generator.py index 5fbcc2a3..a4d5cb57 100644 --- a/hydra/garaga/starknet/groth16_contract_generator/generator.py +++ b/hydra/garaga/starknet/groth16_contract_generator/generator.py @@ -8,7 +8,7 @@ from garaga.starknet.cli.utils import create_directory from garaga.starknet.groth16_contract_generator.parsing_utils import Groth16VerifyingKey -ECIP_OPS_CLASS_HASH = 0x3B0507836FC39065C529306331041BB8460D6802974F52463AC761E458983E7 +ECIP_OPS_CLASS_HASH = 0x7918F484291EB154E13D0E43BA6403E62DC1F5FBB3A191D868E2E37359F8713 def precompute_lines_from_vk(vk: Groth16VerifyingKey) -> StructArray: @@ -71,9 +71,10 @@ def gen_groth16_verifier( #[starknet::contract] mod Groth16Verifier{curve_id.name} {{ use starknet::SyscallResultTrait; - use garaga::definitions::{{G1Point, G1G2Pair, E12DMulQuotient}}; - use garaga::groth16::{{multi_pairing_check_{curve_id.name.lower()}_3P_2F_with_extra_miller_loop_result, Groth16Proof, MPCheckHint{curve_id.name}}}; + use garaga::definitions::{{G1Point, G1G2Pair}}; + use garaga::groth16::{{multi_pairing_check_{curve_id.name.lower()}_3P_2F_with_extra_miller_loop_result}}; use garaga::ec_ops::{{G1PointTrait, G2PointTrait, ec_safe_add}}; + use garaga::utils::calldata::{{deserialize_full_proof_with_hints_{curve_id.name.lower()}}}; use super::{{N_PUBLIC_INPUTS, vk, ic, precomputed_lines}}; const ECIP_OPS_CLASS_HASH: felt252 = {hex(ecip_class_hash)}; @@ -82,14 +83,6 @@ def gen_groth16_verifier( #[storage] struct Storage {{}} - #[derive(Drop, Serde)] - struct FullProofWithHints {{ - groth16_proof: Groth16Proof, - mpcheck_hint: MPCheckHint{curve_id.name}, - small_Q: E12DMulQuotient, - msm_hint: Array, - }} - #[abi(embed_v0)] impl IGroth16Verifier{curve_id.name} of super::IGroth16Verifier{curve_id.name} {{ fn verify_groth16_proof_{curve_id.name.lower()}( @@ -98,9 +91,7 @@ def gen_groth16_verifier( ) -> bool {{ // DO NOT EDIT THIS FUNCTION UNLESS YOU KNOW WHAT YOU ARE DOING. // ONLY EDIT THE process_public_inputs FUNCTION BELOW. - let mut full_proof_with_hints = full_proof_with_hints; - let fph = Serde::::deserialize(ref full_proof_with_hints) - .expect('unwr_full_proof_with_hints'); + let fph = deserialize_full_proof_with_hints_{curve_id.name.lower()}(full_proof_with_hints); let groth16_proof = fph.groth16_proof; let mpcheck_hint = fph.mpcheck_hint; let small_Q = fph.small_Q; diff --git a/hydra/garaga/starknet/groth16_contract_generator/generator_risc0.py b/hydra/garaga/starknet/groth16_contract_generator/generator_risc0.py index 33c06c9f..26bd8191 100644 --- a/hydra/garaga/starknet/groth16_contract_generator/generator_risc0.py +++ b/hydra/garaga/starknet/groth16_contract_generator/generator_risc0.py @@ -68,10 +68,11 @@ def gen_risc0_groth16_verifier( #[starknet::contract] mod Risc0Groth16Verifier{curve_id.name} {{ use starknet::SyscallResultTrait; - use garaga::definitions::{{G1Point, G1G2Pair, E12DMulQuotient}}; - use garaga::groth16::{{multi_pairing_check_{curve_id.name.lower()}_3P_2F_with_extra_miller_loop_result, Groth16ProofRaw, MPCheckHint{curve_id.name}}}; + use garaga::definitions::{{G1Point, G1G2Pair}}; + use garaga::groth16::{{multi_pairing_check_{curve_id.name.lower()}_3P_2F_with_extra_miller_loop_result}}; use garaga::ec_ops::{{G1PointTrait, G2PointTrait, ec_safe_add}}; use garaga::risc0_utils::compute_receipt_claim; + use garaga::utils::calldata::{{FullProofWithHintsRisc0, deserialize_full_proof_with_hints_risc0}}; use super::{{N_FREE_PUBLIC_INPUTS, vk, ic, precomputed_lines, T}}; const ECIP_OPS_CLASS_HASH: felt252 = {hex(ecip_class_hash)}; @@ -80,17 +81,6 @@ def gen_risc0_groth16_verifier( #[storage] struct Storage {{}} - - #[derive(Serde, Drop)] - struct FullProofWithHints {{ - groth16_proof: Groth16ProofRaw, - image_id: Span, - journal_digest: Span, - mpcheck_hint: MPCheckHintBN254, - small_Q: E12DMulQuotient, - msm_hint: Array, - }} - #[abi(embed_v0)] impl IRisc0Groth16Verifier{curve_id.name} of super::IRisc0Groth16Verifier{curve_id.name} {{ fn verify_groth16_proof_{curve_id.name.lower()}( @@ -99,8 +89,7 @@ def gen_risc0_groth16_verifier( ) -> bool {{ // DO NOT EDIT THIS FUNCTION UNLESS YOU KNOW WHAT YOU ARE DOING. // ONLY EDIT THE process_public_inputs FUNCTION BELOW. - let mut full_proof_with_hints = full_proof_with_hints; - let fph = Serde::::deserialize(ref full_proof_with_hints).unwrap(); + let fph = deserialize_full_proof_with_hints_risc0(full_proof_with_hints); let groth16_proof = fph.groth16_proof; let image_id = fph.image_id; diff --git a/hydra/garaga/starknet/tests_and_calldata_generators/test_writer.py b/hydra/garaga/starknet/tests_and_calldata_generators/test_writer.py index f8f51db8..e7f62432 100644 --- a/hydra/garaga/starknet/tests_and_calldata_generators/test_writer.py +++ b/hydra/garaga/starknet/tests_and_calldata_generators/test_writer.py @@ -67,12 +67,12 @@ def write_all_tests(): multi_pairing_check_bn254_2P_2F, multi_pairing_check_bls12_381_2P_2F, u384, - E12DMulQuotient, MPCheckHintBN254, MPCheckHintBLS12_381, u288, }; use garaga::groth16::{ + E12DMulQuotient, multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result, multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result, }; diff --git a/pyproject.toml b/pyproject.toml index 088da4f3..87f31f86 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "maturin" [project] name = "garaga" -version = "0.13.2.3" +version = "0.13.3" requires-python = ">=3.10,<3.11" dependencies = [ "fastecdsa", diff --git a/src/contracts/groth16_example_bls12_381/src/groth16_verifier.cairo b/src/contracts/groth16_example_bls12_381/src/groth16_verifier.cairo index e45321fa..351d5585 100644 --- a/src/contracts/groth16_example_bls12_381/src/groth16_verifier.cairo +++ b/src/contracts/groth16_example_bls12_381/src/groth16_verifier.cairo @@ -10,29 +10,19 @@ trait IGroth16VerifierBLS12_381 { #[starknet::contract] mod Groth16VerifierBLS12_381 { use starknet::SyscallResultTrait; - use garaga::definitions::{G1Point, G1G2Pair, E12DMulQuotient}; - use garaga::groth16::{ - multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result, Groth16Proof, - MPCheckHintBLS12_381 - }; + use garaga::definitions::{G1Point, G1G2Pair}; + use garaga::groth16::{multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result}; use garaga::ec_ops::{G1PointTrait, G2PointTrait, ec_safe_add}; + use garaga::utils::calldata::{deserialize_full_proof_with_hints_bls12_381}; use super::{N_PUBLIC_INPUTS, vk, ic, precomputed_lines}; const ECIP_OPS_CLASS_HASH: felt252 = - 0x3b0507836fc39065c529306331041bb8460d6802974f52463ac761e458983e7; + 0x7918f484291eb154e13d0e43ba6403e62dc1f5fbb3a191d868e2e37359f8713; use starknet::ContractAddress; #[storage] struct Storage {} - #[derive(Drop, Serde)] - struct FullProofWithHints { - groth16_proof: Groth16Proof, - mpcheck_hint: MPCheckHintBLS12_381, - small_Q: E12DMulQuotient, - msm_hint: Array, - } - #[abi(embed_v0)] impl IGroth16VerifierBLS12_381 of super::IGroth16VerifierBLS12_381 { fn verify_groth16_proof_bls12_381( @@ -40,9 +30,7 @@ mod Groth16VerifierBLS12_381 { ) -> bool { // DO NOT EDIT THIS FUNCTION UNLESS YOU KNOW WHAT YOU ARE DOING. // ONLY EDIT THE process_public_inputs FUNCTION BELOW. - let mut full_proof_with_hints = full_proof_with_hints; - let fph = Serde::::deserialize(ref full_proof_with_hints) - .expect('unwr_full_proof_with_hints'); + let fph = deserialize_full_proof_with_hints_bls12_381(full_proof_with_hints); let groth16_proof = fph.groth16_proof; let mpcheck_hint = fph.mpcheck_hint; let small_Q = fph.small_Q; diff --git a/src/contracts/groth16_example_bn254/src/groth16_verifier.cairo b/src/contracts/groth16_example_bn254/src/groth16_verifier.cairo index ccdf0ffc..c3d3a9b7 100644 --- a/src/contracts/groth16_example_bn254/src/groth16_verifier.cairo +++ b/src/contracts/groth16_example_bn254/src/groth16_verifier.cairo @@ -10,29 +10,19 @@ trait IGroth16VerifierBN254 { #[starknet::contract] mod Groth16VerifierBN254 { use starknet::SyscallResultTrait; - use garaga::definitions::{G1Point, G1G2Pair, E12DMulQuotient}; - use garaga::groth16::{ - multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result, Groth16Proof, - MPCheckHintBN254 - }; + use garaga::definitions::{G1Point, G1G2Pair}; + use garaga::groth16::{multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result}; use garaga::ec_ops::{G1PointTrait, G2PointTrait, ec_safe_add}; + use garaga::utils::calldata::{deserialize_full_proof_with_hints_bn254}; use super::{N_PUBLIC_INPUTS, vk, ic, precomputed_lines}; const ECIP_OPS_CLASS_HASH: felt252 = - 0x3b0507836fc39065c529306331041bb8460d6802974f52463ac761e458983e7; + 0x7918f484291eb154e13d0e43ba6403e62dc1f5fbb3a191d868e2e37359f8713; use starknet::ContractAddress; #[storage] struct Storage {} - #[derive(Drop, Serde)] - struct FullProofWithHints { - groth16_proof: Groth16Proof, - mpcheck_hint: MPCheckHintBN254, - small_Q: E12DMulQuotient, - msm_hint: Array, - } - #[abi(embed_v0)] impl IGroth16VerifierBN254 of super::IGroth16VerifierBN254 { fn verify_groth16_proof_bn254( @@ -40,9 +30,7 @@ mod Groth16VerifierBN254 { ) -> bool { // DO NOT EDIT THIS FUNCTION UNLESS YOU KNOW WHAT YOU ARE DOING. // ONLY EDIT THE process_public_inputs FUNCTION BELOW. - let mut full_proof_with_hints = full_proof_with_hints; - let fph = Serde::::deserialize(ref full_proof_with_hints) - .expect('unwr_full_proof_with_hints'); + let fph = deserialize_full_proof_with_hints_bn254(full_proof_with_hints); let groth16_proof = fph.groth16_proof; let mpcheck_hint = fph.mpcheck_hint; let small_Q = fph.small_Q; diff --git a/src/contracts/risc0_verifier_bn254/src/groth16_verifier.cairo b/src/contracts/risc0_verifier_bn254/src/groth16_verifier.cairo index 147e770c..bf39848a 100644 --- a/src/contracts/risc0_verifier_bn254/src/groth16_verifier.cairo +++ b/src/contracts/risc0_verifier_bn254/src/groth16_verifier.cairo @@ -10,33 +10,20 @@ trait IRisc0Groth16VerifierBN254 { #[starknet::contract] mod Risc0Groth16VerifierBN254 { use starknet::SyscallResultTrait; - use garaga::definitions::{G1Point, G1G2Pair, E12DMulQuotient}; - use garaga::groth16::{ - multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result, Groth16ProofRaw, - MPCheckHintBN254 - }; + use garaga::definitions::{G1Point, G1G2Pair}; + use garaga::groth16::{multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result}; use garaga::ec_ops::{G1PointTrait, G2PointTrait, ec_safe_add}; use garaga::risc0_utils::compute_receipt_claim; + use garaga::utils::calldata::{FullProofWithHintsRisc0, deserialize_full_proof_with_hints_risc0}; use super::{N_FREE_PUBLIC_INPUTS, vk, ic, precomputed_lines, T}; const ECIP_OPS_CLASS_HASH: felt252 = - 0x3b0507836fc39065c529306331041bb8460d6802974f52463ac761e458983e7; + 0x7918f484291eb154e13d0e43ba6403e62dc1f5fbb3a191d868e2e37359f8713; use starknet::ContractAddress; #[storage] struct Storage {} - - #[derive(Serde, Drop)] - struct FullProofWithHints { - groth16_proof: Groth16ProofRaw, - image_id: Span, - journal_digest: Span, - mpcheck_hint: MPCheckHintBN254, - small_Q: E12DMulQuotient, - msm_hint: Array, - } - #[abi(embed_v0)] impl IRisc0Groth16VerifierBN254 of super::IRisc0Groth16VerifierBN254 { fn verify_groth16_proof_bn254( @@ -44,8 +31,7 @@ mod Risc0Groth16VerifierBN254 { ) -> bool { // DO NOT EDIT THIS FUNCTION UNLESS YOU KNOW WHAT YOU ARE DOING. // ONLY EDIT THE process_public_inputs FUNCTION BELOW. - let mut full_proof_with_hints = full_proof_with_hints; - let fph = Serde::::deserialize(ref full_proof_with_hints).unwrap(); + let fph = deserialize_full_proof_with_hints_risc0(full_proof_with_hints); let groth16_proof = fph.groth16_proof; let image_id = fph.image_id; diff --git a/src/src/basic_field_ops.cairo b/src/src/basic_field_ops.cairo index 7da685f9..dca9a1ac 100644 --- a/src/src/basic_field_ops.cairo +++ b/src/src/basic_field_ops.cairo @@ -27,7 +27,7 @@ fn neg_mod_p(a: u384, p: u384) -> u384 { return outputs.get_output(neg); } - +#[inline(always)] fn compute_yInvXnegOverY_BN254(x: u384, y: u384) -> (u384, u384) { let in1 = CircuitElement::> {}; let in2 = CircuitElement::> {}; @@ -53,6 +53,7 @@ fn compute_yInvXnegOverY_BN254(x: u384, y: u384) -> (u384, u384) { return (outputs.get_output(yInv), outputs.get_output(xNegOverY)); } +#[inline(always)] fn compute_yInvXnegOverY_BLS12_381(x: u384, y: u384) -> (u384, u384) { let in1 = CircuitElement::> {}; let in2 = CircuitElement::> {}; diff --git a/src/src/circuits/dummy.cairo b/src/src/circuits/dummy.cairo index 4c8eb829..1d24697a 100644 --- a/src/src/circuits/dummy.cairo +++ b/src/src/circuits/dummy.cairo @@ -14,6 +14,7 @@ use garaga::definitions::{ use garaga::ec_ops::{SlopeInterceptOutput, FunctionFeltEvaluations, FunctionFelt}; use core::option::Option; +#[inline(always)] fn run_DUMMY_circuit(mut input: Array, curve_index: usize) -> Array { // INPUT stack let (in0, in1) = (CE::> {}, CE::> {}); diff --git a/src/src/circuits/ec.cairo b/src/src/circuits/ec.cairo index d270a864..95b81cbb 100644 --- a/src/src/circuits/ec.cairo +++ b/src/src/circuits/ec.cairo @@ -14,6 +14,7 @@ use garaga::definitions::{ use garaga::ec_ops::{SlopeInterceptOutput, FunctionFeltEvaluations, FunctionFelt}; use core::option::Option; +#[inline(always)] fn run_ACC_EVAL_POINT_CHALLENGE_SIGNED_circuit( acc: u384, m: u384, @@ -76,6 +77,7 @@ fn run_ACC_EVAL_POINT_CHALLENGE_SIGNED_circuit( let res_acc: u384 = outputs.get_output(t15); return (res_acc,); } +#[inline(always)] fn run_ACC_FUNCTION_CHALLENGE_DUPL_circuit( f_a0_accs: FunctionFeltEvaluations, f_a1_accs: FunctionFeltEvaluations, @@ -165,6 +167,7 @@ fn run_ACC_FUNCTION_CHALLENGE_DUPL_circuit( let next_xA2_power: u384 = outputs.get_output(t14); return (next_f_a0_accs, next_f_a1_accs, next_xA0_power, next_xA2_power); } +#[inline(always)] fn run_ADD_EC_POINT_circuit(p: G1Point, q: G1Point, curve_index: usize) -> (G1Point,) { // INPUT stack let (in0, in1, in2) = (CE::> {}, CE::> {}, CE::> {}); @@ -199,6 +202,7 @@ fn run_ADD_EC_POINT_circuit(p: G1Point, q: G1Point, curve_index: usize) -> (G1Po let r: G1Point = G1Point { x: outputs.get_output(t6), y: outputs.get_output(t9) }; return (r,); } +#[inline(always)] fn run_DOUBLE_EC_POINT_circuit(p: G1Point, A_weirstrass: u384, curve_index: usize) -> (G1Point,) { // CONSTANT stack let in0 = CE::> {}; // 0x3 @@ -236,6 +240,7 @@ fn run_DOUBLE_EC_POINT_circuit(p: G1Point, A_weirstrass: u384, curve_index: usiz let r: G1Point = G1Point { x: outputs.get_output(t8), y: outputs.get_output(t11) }; return (r,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_10P_circuit( A0: G1Point, A2: G1Point, @@ -502,6 +507,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_10P_circuit( let res: u384 = outputs.get_output(t198); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_1P_circuit( A0: G1Point, A2: G1Point, @@ -612,6 +618,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_1P_circuit( let res: u384 = outputs.get_output(t54); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_2P_circuit( A0: G1Point, A2: G1Point, @@ -739,6 +746,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_2P_circuit( let res: u384 = outputs.get_output(t70); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_3P_circuit( A0: G1Point, A2: G1Point, @@ -884,6 +892,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_3P_circuit( let res: u384 = outputs.get_output(t86); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_4P_circuit( A0: G1Point, A2: G1Point, @@ -1046,6 +1055,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_4P_circuit( let res: u384 = outputs.get_output(t102); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_5P_circuit( A0: G1Point, A2: G1Point, @@ -1225,6 +1235,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_5P_circuit( let res: u384 = outputs.get_output(t118); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_6P_circuit( A0: G1Point, A2: G1Point, @@ -1422,6 +1433,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_6P_circuit( let res: u384 = outputs.get_output(t134); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_7P_circuit( A0: G1Point, A2: G1Point, @@ -1636,6 +1648,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_7P_circuit( let res: u384 = outputs.get_output(t150); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_8P_circuit( A0: G1Point, A2: G1Point, @@ -1867,6 +1880,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_8P_circuit( let res: u384 = outputs.get_output(t166); return (res,); } +#[inline(always)] fn run_EVAL_FN_CHALLENGE_DUPL_9P_circuit( A0: G1Point, A2: G1Point, @@ -2116,6 +2130,7 @@ fn run_EVAL_FN_CHALLENGE_DUPL_9P_circuit( let res: u384 = outputs.get_output(t182); return (res,); } +#[inline(always)] fn run_FINALIZE_FN_CHALLENGE_DUPL_circuit( f_a0_accs: FunctionFeltEvaluations, f_a1_accs: FunctionFeltEvaluations, @@ -2173,6 +2188,7 @@ fn run_FINALIZE_FN_CHALLENGE_DUPL_circuit( let res: u384 = outputs.get_output(t14); return (res,); } +#[inline(always)] fn run_INIT_FN_CHALLENGE_DUPL_11P_circuit( xA0: u384, xA2: u384, SumDlogDiv: FunctionFelt, curve_index: usize ) -> (FunctionFeltEvaluations, FunctionFeltEvaluations, u384, u384) { @@ -2472,6 +2488,7 @@ fn run_INIT_FN_CHALLENGE_DUPL_11P_circuit( let xA2_power: u384 = outputs.get_output(t21); return (A0_evals, A2_evals, xA0_power, xA2_power); } +#[inline(always)] fn run_IS_ON_CURVE_G1_G2_circuit( p: G1Point, q: G2Point, a: u384, b: u384, b20: u384, b21: u384, curve_index: usize ) -> (u384, u384, u384) { @@ -2537,6 +2554,7 @@ fn run_IS_ON_CURVE_G1_G2_circuit( let zero_check_2: u384 = outputs.get_output(t28); return (zero_check_0, zero_check_1, zero_check_2); } +#[inline(always)] fn run_IS_ON_CURVE_G1_circuit(p: G1Point, a: u384, b: u384, curve_index: usize) -> (u384,) { // INPUT stack let (in0, in1, in2) = (CE::> {}, CE::> {}, CE::> {}); @@ -2568,6 +2586,7 @@ fn run_IS_ON_CURVE_G1_circuit(p: G1Point, a: u384, b: u384, curve_index: usize) let zero_check: u384 = outputs.get_output(t6); return (zero_check,); } +#[inline(always)] fn run_IS_ON_CURVE_G2_circuit( p: G2Point, a: u384, b20: u384, b21: u384, curve_index: usize ) -> (u384, u384) { @@ -2623,6 +2642,7 @@ fn run_IS_ON_CURVE_G2_circuit( let zero_check_1: u384 = outputs.get_output(t23); return (zero_check_0, zero_check_1); } +#[inline(always)] fn run_RHS_FINALIZE_ACC_circuit( acc: u384, m: u384, b: u384, xA: u384, Q_result: G1Point, curve_index: usize ) -> (u384,) { @@ -2662,6 +2682,7 @@ fn run_RHS_FINALIZE_ACC_circuit( let rhs: u384 = outputs.get_output(t7); return (rhs,); } +#[inline(always)] fn run_SLOPE_INTERCEPT_SAME_POINT_circuit( p: G1Point, a: u384, curve_index: usize ) -> (SlopeInterceptOutput,) { diff --git a/src/src/circuits/extf_mul.cairo b/src/src/circuits/extf_mul.cairo index 0bdb4521..7c254400 100644 --- a/src/src/circuits/extf_mul.cairo +++ b/src/src/circuits/extf_mul.cairo @@ -14,6 +14,7 @@ use garaga::definitions::{ use garaga::ec_ops::{SlopeInterceptOutput, FunctionFeltEvaluations, FunctionFelt}; use core::option::Option; +#[inline(always)] fn run_BLS12_381_EVAL_E12D_circuit(f: E12D, z: u384) -> (u384,) { // INPUT stack let (in0, in1, in2) = (CE::> {}, CE::> {}, CE::> {}); @@ -78,8 +79,9 @@ fn run_BLS12_381_EVAL_E12D_circuit(f: E12D, z: u384) -> (u384,) { let f_of_z: u384 = outputs.get_output(t21); return (f_of_z,); } +#[inline(always)] fn run_BLS12_381_FP12_MUL_ASSERT_ONE_circuit( - X: E12D, Y: E12D, Q: E12DMulQuotient, z: u384 + X: E12D, Y: E12D, Q: E12DMulQuotient, z: u384 ) -> (u384,) { // CONSTANT stack let in0 = CE::> {}; // 0x2 @@ -249,6 +251,7 @@ fn run_BLS12_381_FP12_MUL_ASSERT_ONE_circuit( let check: u384 = outputs.get_output(t81); return (check,); } +#[inline(always)] fn run_BN254_EVAL_E12D_circuit(f: E12D, z: u384) -> (u384,) { // INPUT stack let (in0, in1, in2) = (CE::> {}, CE::> {}, CE::> {}); @@ -306,8 +309,9 @@ fn run_BN254_EVAL_E12D_circuit(f: E12D, z: u384) -> (u384,) { let f_of_z: u384 = outputs.get_output(t21); return (f_of_z,); } +#[inline(always)] fn run_BN254_FP12_MUL_ASSERT_ONE_circuit( - X: E12D, Y: E12D, Q: E12DMulQuotient, z: u384 + X: E12D, Y: E12D, Q: E12DMulQuotient, z: u384 ) -> (u384,) { // CONSTANT stack let in0 = CE::> {}; // 0x52 @@ -448,17 +452,17 @@ fn run_BN254_FP12_MUL_ASSERT_ONE_circuit( circuit_inputs = circuit_inputs.next_u288(Y.w9); // in24 circuit_inputs = circuit_inputs.next_u288(Y.w10); // in25 circuit_inputs = circuit_inputs.next_u288(Y.w11); // in26 - circuit_inputs = circuit_inputs.next_2(Q.w0); // in27 - circuit_inputs = circuit_inputs.next_2(Q.w1); // in28 - circuit_inputs = circuit_inputs.next_2(Q.w2); // in29 - circuit_inputs = circuit_inputs.next_2(Q.w3); // in30 - circuit_inputs = circuit_inputs.next_2(Q.w4); // in31 - circuit_inputs = circuit_inputs.next_2(Q.w5); // in32 - circuit_inputs = circuit_inputs.next_2(Q.w6); // in33 - circuit_inputs = circuit_inputs.next_2(Q.w7); // in34 - circuit_inputs = circuit_inputs.next_2(Q.w8); // in35 - circuit_inputs = circuit_inputs.next_2(Q.w9); // in36 - circuit_inputs = circuit_inputs.next_2(Q.w10); // in37 + circuit_inputs = circuit_inputs.next_u288(Q.w0); // in27 + circuit_inputs = circuit_inputs.next_u288(Q.w1); // in28 + circuit_inputs = circuit_inputs.next_u288(Q.w2); // in29 + circuit_inputs = circuit_inputs.next_u288(Q.w3); // in30 + circuit_inputs = circuit_inputs.next_u288(Q.w4); // in31 + circuit_inputs = circuit_inputs.next_u288(Q.w5); // in32 + circuit_inputs = circuit_inputs.next_u288(Q.w6); // in33 + circuit_inputs = circuit_inputs.next_u288(Q.w7); // in34 + circuit_inputs = circuit_inputs.next_u288(Q.w8); // in35 + circuit_inputs = circuit_inputs.next_u288(Q.w9); // in36 + circuit_inputs = circuit_inputs.next_u288(Q.w10); // in37 circuit_inputs = circuit_inputs.next_2(z); // in38 let outputs = circuit_inputs.done_2().eval(modulus).unwrap(); diff --git a/src/src/circuits/multi_pairing_check.cairo b/src/src/circuits/multi_pairing_check.cairo index b0acf040..c1376a20 100644 --- a/src/src/circuits/multi_pairing_check.cairo +++ b/src/src/circuits/multi_pairing_check.cairo @@ -14,6 +14,7 @@ use garaga::definitions::{ use garaga::ec_ops::{SlopeInterceptOutput, FunctionFeltEvaluations, FunctionFelt}; use core::option::Option; +#[inline(always)] fn run_BLS12_381_MP_CHECK_BIT00_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -155,6 +156,7 @@ fn run_BLS12_381_MP_CHECK_BIT00_2P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t4); return (lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_BIT00_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -444,6 +446,7 @@ fn run_BLS12_381_MP_CHECK_BIT00_3P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t4); return (Q0, lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_BIT0_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -541,6 +544,7 @@ fn run_BLS12_381_MP_CHECK_BIT0_2P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t4); return (lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_BIT0_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -724,6 +728,7 @@ fn run_BLS12_381_MP_CHECK_BIT0_3P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t4); return (Q0, lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_BIT1_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -865,6 +870,7 @@ fn run_BLS12_381_MP_CHECK_BIT1_2P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t4); return (lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_BIT1_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -1142,6 +1148,7 @@ fn run_BLS12_381_MP_CHECK_BIT1_3P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t4); return (Q0, lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_FINALIZE_BLS_2P_circuit( R_n_minus_1: E12D, c_n_minus_2: u384, @@ -1449,6 +1456,7 @@ fn run_BLS12_381_MP_CHECK_FINALIZE_BLS_2P_circuit( let final_check: u384 = outputs.get_output(t203); return (final_check,); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_FINALIZE_BLS_3P_circuit( R_n_minus_1: E12D, c_n_minus_2: u384, @@ -1812,6 +1820,7 @@ fn run_BLS12_381_MP_CHECK_FINALIZE_BLS_3P_circuit( let final_check: u384 = outputs.get_output(t251); return (final_check,); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_INIT_BIT_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -1945,6 +1954,7 @@ fn run_BLS12_381_MP_CHECK_INIT_BIT_2P_2F_circuit( let new_lhs: u384 = outputs.get_output(t63); return (new_lhs,); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_INIT_BIT_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -2212,6 +2222,7 @@ fn run_BLS12_381_MP_CHECK_INIT_BIT_3P_2F_circuit( let new_lhs: u384 = outputs.get_output(t173); return (Q0, new_lhs); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_PREPARE_LAMBDA_ROOT_circuit( lambda_root_inverse: E12D, z: u384, scaling_factor: MillerLoopResultScalingFactor ) -> (u384, u384, u384) { @@ -2498,6 +2509,7 @@ const MP_CHECK_PREPARE_LAMBDA_ROOT_BLS12_381_CONSTANTS: [ limb3: 0xe9b7238370b26e88c8bb2df } ]; +#[inline(always)] fn run_BLS12_381_MP_CHECK_PREPARE_PAIRS_1P_circuit(p_0: G1Point) -> (BLSProcessedPair,) { // CONSTANT stack let in0 = CE::> {}; // 0x0 @@ -2533,6 +2545,7 @@ fn run_BLS12_381_MP_CHECK_PREPARE_PAIRS_1P_circuit(p_0: G1Point) -> (BLSProcesse }; return (p_0,); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_PREPARE_PAIRS_2P_circuit( p_0: G1Point, p_1: G1Point ) -> (BLSProcessedPair, BLSProcessedPair) { @@ -2579,6 +2592,7 @@ fn run_BLS12_381_MP_CHECK_PREPARE_PAIRS_2P_circuit( }; return (p_0, p_1); } +#[inline(always)] fn run_BLS12_381_MP_CHECK_PREPARE_PAIRS_3P_circuit( p_0: G1Point, p_1: G1Point, p_2: G1Point ) -> (BLSProcessedPair, BLSProcessedPair, BLSProcessedPair) { @@ -2633,6 +2647,7 @@ fn run_BLS12_381_MP_CHECK_PREPARE_PAIRS_3P_circuit( }; return (p_0, p_1, p_2); } +#[inline(always)] fn run_BN254_MP_CHECK_BIT00_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -2788,6 +2803,7 @@ fn run_BN254_MP_CHECK_BIT00_2P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t5); return (lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BN254_MP_CHECK_BIT00_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -3096,6 +3112,7 @@ fn run_BN254_MP_CHECK_BIT00_3P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t5); return (Q0, lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BN254_MP_CHECK_BIT0_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -3201,6 +3218,7 @@ fn run_BN254_MP_CHECK_BIT0_2P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t5); return (lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BN254_MP_CHECK_BIT0_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -3394,6 +3412,7 @@ fn run_BN254_MP_CHECK_BIT0_3P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t5); return (Q0, lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BN254_MP_CHECK_BIT1_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -3549,6 +3568,7 @@ fn run_BN254_MP_CHECK_BIT1_2P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t5); return (lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BN254_MP_CHECK_BIT1_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -3845,6 +3865,7 @@ fn run_BN254_MP_CHECK_BIT1_3P_2F_circuit( let ci_plus_one: u384 = outputs.get_output(t5); return (Q0, lhs_i_plus_one, ci_plus_one); } +#[inline(always)] fn run_BN254_MP_CHECK_FINALIZE_BN_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -4314,6 +4335,7 @@ fn run_BN254_MP_CHECK_FINALIZE_BN_2P_2F_circuit( let final_check: u384 = outputs.get_output(t311); return (final_check,); } +#[inline(always)] fn run_BN254_MP_CHECK_FINALIZE_BN_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -5033,6 +5055,7 @@ const MP_CHECK_FINALIZE_BN_3P_2F_BN254_CONSTANTS: [ limb3: 0x0 } ]; +#[inline(always)] fn run_BN254_MP_CHECK_INIT_BIT_2P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -5138,6 +5161,7 @@ fn run_BN254_MP_CHECK_INIT_BIT_2P_2F_circuit( let c_i: u384 = outputs.get_output(t6); return (new_lhs, c_i); } +#[inline(always)] fn run_BN254_MP_CHECK_INIT_BIT_3P_2F_circuit( yInv_0: u384, xNegOverY_0: u384, @@ -5331,6 +5355,7 @@ fn run_BN254_MP_CHECK_INIT_BIT_3P_2F_circuit( let c_i: u384 = outputs.get_output(t6); return (Q0, new_lhs, c_i); } +#[inline(always)] fn run_BN254_MP_CHECK_PREPARE_LAMBDA_ROOT_circuit( lambda_root: E12D, z: u384, @@ -5974,6 +5999,7 @@ const MP_CHECK_PREPARE_LAMBDA_ROOT_BN254_CONSTANTS: [ limb3: 0x0 } ]; +#[inline(always)] fn run_BN254_MP_CHECK_PREPARE_PAIRS_1P_circuit( p_0: G1Point, Qy0_0: u384, Qy1_0: u384 ) -> (BNProcessedPair,) { @@ -6012,6 +6038,7 @@ fn run_BN254_MP_CHECK_PREPARE_PAIRS_1P_circuit( }; return (p_0,); } +#[inline(always)] fn run_BN254_MP_CHECK_PREPARE_PAIRS_2P_circuit( p_0: G1Point, Qy0_0: u384, Qy1_0: u384, p_1: G1Point, Qy0_1: u384, Qy1_1: u384 ) -> (BNProcessedPair, BNProcessedPair) { @@ -6066,6 +6093,7 @@ fn run_BN254_MP_CHECK_PREPARE_PAIRS_2P_circuit( }; return (p_0, p_1); } +#[inline(always)] fn run_BN254_MP_CHECK_PREPARE_PAIRS_3P_circuit( p_0: G1Point, Qy0_0: u384, diff --git a/src/src/core/circuit.cairo b/src/src/core/circuit.cairo index 8aeca03c..7e29c997 100644 --- a/src/src/core/circuit.cairo +++ b/src/src/core/circuit.cairo @@ -22,6 +22,7 @@ pub impl AddInputResultImpl2 of AddInputResultTrait2 { AddInputResult::Done(_) => panic_with_felt252('All inputs have been filled'), } } + #[inline(always)] fn next_u288(self: AddInputResult, value: u288) -> AddInputResult { let c = match self { AddInputResult::More(accumulator) => add_circuit_input( diff --git a/src/src/definitions.cairo b/src/src/definitions.cairo index 43a15fc8..0d80087a 100644 --- a/src/src/definitions.cairo +++ b/src/src/definitions.cairo @@ -565,18 +565,18 @@ struct MillerLoopResultScalingFactor { w10: T, } #[derive(Copy, Drop, Debug, PartialEq, Serde)] -struct E12DMulQuotient { - w0: u384, - w1: u384, - w2: u384, - w3: u384, - w4: u384, - w5: u384, - w6: u384, - w7: u384, - w8: u384, - w9: u384, - w10: u384, +struct E12DMulQuotient { + w0: T, + w1: T, + w2: T, + w3: T, + w4: T, + w5: T, + w6: T, + w7: T, + w8: T, + w9: T, + w10: T, } diff --git a/src/src/ec_ops.cairo b/src/src/ec_ops.cairo index 795b6cef..26322051 100644 --- a/src/src/ec_ops.cairo +++ b/src/src/ec_ops.cairo @@ -121,6 +121,7 @@ struct DerivePointFromXOutput { should_be_rhs_or_g_rhs: u384, } +#[inline(always)] fn get_DERIVE_POINT_FROM_X_circuit( x: u384, sqrt_rhs_or_g_rhs: u384, curve_index: usize ) -> DerivePointFromXOutput { @@ -589,6 +590,7 @@ fn zk_ecip_check( u384_assert_eq(lhs, rhs); } +#[inline(always)] fn compute_lhs_ecip( sum_dlog_div: FunctionFelt, A0: G1Point, @@ -677,7 +679,7 @@ fn compute_lhs_ecip( return res; } - +#[inline(always)] fn compute_rhs_ecip( mut points: Span, m_A0: u384, diff --git a/src/src/groth16.cairo b/src/src/groth16.cairo index 85669393..96f78e3f 100644 --- a/src/src/groth16.cairo +++ b/src/src/groth16.cairo @@ -97,16 +97,16 @@ fn verify_groth16_bn254( mut lines: Span>, ic: Span, public_inputs_digits_decompositions: Option, Span)>>, - public_inputs_msm_hint: Box, - public_inputs_msm_derive_point_from_x_hint: Box, - mpcheck_hint: Box, - small_Q: Box + public_inputs_msm_hint: MSMHint, + public_inputs_msm_derive_point_from_x_hint: DerivePointFromXHint, + mpcheck_hint: MPCheckHintBN254, + small_Q: E12DMulQuotient ) -> bool { let vk_x: G1Point = msm_g1( public_inputs_digits_decompositions, - public_inputs_msm_hint.unbox(), - public_inputs_msm_derive_point_from_x_hint.unbox(), - ic, + public_inputs_msm_hint, + public_inputs_msm_derive_point_from_x_hint, + ic.slice(1, ic.len() - 1), proof.public_inputs, 0 ); @@ -121,8 +121,8 @@ fn verify_groth16_bn254( G1G2Pair { p: proof.a, q: proof.b }, verification_key.alpha_beta_miller_loop_result, lines, - mpcheck_hint.unbox(), - small_Q.unbox() + mpcheck_hint, + small_Q ); } @@ -147,16 +147,16 @@ fn verify_groth16_bls12_381( mut lines: Span>, ic: Span, public_inputs_digits_decompositions: Option, Span)>>, - public_inputs_msm_hint: Box, - public_inputs_msm_derive_point_from_x_hint: Box, - mpcheck_hint: Box, - small_Q: Box + public_inputs_msm_hint: MSMHint, + public_inputs_msm_derive_point_from_x_hint: DerivePointFromXHint, + mpcheck_hint: MPCheckHintBLS12_381, + small_Q: E12DMulQuotient ) -> bool { let vk_x: G1Point = msm_g1( public_inputs_digits_decompositions, - public_inputs_msm_hint.unbox(), - public_inputs_msm_derive_point_from_x_hint.unbox(), - ic, + public_inputs_msm_hint, + public_inputs_msm_derive_point_from_x_hint, + ic.slice(1, ic.len() - 1), proof.public_inputs, 1 ); @@ -171,8 +171,8 @@ fn verify_groth16_bls12_381( G1G2Pair { p: proof.a, q: proof.b }, verification_key.alpha_beta_miller_loop_result, lines, - mpcheck_hint.unbox(), - small_Q.unbox() + mpcheck_hint, + small_Q ); } @@ -223,6 +223,7 @@ fn verify_groth16_bls12_381( // And finally verify that // Σᵢ cᵢ * (fᵢ₋₁(z))² * Πⱼ (Lᵢⱼ(z)) = big_Q(z) * P_irr(z) + Σᵢ cᵢ * fᵢ(z), // reusing fᵢ(z) evaluations in the next step. +#[inline] fn multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result( pair0: G1G2Pair, pair1: G1G2Pair, @@ -230,7 +231,7 @@ fn multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result( precomputed_miller_loop_result: E12D, mut lines: Span>, mpcheck_hint: MPCheckHintBN254, - small_Q: E12DMulQuotient + small_Q: E12DMulQuotient ) -> bool { usize_assert_eq(mpcheck_hint.big_Q.len(), 114); usize_assert_eq(mpcheck_hint.Ris.len(), 52); @@ -430,7 +431,7 @@ fn multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result( // Use precomputed miller loop result & check f * M = 1 let (s0, s1, s2) = hashing::hash_E12D_u288(precomputed_miller_loop_result, s0, s1, s2); - let (z, _, _) = hashing::hash_E12DMulQuotient(small_Q, s0, s1, s2); + let (z, _, _) = hashing::hash_E12DMulQuotient_u288(small_Q, s0, s1, s2); let (check) = run_BN254_FP12_MUL_ASSERT_ONE_circuit( *R_last, precomputed_miller_loop_result, small_Q, z.into() ); @@ -484,6 +485,7 @@ fn multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result( // And finally verify that // Σᵢ cᵢ * (fᵢ₋₁(z))² * Πⱼ (Lᵢⱼ(z)) = big_Q(z) * P_irr(z) + Σᵢ cᵢ * fᵢ(z), // reusing fᵢ(z) evaluations in the next step. +#[inline] fn multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result( pair0: G1G2Pair, pair1: G1G2Pair, @@ -491,7 +493,7 @@ fn multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result( precomputed_miller_loop_result: E12D, mut lines: Span>, hint: MPCheckHintBLS12_381, - small_Q: E12DMulQuotient + small_Q: E12DMulQuotient ) -> bool { assert!( hint.big_Q.len() == 105, @@ -641,7 +643,7 @@ fn multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result( // Use precomputed miller loop result & check conj(f) * M = 1 let f_conjugate = conjugate_e12D(*R_last, 1); let (s0, s1, s2) = hashing::hash_E12D_u384(precomputed_miller_loop_result, s0, s1, s2); - let (z, _, _) = hashing::hash_E12DMulQuotient(small_Q, s0, s1, s2); + let (z, _, _) = hashing::hash_E12DMulQuotient_u384(small_Q, s0, s1, s2); let (check) = run_BLS12_381_FP12_MUL_ASSERT_ONE_circuit( f_conjugate, precomputed_miller_loop_result, small_Q, z.into() ); diff --git a/src/src/pairing_check.cairo b/src/src/pairing_check.cairo index b7fae0dc..15deab41 100644 --- a/src/src/pairing_check.cairo +++ b/src/src/pairing_check.cairo @@ -26,7 +26,7 @@ use core::poseidon::hades_permutation; use garaga::definitions::{ G1Point, G2Point, G1G2Pair, u384, u288, bn_bits, bls_bits, MillerLoopResultScalingFactor, E12D, - E12DMulQuotient, BNProcessedPair, BLSProcessedPair, G2Line, u384Serde, u288Serde + BNProcessedPair, BLSProcessedPair, G2Line, u384Serde, u288Serde }; use core::option::Option; use core::num::traits::One; diff --git a/src/src/tests/pairing_tests.cairo b/src/src/tests/pairing_tests.cairo index 2a582fb5..e80c0e32 100644 --- a/src/src/tests/pairing_tests.cairo +++ b/src/src/tests/pairing_tests.cairo @@ -2,11 +2,11 @@ mod pairing_tests { use garaga::pairing_check::{ G1G2Pair, G1Point, G2Point, G2Line, E12D, MillerLoopResultScalingFactor, - multi_pairing_check_bn254_2P_2F, multi_pairing_check_bls12_381_2P_2F, u384, E12DMulQuotient, + multi_pairing_check_bn254_2P_2F, multi_pairing_check_bls12_381_2P_2F, u384, MPCheckHintBN254, MPCheckHintBLS12_381, u288, }; use garaga::groth16::{ - multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result, + E12DMulQuotient, multi_pairing_check_bn254_3P_2F_with_extra_miller_loop_result, multi_pairing_check_bls12_381_3P_2F_with_extra_miller_loop_result, }; @@ -15725,71 +15725,60 @@ mod pairing_tests { ], }; let small_Q = E12DMulQuotient { - w0: u384 { + w0: u288 { limb0: 0xe473ccf730ef78aaed68b4a3, limb1: 0x973b5d4ba021cb6dc0e9341b, - limb2: 0x2fbb7518e31c5bfe, - limb3: 0x0 + limb2: 0x2fbb7518e31c5bfe }, - w1: u384 { + w1: u288 { limb0: 0x794f4331e074a23b7ae81f13, limb1: 0xc830c9ec04e2cac09080f702, - limb2: 0x118c891b7840595c, - limb3: 0x0 + limb2: 0x118c891b7840595c }, - w2: u384 { + w2: u288 { limb0: 0x386a152366fd40c5c7fa2e65, limb1: 0x41dd378fe64e2f436db6b961, - limb2: 0x1bbf3e3062fbf406, - limb3: 0x0 + limb2: 0x1bbf3e3062fbf406 }, - w3: u384 { + w3: u288 { limb0: 0xf6aa12afbe7d19ec3a31e001, limb1: 0xb4179ff03296d1cf253d6763, - limb2: 0x2244d60373db1796, - limb3: 0x0 + limb2: 0x2244d60373db1796 }, - w4: u384 { + w4: u288 { limb0: 0x21074e7bbe81fa91624edad5, limb1: 0x6e0223e579579bea589a55fd, - limb2: 0x13dd8935391ddf7c, - limb3: 0x0 + limb2: 0x13dd8935391ddf7c }, - w5: u384 { + w5: u288 { limb0: 0x68f0660c8ea848f279bcc415, limb1: 0x958d1f4ff92af6abe44098db, - limb2: 0x11b65045d37b9ab1, - limb3: 0x0 + limb2: 0x11b65045d37b9ab1 }, - w6: u384 { + w6: u288 { limb0: 0xa89a777f14567f39241ce533, limb1: 0xf7d9e0c67ac9cedc55bbedcf, - limb2: 0x2238d7db55a99ed8, - limb3: 0x0 + limb2: 0x2238d7db55a99ed8 }, - w7: u384 { + w7: u288 { limb0: 0x147370f088c042fffb206072, limb1: 0xbfd868f166167759912b0210, - limb2: 0x5fa8b7b0cda5beb, - limb3: 0x0 + limb2: 0x5fa8b7b0cda5beb }, - w8: u384 { + w8: u288 { limb0: 0x3742653fa4660da21ce89a96, limb1: 0x7c9943c94b69e03938e8d33f, - limb2: 0x2dc365febcad4667, - limb3: 0x0 + limb2: 0x2dc365febcad4667 }, - w9: u384 { + w9: u288 { limb0: 0x7d4aabcbc177046adb0204b5, limb1: 0xf504f1195380bd5e0eeb0bd2, - limb2: 0x3036b8d7dbb58275, - limb3: 0x0 + limb2: 0x3036b8d7dbb58275 }, - w10: u384 { + w10: u288 { limb0: 0x447b80334b0768ce46df7f30, limb1: 0xbce5689479bacb588c249d32, - limb2: 0x231f7de5c5cbc37, - limb3: 0x0 + limb2: 0x231f7de5c5cbc37 } }; diff --git a/src/src/utils.cairo b/src/src/utils.cairo index e485a9e7..f115035b 100644 --- a/src/src/utils.cairo +++ b/src/src/utils.cairo @@ -1,6 +1,6 @@ pub mod neg_3; pub mod hashing; - +pub mod calldata; use core::circuit::{u384, u96}; diff --git a/src/src/utils/calldata.cairo b/src/src/utils/calldata.cairo new file mode 100644 index 00000000..3d001ee3 --- /dev/null +++ b/src/src/utils/calldata.cairo @@ -0,0 +1,1160 @@ +use garaga::groth16::{Groth16Proof, Groth16ProofRaw, MPCheckHintBN254, MPCheckHintBLS12_381}; +use garaga::definitions::{ + G1Point, G2Point, E12DMulQuotient, u384, u288, E12D, MillerLoopResultScalingFactor +}; + + +#[derive(Drop, Serde)] +struct FullProofWithHintsBN254 { + groth16_proof: Groth16Proof, + mpcheck_hint: MPCheckHintBN254, + small_Q: E12DMulQuotient, + msm_hint: Array, +} + +#[derive(Drop, Serde)] +struct FullProofWithHintsBLS12_381 { + groth16_proof: Groth16Proof, + mpcheck_hint: MPCheckHintBLS12_381, + small_Q: E12DMulQuotient, + msm_hint: Array, +} + +#[derive(Serde, Drop)] +struct FullProofWithHintsRisc0 { + groth16_proof: Groth16ProofRaw, + image_id: Span, + journal_digest: Span, + mpcheck_hint: MPCheckHintBN254, + small_Q: E12DMulQuotient, + msm_hint: Array, +} + +const U288_N_LIMBS: usize = 3; +const U384_N_LIMBS: usize = 4; + +extern fn downcast(x: felt252) -> Option implicits(RangeCheck) nopanic; + +#[inline(always)] +fn downcast_u288(l0: felt252, l1: felt252, l2: felt252) -> u288 { + u288 { + limb0: downcast(l0).unwrap(), limb1: downcast(l1).unwrap(), limb2: downcast(l2).unwrap(), + } +} +#[inline(always)] +fn downcast_u384(l0: felt252, l1: felt252, l2: felt252, l3: felt252) -> u384 { + u384 { + limb0: downcast(l0).unwrap(), + limb1: downcast(l1).unwrap(), + limb2: downcast(l2).unwrap(), + limb3: downcast(l3).unwrap(), + } +} + + +fn deserialize_full_proof_with_hints_risc0( + mut serialized: Span +) -> FullProofWithHintsRisc0 { + let [ + a_x_l0, + a_x_l1, + a_x_l2, + a_x_l3, + a_y_l0, + a_y_l1, + a_y_l2, + a_y_l3, + b_x0_l0, + b_x0_l1, + b_x0_l2, + b_x0_l3, + b_x1_l0, + b_x1_l1, + b_x1_l2, + b_x1_l3, + b_y0_l0, + b_y0_l1, + b_y0_l2, + b_y0_l3, + b_y1_l0, + b_y1_l1, + b_y1_l2, + b_y1_l3, + c_x_l0, + c_x_l1, + c_x_l2, + c_x_l3, + c_y_l0, + c_y_l1, + c_y_l2, + c_y_l3, + ] = + (*serialized + .multi_pop_front::<32>() + .unwrap()) + .unbox(); + + let a = G1Point { + x: downcast_u384(a_x_l0, a_x_l1, a_x_l2, a_x_l3), + y: downcast_u384(a_y_l0, a_y_l1, a_y_l2, a_y_l3), + }; + + let b = G2Point { + x0: downcast_u384(b_x0_l0, b_x0_l1, b_x0_l2, b_x0_l3), + x1: downcast_u384(b_x1_l0, b_x1_l1, b_x1_l2, b_x1_l3), + y0: downcast_u384(b_y0_l0, b_y0_l1, b_y0_l2, b_y0_l3), + y1: downcast_u384(b_y1_l0, b_y1_l1, b_y1_l2, b_y1_l3), + }; + let c = G1Point { + x: downcast_u384(c_x_l0, c_x_l1, c_x_l2, c_x_l3), + y: downcast_u384(c_y_l0, c_y_l1, c_y_l2, c_y_l3), + }; + + let n_image_id: u32 = (*serialized.pop_front().unwrap()).try_into().unwrap(); + let mut image_id: Array = array![]; + for _ in 0 + ..n_image_id { + image_id.append((*serialized.pop_front().unwrap()).try_into().unwrap()); + }; + + let n_journal_digest: u32 = (*serialized.pop_front().unwrap()).try_into().unwrap(); + let mut journal_digest: Array = array![]; + for _ in 0 + ..n_journal_digest { + journal_digest.append((*serialized.pop_front().unwrap()).try_into().unwrap()); + }; + + let groth16_proof = Groth16ProofRaw { a: a, b: b, c: c }; + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + w11l0, + w11l1, + w11l2, + ] = + (*serialized + .multi_pop_front::<36>() + .unwrap()) + .unbox(); + + let lambda_root = E12D { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + w11: downcast_u288(w11l0, w11l1, w11l2), + }; + + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + w11l0, + w11l1, + w11l2, + ] = + (*serialized + .multi_pop_front::<36>() + .unwrap()) + .unbox(); + + // full_len -= 36; + // assert(full_len == serialized.len(), 'E'); + + let lambda_root_inverse = E12D { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + w11: downcast_u288(w11l0, w11l1, w11l2), + }; + + let [ + w0_l0, + w0_l1, + w0_l2, + w2_l0, + w2_l1, + w2_l2, + w4_l0, + w4_l1, + w4_l2, + w6_l0, + w6_l1, + w6_l2, + w8_l0, + w8_l1, + w8_l2, + w10_l0, + w10_l1, + w10_l2 + ] = + (*serialized + .multi_pop_front::<18>() + .unwrap()) + .unbox(); + + // full_len -= 18; + // assert(full_len == serialized.len(), 'F'); + + let w = MillerLoopResultScalingFactor { + w0: downcast_u288(w0_l0, w0_l1, w0_l2), + w2: downcast_u288(w2_l0, w2_l1, w2_l2), + w4: downcast_u288(w4_l0, w4_l1, w4_l2), + w6: downcast_u288(w6_l0, w6_l1, w6_l2), + w8: downcast_u288(w8_l0, w8_l1, w8_l2), + w10: downcast_u288(w10_l0, w10_l1, w10_l2), + }; + // usize_assert_eq(mpcheck_hint.Ris.len(), 52); + // 52 * 12 * 3 = 1872 + let mut ris_slice = serialized.slice(1, 1872); + // println!("ris_slice.len(): {}", ris_slice.len()); + + let end = serialized.len(); + let serialized = serialized.slice(1873, end - 1872 - 1); + // println!("serialized.len(): {}", serialized.len()); + let mut Ris = array![]; + while let Option::Some(ri) = ris_slice.multi_pop_front::<36>() { + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + w11l0, + w11l1, + w11l2, + ] = + (*ri) + .unbox(); + Ris + .append( + E12D { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + w11: downcast_u288(w11l0, w11l1, w11l2), + } + ) + }; + // usize_assert_eq(mpcheck_hint.big_Q.len(), 114); + let mut big_q_slice = serialized.slice(1, 114 * 3); + let mut serialized = serialized.slice(114 * 3 + 1, serialized.len() - 114 * 3 - 1); + + let mut big_q = array![]; + while let Option::Some(q) = big_q_slice.multi_pop_front::<3>() { + let [l0, l1, l2] = (*q).unbox(); + big_q.append(downcast_u288(l0, l1, l2)) + }; + + let mpcheck_hint = MPCheckHintBN254 { + lambda_root: lambda_root, + lambda_root_inverse: lambda_root_inverse, + w: w, + Ris: Ris.span(), + big_Q: big_q, + }; + + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + ] = + (*serialized + .multi_pop_front::<33>() + .unwrap()) + .unbox(); + + let small_Q = E12DMulQuotient { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + }; + + // let msm_hint = *serialized.snapshot; + let mut msm_hint = array![]; + serialized.pop_front().unwrap(); // skip len. + for x in serialized { + msm_hint.append(*x); + }; + return FullProofWithHintsRisc0 { + groth16_proof: groth16_proof, + image_id: image_id.span(), + journal_digest: journal_digest.span(), + mpcheck_hint: mpcheck_hint, + small_Q: small_Q, + msm_hint: msm_hint + }; +} + +fn deserialize_full_proof_with_hints_bn254( + mut serialized: Span +) -> FullProofWithHintsBN254 { + let [ + a_x_l0, + a_x_l1, + a_x_l2, + a_x_l3, + a_y_l0, + a_y_l1, + a_y_l2, + a_y_l3, + b_x0_l0, + b_x0_l1, + b_x0_l2, + b_x0_l3, + b_x1_l0, + b_x1_l1, + b_x1_l2, + b_x1_l3, + b_y0_l0, + b_y0_l1, + b_y0_l2, + b_y0_l3, + b_y1_l0, + b_y1_l1, + b_y1_l2, + b_y1_l3, + c_x_l0, + c_x_l1, + c_x_l2, + c_x_l3, + c_y_l0, + c_y_l1, + c_y_l2, + c_y_l3, + ] = + (*serialized + .multi_pop_front::<32>() + .unwrap()) + .unbox(); + + let a = G1Point { + x: downcast_u384(a_x_l0, a_x_l1, a_x_l2, a_x_l3), + y: downcast_u384(a_y_l0, a_y_l1, a_y_l2, a_y_l3), + }; + + let b = G2Point { + x0: downcast_u384(b_x0_l0, b_x0_l1, b_x0_l2, b_x0_l3), + x1: downcast_u384(b_x1_l0, b_x1_l1, b_x1_l2, b_x1_l3), + y0: downcast_u384(b_y0_l0, b_y0_l1, b_y0_l2, b_y0_l3), + y1: downcast_u384(b_y1_l0, b_y1_l1, b_y1_l2, b_y1_l3), + }; + let c = G1Point { + x: downcast_u384(c_x_l0, c_x_l1, c_x_l2, c_x_l3), + y: downcast_u384(c_y_l0, c_y_l1, c_y_l2, c_y_l3), + }; + + let n_public_inputs: u32 = (*serialized.pop_front().unwrap()).try_into().unwrap(); + let mut public_inputs = array![]; + for _ in 0 + ..n_public_inputs { + public_inputs + .append( + u256 { + low: (*serialized.pop_front().unwrap()).try_into().unwrap(), + high: (*serialized.pop_front().unwrap()).try_into().unwrap() + } + ); + }; + + let groth16_proof = Groth16Proof { a: a, b: b, c: c, public_inputs: public_inputs.span() }; + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + w11l0, + w11l1, + w11l2, + ] = + (*serialized + .multi_pop_front::<36>() + .unwrap()) + .unbox(); + + let lambda_root = E12D { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + w11: downcast_u288(w11l0, w11l1, w11l2), + }; + + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + w11l0, + w11l1, + w11l2, + ] = + (*serialized + .multi_pop_front::<36>() + .unwrap()) + .unbox(); + + let lambda_root_inverse = E12D { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + w11: downcast_u288(w11l0, w11l1, w11l2), + }; + + let [ + w0_l0, + w0_l1, + w0_l2, + w2_l0, + w2_l1, + w2_l2, + w4_l0, + w4_l1, + w4_l2, + w6_l0, + w6_l1, + w6_l2, + w8_l0, + w8_l1, + w8_l2, + w10_l0, + w10_l1, + w10_l2 + ] = + (*serialized + .multi_pop_front::<18>() + .unwrap()) + .unbox(); + + // full_len -= 18; + // assert(full_len == serialized.len(), 'F'); + + let w = MillerLoopResultScalingFactor { + w0: downcast_u288(w0_l0, w0_l1, w0_l2), + w2: downcast_u288(w2_l0, w2_l1, w2_l2), + w4: downcast_u288(w4_l0, w4_l1, w4_l2), + w6: downcast_u288(w6_l0, w6_l1, w6_l2), + w8: downcast_u288(w8_l0, w8_l1, w8_l2), + w10: downcast_u288(w10_l0, w10_l1, w10_l2), + }; + // usize_assert_eq(mpcheck_hint.Ris.len(), 52); + // 52 * 12 * 3 = 1872 + let mut ris_slice = serialized.slice(1, 1872); + // println!("ris_slice.len(): {}", ris_slice.len()); + + let end = serialized.len(); + let serialized = serialized.slice(1873, end - 1872 - 1); + // println!("serialized.len(): {}", serialized.len()); + let mut Ris = array![]; + while let Option::Some(ri) = ris_slice.multi_pop_front::<36>() { + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + w11l0, + w11l1, + w11l2, + ] = + (*ri) + .unbox(); + Ris + .append( + E12D { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + w11: downcast_u288(w11l0, w11l1, w11l2), + } + ) + }; + // usize_assert_eq(mpcheck_hint.big_Q.len(), 114); + let mut big_q_slice = serialized.slice(1, 114 * 3); + let mut serialized = serialized.slice(114 * 3 + 1, serialized.len() - 114 * 3 - 1); + + let mut big_q = array![]; + while let Option::Some(q) = big_q_slice.multi_pop_front::<3>() { + let [l0, l1, l2] = (*q).unbox(); + big_q.append(downcast_u288(l0, l1, l2)) + }; + + let mpcheck_hint = MPCheckHintBN254 { + lambda_root: lambda_root, + lambda_root_inverse: lambda_root_inverse, + w: w, + Ris: Ris.span(), + big_Q: big_q, + }; + + let [ + w0l0, + w0l1, + w0l2, + w1l0, + w1l1, + w1l2, + w2l0, + w2l1, + w2l2, + w3l0, + w3l1, + w3l2, + w4l0, + w4l1, + w4l2, + w5l0, + w5l1, + w5l2, + w6l0, + w6l1, + w6l2, + w7l0, + w7l1, + w7l2, + w8l0, + w8l1, + w8l2, + w9l0, + w9l1, + w9l2, + w10l0, + w10l1, + w10l2, + ] = + (*serialized + .multi_pop_front::<33>() + .unwrap()) + .unbox(); + + let small_Q = E12DMulQuotient { + w0: downcast_u288(w0l0, w0l1, w0l2), + w1: downcast_u288(w1l0, w1l1, w1l2), + w2: downcast_u288(w2l0, w2l1, w2l2), + w3: downcast_u288(w3l0, w3l1, w3l2), + w4: downcast_u288(w4l0, w4l1, w4l2), + w5: downcast_u288(w5l0, w5l1, w5l2), + w6: downcast_u288(w6l0, w6l1, w6l2), + w7: downcast_u288(w7l0, w7l1, w7l2), + w8: downcast_u288(w8l0, w8l1, w8l2), + w9: downcast_u288(w9l0, w9l1, w9l2), + w10: downcast_u288(w10l0, w10l1, w10l2), + }; + + // let msm_hint = *serialized.snapshot; + let mut msm_hint = array![]; + serialized.pop_front().unwrap(); // skip len. + for x in serialized { + msm_hint.append(*x); + }; + return FullProofWithHintsBN254 { groth16_proof, mpcheck_hint, small_Q, msm_hint, }; +} + +fn deserialize_full_proof_with_hints_bls12_381( + mut serialized: Span +) -> FullProofWithHintsBLS12_381 { + let [ + a_x_l0, + a_x_l1, + a_x_l2, + a_x_l3, + a_y_l0, + a_y_l1, + a_y_l2, + a_y_l3, + b_x0_l0, + b_x0_l1, + b_x0_l2, + b_x0_l3, + b_x1_l0, + b_x1_l1, + b_x1_l2, + b_x1_l3, + b_y0_l0, + b_y0_l1, + b_y0_l2, + b_y0_l3, + b_y1_l0, + b_y1_l1, + b_y1_l2, + b_y1_l3, + c_x_l0, + c_x_l1, + c_x_l2, + c_x_l3, + c_y_l0, + c_y_l1, + c_y_l2, + c_y_l3, + ] = + (*serialized + .multi_pop_front::<32>() + .unwrap()) + .unbox(); + + let a = G1Point { + x: downcast_u384(a_x_l0, a_x_l1, a_x_l2, a_x_l3), + y: downcast_u384(a_y_l0, a_y_l1, a_y_l2, a_y_l3), + }; + + let b = G2Point { + x0: downcast_u384(b_x0_l0, b_x0_l1, b_x0_l2, b_x0_l3), + x1: downcast_u384(b_x1_l0, b_x1_l1, b_x1_l2, b_x1_l3), + y0: downcast_u384(b_y0_l0, b_y0_l1, b_y0_l2, b_y0_l3), + y1: downcast_u384(b_y1_l0, b_y1_l1, b_y1_l2, b_y1_l3), + }; + let c = G1Point { + x: downcast_u384(c_x_l0, c_x_l1, c_x_l2, c_x_l3), + y: downcast_u384(c_y_l0, c_y_l1, c_y_l2, c_y_l3), + }; + + let n_public_inputs: u32 = (*serialized.pop_front().unwrap()).try_into().unwrap(); + let mut public_inputs = array![]; + for _ in 0 + ..n_public_inputs { + public_inputs + .append( + u256 { + low: (*serialized.pop_front().unwrap()).try_into().unwrap(), + high: (*serialized.pop_front().unwrap()).try_into().unwrap() + } + ); + }; + + // full_len -= (1 + 2 * n_public_inputs); + // assert(full_len == serialized.len(), 'C'); + + let groth16_proof = Groth16Proof { a: a, b: b, c: c, public_inputs: public_inputs.span() }; + let [ + w0l0, + w0l1, + w0l2, + w0l3, + w1l0, + w1l1, + w1l2, + w1l3, + w2l0, + w2l1, + w2l2, + w2l3, + w3l0, + w3l1, + w3l2, + w3l3, + w4l0, + w4l1, + w4l2, + w4l3, + w5l0, + w5l1, + w5l2, + w5l3, + w6l0, + w6l1, + w6l2, + w6l3, + w7l0, + w7l1, + w7l2, + w7l3, + w8l0, + w8l1, + w8l2, + w8l3, + w9l0, + w9l1, + w9l2, + w9l3, + w10l0, + w10l1, + w10l2, + w10l3, + w11l0, + w11l1, + w11l2, + w11l3, + ] = + (*serialized + .multi_pop_front::<48>() + .unwrap()) + .unbox(); + + let lambda_root_inverse = E12D { + w0: downcast_u384(w0l0, w0l1, w0l2, w0l3), + w1: downcast_u384(w1l0, w1l1, w1l2, w1l3), + w2: downcast_u384(w2l0, w2l1, w2l2, w2l3), + w3: downcast_u384(w3l0, w3l1, w3l2, w3l3), + w4: downcast_u384(w4l0, w4l1, w4l2, w4l3), + w5: downcast_u384(w5l0, w5l1, w5l2, w5l3), + w6: downcast_u384(w6l0, w6l1, w6l2, w6l3), + w7: downcast_u384(w7l0, w7l1, w7l2, w7l3), + w8: downcast_u384(w8l0, w8l1, w8l2, w8l3), + w9: downcast_u384(w9l0, w9l1, w9l2, w9l3), + w10: downcast_u384(w10l0, w10l1, w10l2, w10l3), + w11: downcast_u384(w11l0, w11l1, w11l2, w11l3), + }; + + let [ + w0_l0, + w0_l1, + w0_l2, + w0_l3, + w2_l0, + w2_l1, + w2_l2, + w2_l3, + w4_l0, + w4_l1, + w4_l2, + w4_l3, + w6_l0, + w6_l1, + w6_l2, + w6_l3, + w8_l0, + w8_l1, + w8_l2, + w8_l3, + w10_l0, + w10_l1, + w10_l2, + w10_l3, + ] = + (*serialized + .multi_pop_front::<24>() + .unwrap()) + .unbox(); + + let w = MillerLoopResultScalingFactor { + w0: downcast_u384(w0_l0, w0_l1, w0_l2, w0_l3), + w2: downcast_u384(w2_l0, w2_l1, w2_l2, w2_l3), + w4: downcast_u384(w4_l0, w4_l1, w4_l2, w4_l3), + w6: downcast_u384(w6_l0, w6_l1, w6_l2, w6_l3), + w8: downcast_u384(w8_l0, w8_l1, w8_l2, w8_l3), + w10: downcast_u384(w10_l0, w10_l1, w10_l2, w10_l3), + }; + // assert!(hint.Ris.len() == 36, "Wrong Number of Ris for BLS12-381 3-Pairs Paring check"); + // 36 * 12 * 4 = 1728 + let mut ris_slice = serialized.slice(1, 1728); + + let end = serialized.len(); + let serialized = serialized.slice(1729, end - 1728 - 1); + let mut Ris = array![]; + while let Option::Some(ri) = ris_slice.multi_pop_front::<48>() { + let [ + w0l0, + w0l1, + w0l2, + w0l3, + w1l0, + w1l1, + w1l2, + w1l3, + w2l0, + w2l1, + w2l2, + w2l3, + w3l0, + w3l1, + w3l2, + w3l3, + w4l0, + w4l1, + w4l2, + w4l3, + w5l0, + w5l1, + w5l2, + w5l3, + w6l0, + w6l1, + w6l2, + w6l3, + w7l0, + w7l1, + w7l2, + w7l3, + w8l0, + w8l1, + w8l2, + w8l3, + w9l0, + w9l1, + w9l2, + w9l3, + w10l0, + w10l1, + w10l2, + w10l3, + w11l0, + w11l1, + w11l2, + w11l3, + ] = + (*ri) + .unbox(); + Ris + .append( + E12D { + w0: downcast_u384(w0l0, w0l1, w0l2, w0l3), + w1: downcast_u384(w1l0, w1l1, w1l2, w1l3), + w2: downcast_u384(w2l0, w2l1, w2l2, w2l3), + w3: downcast_u384(w3l0, w3l1, w3l2, w3l3), + w4: downcast_u384(w4l0, w4l1, w4l2, w4l3), + w5: downcast_u384(w5l0, w5l1, w5l2, w5l3), + w6: downcast_u384(w6l0, w6l1, w6l2, w6l3), + w7: downcast_u384(w7l0, w7l1, w7l2, w7l3), + w8: downcast_u384(w8l0, w8l1, w8l2, w8l3), + w9: downcast_u384(w9l0, w9l1, w9l2, w9l3), + w10: downcast_u384(w10l0, w10l1, w10l2, w10l3), + w11: downcast_u384(w11l0, w11l1, w11l2, w11l3), + } + ) + }; + // usize_assert_eq(mpcheck_hint.big_Q.len(), 105); + let mut big_q_slice = serialized.slice(1, 105 * 4); + let mut serialized = serialized.slice(105 * 4 + 1, serialized.len() - 105 * 4 - 1); + + let mut big_q = array![]; + while let Option::Some(q) = big_q_slice.multi_pop_front::<4>() { + let [l0, l1, l2, l3] = (*q).unbox(); + big_q.append(downcast_u384(l0, l1, l2, l3)) + }; + + let mpcheck_hint = MPCheckHintBLS12_381 { + lambda_root_inverse: lambda_root_inverse, w: w, Ris: Ris.span(), big_Q: big_q, + }; + + let [ + w0l0, + w0l1, + w0l2, + w0l3, + w1l0, + w1l1, + w1l2, + w1l3, + w2l0, + w2l1, + w2l2, + w2l3, + w3l0, + w3l1, + w3l2, + w3l3, + w4l0, + w4l1, + w4l2, + w4l3, + w5l0, + w5l1, + w5l2, + w5l3, + w6l0, + w6l1, + w6l2, + w6l3, + w7l0, + w7l1, + w7l2, + w7l3, + w8l0, + w8l1, + w8l2, + w8l3, + w9l0, + w9l1, + w9l2, + w9l3, + w10l0, + w10l1, + w10l2, + w10l3, + ] = + (*serialized + .multi_pop_front::<44>() + .unwrap()) + .unbox(); + + let small_Q = E12DMulQuotient { + w0: downcast_u384(w0l0, w0l1, w0l2, w0l3), + w1: downcast_u384(w1l0, w1l1, w1l2, w1l3), + w2: downcast_u384(w2l0, w2l1, w2l2, w2l3), + w3: downcast_u384(w3l0, w3l1, w3l2, w3l3), + w4: downcast_u384(w4l0, w4l1, w4l2, w4l3), + w5: downcast_u384(w5l0, w5l1, w5l2, w5l3), + w6: downcast_u384(w6l0, w6l1, w6l2, w6l3), + w7: downcast_u384(w7l0, w7l1, w7l2, w7l3), + w8: downcast_u384(w8l0, w8l1, w8l2, w8l3), + w9: downcast_u384(w9l0, w9l1, w9l2, w9l3), + w10: downcast_u384(w10l0, w10l1, w10l2, w10l3), + }; + + // let msm_hint = *serialized.snapshot; + let mut msm_hint = array![]; + serialized.pop_front().unwrap(); // skip len. + for x in serialized { + msm_hint.append(*x); + }; + return FullProofWithHintsBLS12_381 { groth16_proof, mpcheck_hint, small_Q, msm_hint, }; +} diff --git a/src/src/utils/hashing.cairo b/src/src/utils/hashing.cairo index f8711137..7a8af7df 100644 --- a/src/src/utils/hashing.cairo +++ b/src/src/utils/hashing.cairo @@ -10,6 +10,7 @@ struct PoseidonState { } // Apply sponge construction to a transcript of u384 elements +#[inline(always)] pub fn hash_u384_transcript( transcript: Span, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -28,6 +29,7 @@ pub fn hash_u384_transcript( return (s0, s1, s2); } +#[inline(always)] pub fn hash_u288_transcript( transcript: Span, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -44,8 +46,9 @@ pub fn hash_u288_transcript( return (s0, s1, s2); } -pub fn hash_E12DMulQuotient( - elmt: E12DMulQuotient, mut s0: felt252, mut s1: felt252, mut s2: felt252 +#[inline(always)] +pub fn hash_E12DMulQuotient_u384( + elmt: E12DMulQuotient, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { let base: felt252 = 79228162514264337593543950336; // 2**96 @@ -85,7 +88,51 @@ pub fn hash_E12DMulQuotient( return (_s0, _s1, _s2); } +#[inline(always)] +pub fn hash_E12DMulQuotient_u288( + elmt: E12DMulQuotient, mut s0: felt252, mut s1: felt252, mut s2: felt252 +) -> (felt252, felt252, felt252) { + let base: felt252 = 79228162514264337593543950336; // 2**96 + + let in_1 = s0 + elmt.w0.limb0.into() + base * elmt.w0.limb1.into(); + let in_2 = s1 + elmt.w0.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, s2); + let in_1 = _s0 + elmt.w1.limb0.into() + base * elmt.w1.limb1.into(); + let in_2 = _s1 + elmt.w1.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w2.limb0.into() + base * elmt.w2.limb1.into(); + let in_2 = _s1 + elmt.w2.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w3.limb0.into() + base * elmt.w3.limb1.into(); + let in_2 = _s1 + elmt.w3.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w4.limb0.into() + base * elmt.w4.limb1.into(); + let in_2 = _s1 + elmt.w4.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w5.limb0.into() + base * elmt.w5.limb1.into(); + let in_2 = _s1 + elmt.w5.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w6.limb0.into() + base * elmt.w6.limb1.into(); + let in_2 = _s1 + elmt.w6.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w7.limb0.into() + base * elmt.w7.limb1.into(); + let in_2 = _s1 + elmt.w7.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w8.limb0.into() + base * elmt.w8.limb1.into(); + let in_2 = _s1 + elmt.w8.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w9.limb0.into() + base * elmt.w9.limb1.into(); + let in_2 = _s1 + elmt.w9.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + let in_1 = _s0 + elmt.w10.limb0.into() + base * elmt.w10.limb1.into(); + let in_2 = _s1 + elmt.w10.limb2.into(); + let (_s0, _s1, _s2) = hades_permutation(in_1, in_2, _s2); + return (_s0, _s1, _s2); +} + + // Apply sponge construction to a E12D element from an initial state (s0, s1, s2) +#[inline(always)] pub fn hash_E12D_u384( elmt: E12D, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -130,7 +177,7 @@ pub fn hash_E12D_u384( return (_s0, _s1, _s2); } - +#[inline(always)] pub fn hash_E12D_u288( elmt: E12D, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -177,6 +224,7 @@ pub fn hash_E12D_u288( // Apply sponge construction to a MillerLoopResultScalingFactor element from an initial state (s0, // s1, s2) +#[inline(always)] pub fn hash_MillerLoopResultScalingFactor_u384( elmt: MillerLoopResultScalingFactor, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -203,6 +251,7 @@ pub fn hash_MillerLoopResultScalingFactor_u384( return (_s0, _s1, _s2); } +#[inline(always)] pub fn hash_MillerLoopResultScalingFactor_u288( elmt: MillerLoopResultScalingFactor, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -230,6 +279,7 @@ pub fn hash_MillerLoopResultScalingFactor_u288( } // Apply sponge construction to a sequence of E12D elements from an initial state (s0, s1, s2) +#[inline(always)] pub fn hash_E12D_u384_transcript( transcript: Span>, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -280,6 +330,7 @@ pub fn hash_E12D_u384_transcript( return (s0, s1, s2); } +#[inline(always)] pub fn hash_E12D_u288_transcript( transcript: Span>, mut s0: felt252, mut s1: felt252, mut s2: felt252 ) -> (felt252, felt252, felt252) { @@ -332,6 +383,7 @@ pub fn hash_E12D_u288_transcript( // Apply sponge construction to a pair of G1 and G2 points from an initial state (s0, s1, s2) +#[inline(always)] pub fn hash_G1G2Pair( pair: G1G2Pair, s0: felt252, s1: felt252, s2: felt252 ) -> (felt252, felt252, felt252) { diff --git a/tools/make/bytecode_check.sh b/tools/make/bytecode_check.sh index 455ae7cc..6e29fae5 100755 --- a/tools/make/bytecode_check.sh +++ b/tools/make/bytecode_check.sh @@ -1,7 +1,20 @@ #!/bin/bash -c="bn254" +c1="bn254" +c2="bls12_381" -cd src/contracts/groth16_example_$c +cd src/contracts/groth16_example_$c1 scarb build -bytecode_length=$(jq '.bytecode | length' ./target/dev/groth16_example_${c}_Groth16Verifier${c^^}.compiled_contract_class.json) -echo "Bytecode length: $bytecode_length" +bytecode_length=$(jq '.bytecode | length' ./target/dev/groth16_example_${c1}_Groth16Verifier${c1^^}.compiled_contract_class.json) +echo "Bytecode length BN254: $bytecode_length" + + +cd ../groth16_example_$c2 +scarb build +bytecode_length=$(jq '.bytecode | length' ./target/dev/groth16_example_${c2}_Groth16Verifier${c2^^}.compiled_contract_class.json) +echo "Bytecode length BLS12_381: $bytecode_length" + + +cd ../universal_ecip +scarb build +bytecode_length=$(jq '.bytecode | length' ./target/dev/universal_ecip_UniversalECIP.compiled_contract_class.json) +echo "Bytecode length ECIP: $bytecode_length" diff --git a/tools/make/rewrite.sh b/tools/make/rewrite.sh index b9dbac1b..8d09ab4d 100755 --- a/tools/make/rewrite.sh +++ b/tools/make/rewrite.sh @@ -1,8 +1,8 @@ -rm -rf src/src/tests/ -rm -rf src/src/circuits/ -rm -rf src/contracts/groth16_example_bls12_381 -rm -rf src/contracts/groth16_example_bn254 -rm -rf src/contracts/risc0_verifier_bn254 +rm -rf src/src/tests/* +rm -rf src/src/circuits/* +rm -rf src/contracts/groth16_example_bls12_381/* +rm -rf src/contracts/groth16_example_bn254/* +rm -rf src/contracts/risc0_verifier_bn254/* set -e # Exit immediately if a command exits with a non-zero status diff --git a/tools/npm/garaga_rs/.gitignore b/tools/npm/garaga_ts/.gitignore similarity index 100% rename from tools/npm/garaga_rs/.gitignore rename to tools/npm/garaga_ts/.gitignore diff --git a/tools/npm/garaga_rs/Dockerfile b/tools/npm/garaga_ts/Dockerfile similarity index 82% rename from tools/npm/garaga_rs/Dockerfile rename to tools/npm/garaga_ts/Dockerfile index feb257cc..4ccdbc43 100644 --- a/tools/npm/garaga_rs/Dockerfile +++ b/tools/npm/garaga_ts/Dockerfile @@ -1,6 +1,6 @@ # This file (along with docker-compose.yml) helps creating reproducible builds # - It must be manually triggered whenever the Rust code is changed -# - It will update the code generated under src/wasm/pkg +# - It will update the code generated under src/wasm/pkg # Usage: docker compose up --build && docker compose down FROM rust:1.80.1 @@ -13,6 +13,6 @@ ENV HOME="/root/" ENV N_PREFIX="$HOME/n" ENV PATH="$HOME/n/bin/:$PATH" -WORKDIR /garaga/tools/npm/garaga_rs +WORKDIR /garaga/tools/npm/garaga_ts CMD npm ci && npm run build && npm pack && ./fix-chown.sh ../.. diff --git a/tools/npm/garaga_rs/docker-compose.yml b/tools/npm/garaga_ts/docker-compose.yml similarity index 82% rename from tools/npm/garaga_rs/docker-compose.yml rename to tools/npm/garaga_ts/docker-compose.yml index 52a9c9bd..38835bab 100644 --- a/tools/npm/garaga_rs/docker-compose.yml +++ b/tools/npm/garaga_ts/docker-compose.yml @@ -1,6 +1,6 @@ # This file (along with Dockerfile) helps creating reproducible builds # - It must be manually triggered whenever the Rust code is changed -# - It will update the code generated under src/wasm/pkg +# - It will update the code generated under src/wasm/pkg # Usage: docker compose up --build && docker compose down services: diff --git a/tools/npm/garaga_rs/fix-chown.sh b/tools/npm/garaga_ts/fix-chown.sh similarity index 100% rename from tools/npm/garaga_rs/fix-chown.sh rename to tools/npm/garaga_ts/fix-chown.sh diff --git a/tools/npm/garaga_rs/package-lock.json b/tools/npm/garaga_ts/package-lock.json similarity index 99% rename from tools/npm/garaga_rs/package-lock.json rename to tools/npm/garaga_ts/package-lock.json index a457f7c1..b633de74 100644 --- a/tools/npm/garaga_rs/package-lock.json +++ b/tools/npm/garaga_ts/package-lock.json @@ -1,12 +1,12 @@ { - "name": "garaga_rs", - "version": "0.1.0", + "name": "garaga", + "version": "0.13.3", "lockfileVersion": 3, "requires": true, "packages": { "": { - "name": "garaga_rs", - "version": "0.1.0", + "name": "garaga", + "version": "0.13.3", "devDependencies": { "@rollup/plugin-typescript": "^11.1.6", "rollup": "^4.21.2", diff --git a/tools/npm/garaga_rs/package.json b/tools/npm/garaga_ts/package.json similarity index 87% rename from tools/npm/garaga_rs/package.json rename to tools/npm/garaga_ts/package.json index 49bda436..bc5b2a20 100644 --- a/tools/npm/garaga_rs/package.json +++ b/tools/npm/garaga_ts/package.json @@ -1,7 +1,7 @@ { "type": "module", - "name": "garaga_rs", - "version": "0.1.0", + "name": "garaga", + "version": "0.13.3", "main": "./dist/index.cjs", "module": "./dist/index.mjs", "types": "./dist/index.d.ts", @@ -10,7 +10,7 @@ "./dist/" ], "scripts": { - "build:wasm": "cd ../../garaga_rs && wasm-pack build --target web --out-dir ../npm/garaga_rs/src/wasm/pkg --release --no-default-features", + "build:wasm": "cd ../../garaga_rs && wasm-pack build --target web --out-dir ../npm/garaga_ts/src/wasm/pkg --release --no-default-features", "patch:wasm": "node patch.wasm.cjs", "build:node": "tsc && rollup -c", "build": "npm run build:wasm && npm run patch:wasm && npm run build:node", diff --git a/tools/npm/garaga_rs/patch.wasm.cjs b/tools/npm/garaga_ts/patch.wasm.cjs similarity index 100% rename from tools/npm/garaga_rs/patch.wasm.cjs rename to tools/npm/garaga_ts/patch.wasm.cjs diff --git a/tools/npm/garaga_rs/rollup.config.js b/tools/npm/garaga_ts/rollup.config.js similarity index 100% rename from tools/npm/garaga_rs/rollup.config.js rename to tools/npm/garaga_ts/rollup.config.js diff --git a/tools/npm/garaga_rs/src/node/api.ts b/tools/npm/garaga_ts/src/node/api.ts similarity index 100% rename from tools/npm/garaga_rs/src/node/api.ts rename to tools/npm/garaga_ts/src/node/api.ts diff --git a/tools/npm/garaga_rs/src/node/index.ts b/tools/npm/garaga_ts/src/node/index.ts similarity index 100% rename from tools/npm/garaga_rs/src/node/index.ts rename to tools/npm/garaga_ts/src/node/index.ts diff --git a/tools/npm/garaga_rs/src/wasm/pkg/garaga_rs.d.ts b/tools/npm/garaga_ts/src/wasm/pkg/garaga_rs.d.ts similarity index 100% rename from tools/npm/garaga_rs/src/wasm/pkg/garaga_rs.d.ts rename to tools/npm/garaga_ts/src/wasm/pkg/garaga_rs.d.ts diff --git a/tools/npm/garaga_rs/src/wasm/pkg/garaga_rs.js b/tools/npm/garaga_ts/src/wasm/pkg/garaga_rs.js similarity index 100% rename from tools/npm/garaga_rs/src/wasm/pkg/garaga_rs.js rename to tools/npm/garaga_ts/src/wasm/pkg/garaga_rs.js diff --git a/tools/npm/garaga_rs/src/wasm/pkg/garaga_rs_bg.wasm.d.ts b/tools/npm/garaga_ts/src/wasm/pkg/garaga_rs_bg.wasm.d.ts similarity index 100% rename from tools/npm/garaga_rs/src/wasm/pkg/garaga_rs_bg.wasm.d.ts rename to tools/npm/garaga_ts/src/wasm/pkg/garaga_rs_bg.wasm.d.ts diff --git a/tools/npm/garaga_rs/src/wasm/pkg/garaga_rs_bg.wasm.js b/tools/npm/garaga_ts/src/wasm/pkg/garaga_rs_bg.wasm.js similarity index 100% rename from tools/npm/garaga_rs/src/wasm/pkg/garaga_rs_bg.wasm.js rename to tools/npm/garaga_ts/src/wasm/pkg/garaga_rs_bg.wasm.js diff --git a/tools/npm/garaga_rs/src/wasm/pkg/package.json b/tools/npm/garaga_ts/src/wasm/pkg/package.json similarity index 100% rename from tools/npm/garaga_rs/src/wasm/pkg/package.json rename to tools/npm/garaga_ts/src/wasm/pkg/package.json diff --git a/tools/npm/garaga_rs/tsconfig.json b/tools/npm/garaga_ts/tsconfig.json similarity index 100% rename from tools/npm/garaga_rs/tsconfig.json rename to tools/npm/garaga_ts/tsconfig.json diff --git a/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/package.json b/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/package.json index f604aab7..5f727330 100644 --- a/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/package.json +++ b/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/package.json @@ -5,7 +5,7 @@ "test": "node dist/index.js > .output.txt && diff .output.txt output.txt" }, "dependencies": { - "garaga_rs": "file:../../garaga_rs.tgz" + "garaga": "file:../../garaga.tgz" }, "devDependencies": { "typescript": "^5.5.4" diff --git a/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/src/index.ts b/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/src/index.ts index d4d82f8f..ef166ff5 100644 --- a/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/src/index.ts +++ b/tools/npm/integration-test-suite/packages/nodejs-ts-cjs-tsc/src/index.ts @@ -1,8 +1,8 @@ -import * as garaga_rs from 'garaga_rs'; +import * as garaga from 'garaga'; async function main(): Promise { - await garaga_rs.init(); - const result = garaga_rs.msmCalldataBuilder([[1n, 2n]], [10n], garaga_rs.CurveId.BN254); + await garaga.init(); + const result = garaga.msmCalldataBuilder([[1n, 2n]], [10n], garaga.CurveId.BN254); const json = JSON.stringify(result, (key, value) => typeof value === 'bigint' ? value + 'n' : value, 2); const message = 'Output of msm_calldata_builder: ' + json; console.log(message); diff --git a/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/package.json b/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/package.json index e42ad60c..1774ba8a 100644 --- a/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/package.json +++ b/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/package.json @@ -6,7 +6,7 @@ "test": "node dist/index.js > .output.txt && diff .output.txt output.txt" }, "dependencies": { - "garaga_rs": "file:../../garaga_rs.tgz" + "garaga": "file:../../garaga.tgz" }, "devDependencies": { "typescript": "^5.5.4" diff --git a/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/src/index.ts b/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/src/index.ts index d4d82f8f..ef166ff5 100644 --- a/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/src/index.ts +++ b/tools/npm/integration-test-suite/packages/nodejs-ts-esm-tsc/src/index.ts @@ -1,8 +1,8 @@ -import * as garaga_rs from 'garaga_rs'; +import * as garaga from 'garaga'; async function main(): Promise { - await garaga_rs.init(); - const result = garaga_rs.msmCalldataBuilder([[1n, 2n]], [10n], garaga_rs.CurveId.BN254); + await garaga.init(); + const result = garaga.msmCalldataBuilder([[1n, 2n]], [10n], garaga.CurveId.BN254); const json = JSON.stringify(result, (key, value) => typeof value === 'bigint' ? value + 'n' : value, 2); const message = 'Output of msm_calldata_builder: ' + json; console.log(message); diff --git a/tools/npm/integration-test-suite/packages/web-js-esm-react/package.json b/tools/npm/integration-test-suite/packages/web-js-esm-react/package.json index 337f6c7f..778490b0 100644 --- a/tools/npm/integration-test-suite/packages/web-js-esm-react/package.json +++ b/tools/npm/integration-test-suite/packages/web-js-esm-react/package.json @@ -8,7 +8,7 @@ "test": "npm run start-bg && node scrape.cjs > .output.txt; npm run stop-bg; diff .output.txt output.txt" }, "dependencies": { - "garaga_rs": "file:../../garaga_rs.tgz", + "garaga": "file:../../garaga.tgz", "next": "14.2.8", "react": "^18", "react-dom": "^18" diff --git a/tools/npm/integration-test-suite/packages/web-js-esm-react/src/app/page.js b/tools/npm/integration-test-suite/packages/web-js-esm-react/src/app/page.js index ce5809a3..e2824f21 100644 --- a/tools/npm/integration-test-suite/packages/web-js-esm-react/src/app/page.js +++ b/tools/npm/integration-test-suite/packages/web-js-esm-react/src/app/page.js @@ -1,7 +1,7 @@ 'use client'; import { useState, useEffect } from 'react'; -import * as garaga_rs from 'garaga_rs'; +import * as garaga from 'garaga'; export default function Home() { const [loading, setLoading] = useState(true); @@ -10,8 +10,8 @@ export default function Home() { useEffect(async () => { try { - await garaga_rs.init(); - const result = garaga_rs.msmCalldataBuilder([[1n, 2n]], [10n], garaga_rs.CurveId.BN254); + await garaga.init(); + const result = garaga.msmCalldataBuilder([[1n, 2n]], [10n], garaga.CurveId.BN254); const json = JSON.stringify(result, (key, value) => typeof value === 'bigint' ? value + 'n' : value, 2); const message = 'Output of msm_calldata_builder: ' + json; setData(message); diff --git a/tools/npm/integration-test-suite/packages/web-js-esm-webpack/package.json b/tools/npm/integration-test-suite/packages/web-js-esm-webpack/package.json index c364a806..3c1c5cfe 100644 --- a/tools/npm/integration-test-suite/packages/web-js-esm-webpack/package.json +++ b/tools/npm/integration-test-suite/packages/web-js-esm-webpack/package.json @@ -9,7 +9,7 @@ }, "devDependencies": { "copy-webpack-plugin": "^12.0.2", - "garaga_rs": "file:../../garaga_rs.tgz", + "garaga": "file:../../garaga.tgz", "puppeteer": "^23.3.0", "webpack": "^5.94.0", "webpack-cli": "^5.1.4", diff --git a/tools/npm/integration-test-suite/packages/web-js-esm-webpack/src/index.js b/tools/npm/integration-test-suite/packages/web-js-esm-webpack/src/index.js index 3a31bc2b..f233cb40 100644 --- a/tools/npm/integration-test-suite/packages/web-js-esm-webpack/src/index.js +++ b/tools/npm/integration-test-suite/packages/web-js-esm-webpack/src/index.js @@ -1,8 +1,8 @@ -import * as garaga_rs from 'garaga_rs'; +import * as garaga from 'garaga'; async function main() { - await garaga_rs.init(); - const result = garaga_rs.msmCalldataBuilder([[1n, 2n]], [10n], garaga_rs.CurveId.BN254); + await garaga.init(); + const result = garaga.msmCalldataBuilder([[1n, 2n]], [10n], garaga.CurveId.BN254); const json = JSON.stringify(result, (key, value) => typeof value === 'bigint' ? value + 'n' : value, 2); const message = 'Output of msm_calldata_builder: ' + json; const element = document.createElement('pre');