Merge branch 'privacy-scaling-explorations:main' into main

privacy-scaling-explorations · Jan 1, 2025 · bccf06c · bccf06c
2 parents 1376a1b + c6f1a24
commit bccf06c
Show file tree

Hide file tree

Showing 71 changed files with 1,637 additions and 2,370 deletions.
diff --git a/.gitignore b/.gitignore
@@ -2,12 +2,12 @@
 Cargo.lock
 
 # Circom generated files
-frontends/src/circom/test_folder/*_js/
+experimental-frontends/src/circom/test_folder/*_js/
 *.r1cs
 *.sym
 
 # Noir generated files
-frontends/src/noir/test_folder/*/target/*
+experimental-frontends/src/noir/test_folder/*/target/*
 
 # generated contracts data
 solidity-verifiers/generated

diff --git a/benches/common.rs b/benches/common.rs
@@ -1,26 +1,20 @@
-use ark_ec::CurveGroup;
-use ark_ff::PrimeField;
 use criterion::*;
 
 use folding_schemes::{
     frontend::{utils::CustomFCircuit, FCircuit},
-    Error, FoldingScheme,
+    Curve, Error, FoldingScheme,
 };
 
 pub(crate) fn bench_ivc_opt<
-    C1: CurveGroup,
-    C2: CurveGroup,
+    C1: Curve<BaseField = C2::ScalarField, ScalarField = C2::BaseField>,
+    C2: Curve,
     FS: FoldingScheme<C1, C2, CustomFCircuit<C1::ScalarField>>,
 >(
     c: &mut Criterion,
     name: String,
     n: usize,
     prep_param: FS::PreprocessorParam,
-) -> Result<(), Error>
-where
-    C1: CurveGroup<BaseField = C2::ScalarField, ScalarField = C2::BaseField>,
-    C2::BaseField: PrimeField,
-{
+) -> Result<(), Error> {
     let fcircuit_size = 1 << n; // 2^n
 
     let f_circuit = CustomFCircuit::<C1::ScalarField>::new(fcircuit_size)?;
@@ -35,7 +29,7 @@ where
 
     // warmup steps
     for _ in 0..5 {
-        fs.prove_step(rng, vec![], None)?;
+        fs.prove_step(rng, (), None)?;
     }
 
     let mut group = c.benchmark_group(format!(
@@ -44,7 +38,7 @@ where
     ));
     group.significance_level(0.1).sample_size(10);
     group.bench_function("prove_step", |b| {
-        b.iter(|| -> Result<_, _> { black_box(fs.clone()).prove_step(rng, vec![], None) })
+        b.iter(|| -> Result<_, _> { black_box(fs.clone()).prove_step(rng, (), None) })
     });
 
     // verify the IVCProof

diff --git a/benches/hypernova.rs b/benches/hypernova.rs
@@ -1,10 +1,10 @@
 use criterion::*;
 use pprof::criterion::{Output, PProfProfiler};
 
-use ark_bn254::{constraints::GVar as bn_GVar, Fr as bn_Fr, G1Projective as bn_G};
-use ark_grumpkin::{constraints::GVar as grumpkin_GVar, Projective as grumpkin_G};
-use ark_pallas::{constraints::GVar as pallas_GVar, Fr as pallas_Fr, Projective as pallas_G};
-use ark_vesta::{constraints::GVar as vesta_GVar, Projective as vesta_G};
+use ark_bn254::{Fr as bn_Fr, G1Projective as bn_G};
+use ark_grumpkin::Projective as grumpkin_G;
+use ark_pallas::{Fr as pallas_Fr, Projective as pallas_G};
+use ark_vesta::Projective as vesta_G;
 
 use folding_schemes::{
     commitment::pedersen::Pedersen,
@@ -30,9 +30,7 @@ fn bench_hypernova_ivc(c: &mut Criterion) {
             vesta_G,
             HyperNova<
                 pallas_G,
-                pallas_GVar,
                 vesta_G,
-                vesta_GVar,
                 CustomFCircuit<pallas_Fr>,
                 Pedersen<pallas_G>,
                 Pedersen<vesta_G>,
@@ -60,9 +58,7 @@ fn bench_hypernova_ivc(c: &mut Criterion) {
             grumpkin_G,
             HyperNova<
                 bn_G,
-                bn_GVar,
                 grumpkin_G,
-                grumpkin_GVar,
                 CustomFCircuit<bn_Fr>,
                 Pedersen<bn_G>,
                 Pedersen<grumpkin_G>,

diff --git a/benches/nova.rs b/benches/nova.rs
@@ -1,10 +1,10 @@
 use criterion::*;
 use pprof::criterion::{Output, PProfProfiler};
 
-use ark_bn254::{constraints::GVar as bn_GVar, Fr as bn_Fr, G1Projective as bn_G};
-use ark_grumpkin::{constraints::GVar as grumpkin_GVar, Projective as grumpkin_G};
-use ark_pallas::{constraints::GVar as pallas_GVar, Fr as pallas_Fr, Projective as pallas_G};
-use ark_vesta::{constraints::GVar as vesta_GVar, Projective as vesta_G};
+use ark_bn254::{Fr as bn_Fr, G1Projective as bn_G};
+use ark_grumpkin::Projective as grumpkin_G;
+use ark_pallas::{Fr as pallas_Fr, Projective as pallas_G};
+use ark_vesta::Projective as vesta_G;
 
 use folding_schemes::{
     commitment::pedersen::Pedersen,
@@ -30,9 +30,7 @@ fn bench_nova_ivc(c: &mut Criterion) {
             vesta_G,
             Nova<
                 pallas_G,
-                pallas_GVar,
                 vesta_G,
-                vesta_GVar,
                 CustomFCircuit<pallas_Fr>,
                 Pedersen<pallas_G>,
                 Pedersen<vesta_G>,
@@ -53,9 +51,7 @@ fn bench_nova_ivc(c: &mut Criterion) {
             grumpkin_G,
             Nova<
                 bn_G,
-                bn_GVar,
                 grumpkin_G,
-                grumpkin_GVar,
                 CustomFCircuit<bn_Fr>,
                 Pedersen<bn_G>,
                 Pedersen<grumpkin_G>,

diff --git a/benches/protogalaxy.rs b/benches/protogalaxy.rs
@@ -1,10 +1,10 @@
 use criterion::*;
 use pprof::criterion::{Output, PProfProfiler};
 
-use ark_bn254::{constraints::GVar as bn_GVar, Fr as bn_Fr, G1Projective as bn_G};
-use ark_grumpkin::{constraints::GVar as grumpkin_GVar, Projective as grumpkin_G};
-use ark_pallas::{constraints::GVar as pallas_GVar, Fr as pallas_Fr, Projective as pallas_G};
-use ark_vesta::{constraints::GVar as vesta_GVar, Projective as vesta_G};
+use ark_bn254::{Fr as bn_Fr, G1Projective as bn_G};
+use ark_grumpkin::Projective as grumpkin_G;
+use ark_pallas::{Fr as pallas_Fr, Projective as pallas_G};
+use ark_vesta::Projective as vesta_G;
 
 use folding_schemes::{
     commitment::pedersen::Pedersen,
@@ -30,9 +30,7 @@ fn bench_protogalaxy_ivc(c: &mut Criterion) {
             vesta_G,
             ProtoGalaxy<
                 pallas_G,
-                pallas_GVar,
                 vesta_G,
-                vesta_GVar,
                 CustomFCircuit<pallas_Fr>,
                 Pedersen<pallas_G>,
                 Pedersen<vesta_G>,
@@ -57,9 +55,7 @@ fn bench_protogalaxy_ivc(c: &mut Criterion) {
             grumpkin_G,
             ProtoGalaxy<
                 bn_G,
-                bn_GVar,
                 grumpkin_G,
-                grumpkin_GVar,
                 CustomFCircuit<bn_Fr>,
                 Pedersen<bn_G>,
                 Pedersen<grumpkin_G>,

diff --git a/examples/circom_full_flow.rs b/examples/circom_full_flow.rs
@@ -9,15 +9,15 @@
 /// - generate the Solidity contract that verifies the proof
 /// - verify the proof in the EVM
 ///
-use ark_bn254::{constraints::GVar, Bn254, Fr, G1Projective as G1};
+use ark_bn254::{Bn254, Fr, G1Projective as G1};
 
 use ark_groth16::Groth16;
-use ark_grumpkin::{constraints::GVar as GVar2, Projective as G2};
+use ark_grumpkin::Projective as G2;
 
 use std::path::PathBuf;
 use std::time::Instant;
 
-use experimental_frontends::circom::CircomFCircuit;
+use experimental_frontends::{circom::CircomFCircuit, utils::VecF};
 use folding_schemes::{
     commitment::{kzg::KZG, pedersen::Pedersen},
     folding::{
@@ -64,17 +64,16 @@ fn main() -> Result<(), Error> {
         "./experimental-frontends/src/circom/test_folder/with_external_inputs_js/with_external_inputs.wasm",
     );
 
-    let f_circuit_params = (r1cs_path.into(), wasm_path.into(), 1, 2);
-    let f_circuit = CircomFCircuit::<Fr>::new(f_circuit_params)?;
+    let f_circuit_params = (r1cs_path.into(), wasm_path.into(), 1); // state len = 1
+    const EXT_INP_LEN: usize = 2; // external inputs len = 2
+    let f_circuit = CircomFCircuit::<Fr, EXT_INP_LEN>::new(f_circuit_params)?;
 
     pub type N =
-        Nova<G1, GVar, G2, GVar2, CircomFCircuit<Fr>, KZG<'static, Bn254>, Pedersen<G2>, false>;
+        Nova<G1, G2, CircomFCircuit<Fr, EXT_INP_LEN>, KZG<'static, Bn254>, Pedersen<G2>, false>;
     pub type D = DeciderEth<
         G1,
-        GVar,
         G2,
-        GVar2,
-        CircomFCircuit<Fr>,
+        CircomFCircuit<Fr, EXT_INP_LEN>,
         KZG<'static, Bn254>,
         Pedersen<G2>,
         Groth16<Bn254>,
@@ -97,7 +96,7 @@ fn main() -> Result<(), Error> {
     // run n steps of the folding iteration
     for (i, external_inputs_at_step) in external_inputs.iter().enumerate() {
         let start = Instant::now();
-        nova.prove_step(rng, external_inputs_at_step.clone(), None)?;
+        nova.prove_step(rng, VecF(external_inputs_at_step.clone()), None)?;
         println!("Nova::prove_step {}: {:?}", i, start.elapsed());
     }
 

diff --git a/examples/external_inputs.rs b/examples/external_inputs.rs
@@ -3,7 +3,7 @@
 #![allow(non_camel_case_types)]
 #![allow(clippy::upper_case_acronyms)]
 
-use ark_bn254::{constraints::GVar, Bn254, Fr, G1Projective as Projective};
+use ark_bn254::{Bn254, Fr, G1Projective as Projective};
 use ark_crypto_primitives::{
     crh::{
         poseidon::constraints::{CRHGadget, CRHParametersVar},
@@ -12,7 +12,7 @@ use ark_crypto_primitives::{
     sponge::{poseidon::PoseidonConfig, Absorb},
 };
 use ark_ff::PrimeField;
-use ark_grumpkin::{constraints::GVar as GVar2, Projective as Projective2};
+use ark_grumpkin::Projective as Projective2;
 use ark_r1cs_std::alloc::AllocVar;
 use ark_r1cs_std::fields::fp::FpVar;
 use ark_relations::r1cs::{ConstraintSystemRef, SynthesisError};
@@ -74,6 +74,8 @@ where
     F: Absorb,
 {
     type Params = PoseidonConfig<F>;
+    type ExternalInputs = [F; 1];
+    type ExternalInputsVar = [FpVar<F>; 1];
 
     fn new(params: Self::Params) -> Result<Self, Error> {
         Ok(Self {
@@ -84,17 +86,14 @@ where
     fn state_len(&self) -> usize {
         1
     }
-    fn external_inputs_len(&self) -> usize {
-        1
-    }
     /// generates the constraints and returns the next state value for the step of F for the given
     /// z_i and external_inputs
     fn generate_step_constraints(
         &self,
         cs: ConstraintSystemRef<F>,
         _i: usize,
         z_i: Vec<FpVar<F>>,
-        external_inputs: Vec<FpVar<F>>,
+        external_inputs: Self::ExternalInputsVar,
     ) -> Result<Vec<FpVar<F>>, SynthesisError> {
         let crh_params =
             CRHParametersVar::<F>::new_constant(cs.clone(), self.poseidon_config.clone())?;
@@ -137,7 +136,10 @@ pub mod tests {
             external_inputs_step_native(z_i.clone(), external_inputs.clone(), &poseidon_config);
 
         let z_iVar = Vec::<FpVar<Fr>>::new_witness(cs.clone(), || Ok(z_i))?;
-        let external_inputsVar = Vec::<FpVar<Fr>>::new_witness(cs.clone(), || Ok(external_inputs))?;
+        let external_inputsVar: [FpVar<Fr>; 1] =
+            Vec::<FpVar<Fr>>::new_witness(cs.clone(), || Ok(external_inputs))?
+                .try_into()
+                .unwrap();
 
         let computed_z_i1Var =
             circuit.generate_step_constraints(cs.clone(), 0, z_iVar, external_inputsVar)?;
@@ -153,11 +155,11 @@ fn main() -> Result<(), Error> {
 
     // prepare the external inputs to be used at each folding step
     let external_inputs = vec![
-        vec![Fr::from(3_u32)],
-        vec![Fr::from(33_u32)],
-        vec![Fr::from(73_u32)],
-        vec![Fr::from(103_u32)],
-        vec![Fr::from(125_u32)],
+        [Fr::from(3_u32)],
+        [Fr::from(33_u32)],
+        [Fr::from(73_u32)],
+        [Fr::from(103_u32)],
+        [Fr::from(125_u32)],
     ];
     assert_eq!(external_inputs.len(), num_steps);
 
@@ -169,9 +171,7 @@ fn main() -> Result<(), Error> {
     /// trait, and the rest of our code would be working without needing to be updated.
     type N = Nova<
         Projective,
-        GVar,
         Projective2,
-        GVar2,
         ExternalInputsCircuit<Fr>,
         KZG<'static, Bn254>,
         Pedersen<Projective2>,

diff --git a/examples/full_flow.rs b/examples/full_flow.rs
@@ -9,10 +9,10 @@
 /// - generate the Solidity contract that verifies the proof
 /// - verify the proof in the EVM
 ///
-use ark_bn254::{constraints::GVar, Bn254, Fr, G1Projective as G1};
+use ark_bn254::{Bn254, Fr, G1Projective as G1};
 use ark_ff::PrimeField;
 use ark_groth16::Groth16;
-use ark_grumpkin::{constraints::GVar as GVar2, Projective as G2};
+use ark_grumpkin::Projective as G2;
 use ark_r1cs_std::alloc::AllocVar;
 use ark_r1cs_std::fields::fp::FpVar;
 use ark_relations::r1cs::{ConstraintSystemRef, SynthesisError};
@@ -46,21 +46,21 @@ pub struct CubicFCircuit<F: PrimeField> {
 }
 impl<F: PrimeField> FCircuit<F> for CubicFCircuit<F> {
     type Params = ();
+    type ExternalInputs = ();
+    type ExternalInputsVar = ();
+
     fn new(_params: Self::Params) -> Result<Self, Error> {
         Ok(Self { _f: PhantomData })
     }
     fn state_len(&self) -> usize {
         1
     }
-    fn external_inputs_len(&self) -> usize {
-        0
-    }
     fn generate_step_constraints(
         &self,
         cs: ConstraintSystemRef<F>,
         _i: usize,
         z_i: Vec<FpVar<F>>,
-        _external_inputs: Vec<FpVar<F>>,
+        _external_inputs: Self::ExternalInputsVar,
     ) -> Result<Vec<FpVar<F>>, SynthesisError> {
         let five = FpVar::<F>::new_constant(cs.clone(), F::from(5u32))?;
         let z_i = z_i[0].clone();
@@ -76,19 +76,9 @@ fn main() -> Result<(), Error> {
 
     let f_circuit = CubicFCircuit::<Fr>::new(())?;
 
-    pub type N =
-        Nova<G1, GVar, G2, GVar2, CubicFCircuit<Fr>, KZG<'static, Bn254>, Pedersen<G2>, false>;
-    pub type D = DeciderEth<
-        G1,
-        GVar,
-        G2,
-        GVar2,
-        CubicFCircuit<Fr>,
-        KZG<'static, Bn254>,
-        Pedersen<G2>,
-        Groth16<Bn254>,
-        N,
-    >;
+    pub type N = Nova<G1, G2, CubicFCircuit<Fr>, KZG<'static, Bn254>, Pedersen<G2>, false>;
+    pub type D =
+        DeciderEth<G1, G2, CubicFCircuit<Fr>, KZG<'static, Bn254>, Pedersen<G2>, Groth16<Bn254>, N>;
 
     let poseidon_config = poseidon_canonical_config::<Fr>();
     let mut rng = ark_std::rand::rngs::OsRng;
@@ -106,7 +96,7 @@ fn main() -> Result<(), Error> {
     // run n steps of the folding iteration
     for i in 0..n_steps {
         let start = Instant::now();
-        nova.prove_step(rng, vec![], None)?;
+        nova.prove_step(rng, (), None)?;
         println!("Nova::prove_step {}: {:?}", i, start.elapsed());
     }