* Export type alias for bulletproof backend fields
Also, keep bulletproof stuff namespaced to a `bulletproofs` module.
* Change sudoku to use pub over const
* Docs updates
* Rename / clean up sudoku
* Export `Proof` type
Basically required for being able to deserialize a proof
* Add zkp/serde workspace example
* Drive by cleaning
* Exports necessary for gadget impls
* Rename compute_inputs to compute_hidden_inputs
* Add prove/verify builders
* Export the builder types
This isnt strictly necessary but it would be weird for these to not show up in the cargo docs
* Clippy fix
* Add helper .compile() & .runtime() methods to fhe prog fns
I do wonder if these should be defined in a separate trait, just so that they don't live next to the more internal functions in documentation.
* Use new swag to simplify the front-facing api docs example
* Add some whitespace
* Switch to an extension trait
* Add an extension to ZkpProgramFn
* Take an owned ZkpBackend, rather than reference
Its typical to have the caller handle cloning, rather than taking a reference, requiring Clone impl, and forcing clone. Plus, as of now the only backend is a zero size null struct, so nothing to be gained by using a reference. It also just looks weird to always pass `&BulletproofsBackend::new()`
* Update sudoku to use new swag
* Target second attribute in multi attribute error
* Enforce ordering zkp inputs: constants,public,private
Honestly this feels a little unnatural to me. Might want to reverse: private, public, constant and then change all the prove/verify methods to that ordering
* Build whitelist example in CI
* Reorder constant->public->private to private->public->constant
* Fix trailing ws
* Fix example
* Make .runtime() more consistent with .compile()
* Get rid of some boilerplate impls
* Add custom zkp type example
* Move example run checks into example tests
Should speed up CI a bit
* Change whitelist -> allowlist
This enables some small performance increase for smaller proofs (up to approximately 75%). Additionally this enables the prover and verifier to agree on which components may or may not be interesting by specifying a
bounds of zero.
* Fix assert_poly_expansion for k > 1
The polynomial expansion was using a flattened tensor product when a normal kronecker product should have been used. This fixes that error.
As a consequence, it is now also possible to create a matrix from a
vector of vectors. This was implemented to make it easier to create the test cases for k > 1.
* Misc doc fixes
* Fix sunscreen zkp exports
* Fix broken api doc reference
* Add starter zkp example
* Use ZkpRuntime::new in sudoku example
* Use ? over unwrap in zkp examples
* Refactor pattern matching
No functionality changes
* Disallow `mut` args in fhe/zkp programs
* Play around with allowing cipher|plain values
* Allow user-declared plain|cipher values
NOTE: Not fully implemented. Will not work on Rational types until we
factor out literal->plaintext into a proper trait.
This allows, e.g.
```rust
fn simple_sum(a: Cipher<Signed>, b: Cipher<Signed>) -> Cipher<Signed> {
let mut sum = fhe_var(0);
sum = sum + a;
sum = sum + b;
fhe_out(sum)
}
````
* Refactor array::output()
* More targeted compiler error messages on invalid return values
* Add option for var.into() rather than fhe_out(var)
* Fix incorrect macro invocation
* Add trait for inserting const as plaintext
* Impl all arithmetic operations for indeterminate nodes
* Offer an `fhe_var!` macro
* Offer a zkp_var! macro
* Offer a (safe) debug impl for zkp program nodes
* Fix tests
* Add test for fhe_var!
* Simplify tf out of sudoku
* Simplify fhe input() codegen
* Marginally better compiler error messages on invalid fhe program arg types
* Fix error for fhe program argument attributes
* Throw appropriate compiler error on generics
* Silence clippy warnings in generated code
These I think are typically ignored by default when consuming proc macros but might as well be explicit
* Fixup quote_spanned invocations
Unsure how important this is, but see here: https://docs.rs/quote/latest/quote/macro.quote_spanned.html#syntax
* Automatically call `.into()` on fhe prog return values
* Factor fhe_program_impl
* Further factor fhe_program_impl
So that token generation happens in helper methods, and the ultimate output() func is readable
* Fix doctests
* Fix clippy warnings
* Remove TODOs
* Add missing example runs to CI
* Oops: fix 232 > 64
* Allow arbitrary expressions in fhe_var!
* Use custom "into" to support impls on []
* Support explicit #[private] params
* Remove `backend = "bulletproofs"` attribute
* Address PR reveiw
The prior bounds for the short discrete log proof were not quite
accurate for some inputs. Specifically, the following changes were made
to match the paper:
- b: log2(B) + 1 -> ⌈log2(B)⌉ + 1
- b₁: log2(mdB + d||f||_inf) -> ⌈log2(mdB + d||f||_inf)⌉
- b₂ log2(q) + 1 -> ⌈log2(q)⌉
Specifically, b₂ was correct unless q was a power of 2, which
essentially never happens in practice.
* Add a bfv::Unsigned type
* Fix decoding from polynomial?
* Add prop test for addition
* Proptest sub, mul, and mixed cipher/plaintexts
* Reduce code dupe
* Add test for 0 - 1
* Add a few more tests
