From 69c0d7b4f5e2bf1f3d000f6d285b3229c3fcaeca Mon Sep 17 00:00:00 2001 From: parazyd Date: Fri, 14 Jul 2023 20:10:49 +0200 Subject: [PATCH] zk/gadget/less_than: Improve tests. --- src/zk/gadget/less_than.rs | 133 ++++++++++++++----------------------- 1 file changed, 51 insertions(+), 82 deletions(-) diff --git a/src/zk/gadget/less_than.rs b/src/zk/gadget/less_than.rs index 7923f8af0..b9af42eb6 100644 --- a/src/zk/gadget/less_than.rs +++ b/src/zk/gadget/less_than.rs @@ -249,7 +249,7 @@ impl()), + let valid_pairs = [ + (pallas::Base::from(13), pallas::Base::from(15)), + (pallas::Base::ZERO, pallas::Base::from(u64::MAX)), + (pallas::Base::ONE, pallas::Base::from(rand::random::())), ]; - let invalid_a_vals = vec![ - pallas::Base::from(14), - pallas::Base::from(u64::MAX), - pallas::Base::zero(), - pallas::Base::one(), - pallas::Base::from(u64::MAX), - ]; - let invalid_b_vals = vec![ - pallas::Base::from(11), - pallas::Base::zero(), - pallas::Base::zero(), - pallas::Base::one(), - pallas::Base::from(u64::MAX), + let invalid_pairs = [ + (pallas::Base::from(14), pallas::Base::from(11)), + (pallas::Base::from(u64::MAX), pallas::Base::ZERO), + (pallas::Base::ZERO, pallas::Base::ZERO), + (pallas::Base::ONE, pallas::Base::ONE), + (pallas::Base::ONE, pallas::Base::ZERO), + (pallas::Base::from(u64::MAX), pallas::Base::from(u64::MAX)), + (pallas::Base::from(u64::MAX), pallas::Base::from(u64::MAX) + pallas::Base::ONE), ]; use plotters::prelude::*; @@ -368,26 +362,16 @@ mod tests { .into_drawing_area(); CircuitLayout::default().render(k, &circuit, &root).unwrap(); - for i in 0..valid_a_vals.len() { - let a = valid_a_vals[i]; - let b = valid_b_vals[i]; - + for (a, b) in valid_pairs { println!("64 bit (valid) {:?} < {:?} check", a, b); - let circuit = LessThanCircuit { a: Value::known(a), b: Value::known(b) }; - let prover = MockProver::run(k, &circuit, vec![]).unwrap(); prover.assert_satisfied(); } - for i in 0..invalid_a_vals.len() { - let a = invalid_a_vals[i]; - let b = invalid_b_vals[i]; - + for (a, b) in invalid_pairs { println!("64 bit (invalid) {:?} < {:?} check", a, b); - let circuit = LessThanCircuit { a: Value::known(a), b: Value::known(b) }; - let prover = MockProver::run(k, &circuit, vec![]).unwrap(); assert!(prover.verify().is_err()) } @@ -398,73 +382,58 @@ mod tests { test_circuit!(3, 253, 85); let k = 7; - const HEADSTART: pallas::Base = pallas::Base::from_raw([ - 11731824086999220879, - 11830614503713258191, - 737869762948382064, - 46116860184273879, - ]); - - const P: pallas::Base = pallas::Base::from_raw([ - 11037532056220336122, - 2469829653914515739, - 0, - 4611686018427387904, - ]); const P_MINUS_1: pallas::Base = pallas::Base::from_raw([ - 11037532056220336121, - 2469829653914515739, - 0, - 4611686018427387904, + 0x992d30ed00000000, + 0x224698fc094cf91b, + 0x0000000000000000, + 0x4000000000000000, ]); - let seed = poseidon_hash([pallas::Base::from(3), pallas::Base::from(10)]); - let y = poseidon_hash([seed, pallas::Base::from(1)]); + // 2^253 - 1. This is the maximum we can check. + const MAX_253: pallas::Base = pallas::Base::from_raw([ + 0xFFFFFFFFFFFFFFFF, + 0xFFFFFFFFFFFFFFFF, + 0xFFFFFFFFFFFFFFFF, + 0x1FFFFFFFFFFFFFFF, + ]); - let sigma1 = pallas::Base::from(1); - let sigma2 = pallas::Base::from(1); - let value = pallas::Base::from(100_000_000_000); - let target = sigma1 * value + sigma2 * value * value + HEADSTART; - - let valid_a_vals = vec![pallas::Base::from(1), y, P_MINUS_1]; - let valid_b_vals = vec![pallas::Base::from(3), target, P]; - - let seed = poseidon_hash([pallas::Base::from(3), pallas::Base::from(2)]); - - let invalid_a_vals = vec![ - pallas::Base::from(3), - y, - pallas::Base::from(11), - poseidon_hash([seed, pallas::Base::from(1)]), - pallas::Base::from(0b010000100), + let valid_pairs = [ + (pallas::Base::ZERO, pallas::Base::ONE), + (pallas::Base::from(u64::MAX), pallas::Base::from(u64::MAX) + pallas::Base::ONE), + ( + pallas::Base::from_u128(u128::MAX), + pallas::Base::from_u128(u128::MAX) + pallas::Base::ONE, + ), + (MAX_253 - pallas::Base::from(2), MAX_253 - pallas::Base::ONE), + (MAX_253 - pallas::Base::ONE, MAX_253), + (MAX_253, MAX_253 + pallas::Base::ONE), // <-- Is this legit?? ]; - let invalid_b_vals = vec![ - pallas::Base::from(1), - target, - pallas::Base::from(11), - pallas::Base::from(0b010000011), + let invalid_pairs = [ + (pallas::Base::ZERO, pallas::Base::ZERO), + (pallas::Base::ONE, pallas::Base::ZERO), + (P_MINUS_1 - pallas::Base::ONE, P_MINUS_1), + (P_MINUS_1, P_MINUS_1), + (P_MINUS_1, pallas::Base::ZERO), + (MAX_253, MAX_253), + (MAX_253, pallas::Base::ZERO), + (MAX_253, pallas::Base::ONE), + (MAX_253 + pallas::Base::ONE, pallas::Base::ZERO), + (MAX_253 + pallas::Base::ONE, pallas::Base::ONE), + (MAX_253 + pallas::Base::ONE, MAX_253 + pallas::Base::ONE), + (MAX_253 + pallas::Base::ONE, MAX_253 + pallas::Base::from(2)), ]; - for i in 0..valid_a_vals.len() { - let a = valid_a_vals[i]; - let b = valid_b_vals[i]; - + for (a, b) in valid_pairs { println!("253 bit (valid) {:?} < {:?} check", a, b); - let circuit = LessThanCircuit { a: Value::known(a), b: Value::known(b) }; let prover = MockProver::run(k, &circuit, vec![]).unwrap(); prover.assert_satisfied(); } - for i in 0..invalid_a_vals.len() { - let a = invalid_a_vals[i]; - let b = invalid_b_vals[i]; - + for (a, b) in invalid_pairs { println!("253 bit (invalid) {:?} < {:?} check", a, b); - let circuit = LessThanCircuit { a: Value::known(a), b: Value::known(b) }; - let prover = MockProver::run(k, &circuit, vec![]).unwrap(); assert!(prover.verify().is_err()) }