From e710fb2cd47169b20aa2bf0e3677940df0080faf Mon Sep 17 00:00:00 2001 From: narodnik Date: Mon, 21 Sep 2020 10:18:27 +0200 Subject: [PATCH] split off codgen functions into a separate module. have working ec ops --- compile_and_run.sh | 2 +- proofs/simple.pism | 6 ++++++ proofs/simple.prf | 4 ++-- proofs/working.pism | 4 ---- scripts/codegen.py | 31 +++++++++++++++++++++++++++++++ scripts/pism.py | 42 ++++++++++++++++++++---------------------- src/simple.rs | 13 +++++++++---- 7 files changed, 69 insertions(+), 33 deletions(-) create mode 100644 scripts/codegen.py diff --git a/compile_and_run.sh b/compile_and_run.sh index dae5110c0..005a08cf4 100755 --- a/compile_and_run.sh +++ b/compile_and_run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/bash -x python scripts/pism.py proofs/simple.pism > src/simple_circuit.rs cargo fmt cargo run --release --bin simple diff --git a/proofs/simple.pism b/proofs/simple.pism index eef846e0d..bf3053a56 100644 --- a/proofs/simple.pism +++ b/proofs/simple.pism @@ -4,9 +4,15 @@ constant G_SPEND FixedGenerator contract input_spend param secret Fr + param ak Point start + witness ak param:ak + assert_not_small_order ak + fr_as_binary_le secret param:secret ec_mul_const public secret G_SPEND + + ec_add public public ak emit_ec public end diff --git a/proofs/simple.prf b/proofs/simple.prf index e234d706b..dff2a3698 100644 --- a/proofs/simple.prf +++ b/proofs/simple.prf @@ -1,5 +1,5 @@ -const: - G_SPEND: SubgroupPoint +const G_SPEND: SubgroupPoint + contract input_spend( secret: Fr -> BinaryNumber ) -> Point: diff --git a/proofs/working.pism b/proofs/working.pism index e9d428143..ec63bcc08 100644 --- a/proofs/working.pism +++ b/proofs/working.pism @@ -33,10 +33,6 @@ contract input_spend # ... param anchor Scalar start - fr_as_binary_le secret param:secret - ec_mul_const public secret G_SPEND - emit_ec public - # let rk: Point = ak + ar * G_SPEND witness ak param:ak assert_not_small_order ak diff --git a/scripts/codegen.py b/scripts/codegen.py new file mode 100644 index 000000000..d376265d5 --- /dev/null +++ b/scripts/codegen.py @@ -0,0 +1,31 @@ +# Functions here are called from pism.py using getattr() +# and the function name as a string. + +def witness(line, out, point): + return \ +r"""let %s = ecc::EdwardsPoint::witness( + cs.namespace(|| "%s"), + %s.map(jubjub::ExtendedPoint::from))?;""" % (out, line, point) + +def assert_not_small_order(line, point): + return '%s.assert_not_small_order(cs.namespace(|| "%s"))?;' % (point, line) + +def fr_as_binary_le(line, out, fr): + return \ +r"""let %s = boolean::field_into_boolean_vec_le( + cs.namespace(|| "%s"), %s)?;""" % (out, line, fr) + +def ec_mul_const(line, out, fr, base): + return \ +r"""let %s = ecc::fixed_base_multiplication( + cs.namespace(|| "%s"), + &%s, + &%s, +)?;""" % (out, line, base, fr) + +def ec_add(line, out, a, b): + return 'let %s = %s.add(cs.namespace(|| "%s"), &%s)?;' % (out, a, line, b) + +def emit_ec(line, point): + return '%s.inputize(cs.namespace(|| "%s"))?;' % (point, line) + diff --git a/scripts/pism.py b/scripts/pism.py index c13c3c26d..355b66e94 100644 --- a/scripts/pism.py +++ b/scripts/pism.py @@ -2,6 +2,8 @@ import json import os import sys +import codegen + symbol_table = { "contract": 1, "param": 2, @@ -9,8 +11,10 @@ symbol_table = { "end": 0, "witness": 2, + "assert_not_small_order": 1, "fr_as_binary_le": 2, "ec_mul_const": 3, + "ec_add": 3, "emit_ec": 1 } @@ -27,6 +31,9 @@ command_desc = { ("EdwardsPoint", True), ("Point", False) ), + "assert_not_small_order": ( + ("EdwardsPoint", False), + ), "fr_as_binary_le": ( ("Vec", True), ("Fr", False) @@ -36,6 +43,11 @@ command_desc = { ("Vec", False), ("FixedGenerator", False) ), + "ec_add": ( + ("EdwardsPoint", True), + ("EdwardsPoint", False), + ("EdwardsPoint", False), + ), "emit_ec": ( ("EdwardsPoint", False), ) @@ -291,28 +303,14 @@ use zcash_proofs::circuit::ecc; args = [self.carg(arg) for arg in args] - if command == "witness": - out, point = args - return \ -r"""let %s = ecc::EdwardsPoint::witness( - cs.namespace(|| "%s"), - %s.map(jubjub::ExtendedPoint::from))?;""" % (out, line, point) - elif command == "fr_as_binary_le": - out, fr = args - return \ -r"""let %s = boolean::field_into_boolean_vec_le( - cs.namespace(|| "%s"), %s)?;""" % (out, line, fr) - elif command == "ec_mul_const": - out, fr, base = args - return \ -r"""let %s = ecc::fixed_base_multiplication( - cs.namespace(|| "%s"), - &%s, - &%s, -)?;""" % (out, line, base, fr) - elif command == "emit_ec": - point = args[0] - return '%s.inputize(cs.namespace(|| "%s"))?;' % (point, line) + try: + codegen_method = getattr(codegen, command) + except AttributeError: + eprint("error: missing command '%s' does not exist" % command) + eprint(line) + return None + + return codegen_method(line, *args) def carg(self, arg): argname, is_param = arg diff --git a/src/simple.rs b/src/simple.rs index 92869f80e..5cbf01c09 100644 --- a/src/simple.rs +++ b/src/simple.rs @@ -1,25 +1,30 @@ use bellman::groth16; use bls12_381::Bls12; use ff::Field; -use group::Curve; +use group::{Curve, Group}; mod simple_circuit; use simple_circuit::InputSpend; fn main() { use rand::rngs::OsRng; - //let ak = jubjub::SubgroupPoint::random(&mut OsRng); + + let ak = jubjub::SubgroupPoint::random(&mut OsRng); let secret: jubjub::Fr = jubjub::Fr::random(&mut OsRng); - let public = zcash_primitives::constants::SPENDING_KEY_GENERATOR * secret; + let public = zcash_primitives::constants::SPENDING_KEY_GENERATOR * secret + ak; let params = { - let c = InputSpend { secret: None }; + let c = InputSpend { + secret: None, + ak: None, + }; groth16::generate_random_parameters::(c, &mut OsRng).unwrap() }; let pvk = groth16::prepare_verifying_key(¶ms.vk); let c = InputSpend { secret: Some(secret), + ak: Some(ak), }; let proof = groth16::create_random_proof(c, ¶ms, &mut OsRng).unwrap();