From 56126be37624d7c05fe0bcd4f7331898a1cec157 Mon Sep 17 00:00:00 2001 From: Nesopie <87437291+Nesopie@users.noreply.github.com> Date: Mon, 10 Feb 2025 18:11:03 +0530 Subject: [PATCH] feat: add cpp circuit artifacts (#50) --- .github/workflows/artifacts.yml | 52 +++++++++++++ .gitignore | 3 +- circuits/scripts/build/build_cpp.sh | 109 ++++++++++++++++++++++++++++ 3 files changed, 163 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/artifacts.yml create mode 100755 circuits/scripts/build/build_cpp.sh diff --git a/.github/workflows/artifacts.yml b/.github/workflows/artifacts.yml new file mode 100644 index 000000000..707b72d0d --- /dev/null +++ b/.github/workflows/artifacts.yml @@ -0,0 +1,52 @@ +name: OpenPassport CI/CD +on: + push: + branches: + - main + paths: + - "circuits/circuits/**" +jobs: + build: + runs-on: ubuntu-22.04 + + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Install dependencies + run: | + npm i -g yarn && cd circuits && yarn + - name: Setup Rust + uses: dtolnay/rust-toolchain@stable + + - name: Download Circom Binary v2.1.9 + run: | + wget -qO /home/runner/work/circom https://github.com/iden3/circom/releases/download/v2.1.9/circom-linux-amd64 + chmod +x /home/runner/work/circom + sudo mv /home/runner/work/circom /bin/circom + + - name: Print Circom version + run: circom --version + + - name: Install cpp dependencies + run: | + sudo apt-get update + sudo apt-get install --yes \ + build-essential \ + libgmp-dev \ + libsodium-dev \ + nasm \ + nlohmann-json3-dev + + - name: Build cpp circuits + run: | + chmod +x circuits/scripts/build/build_cpp.sh && \ + ./circuits/scripts/build/build_cpp.sh register && + ./circuits/scripts/build/build_cpp.sh disclose && + ./circuits/scripts/build/build_cpp.sh dsc + + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + name: circuits + path: output/ diff --git a/.gitignore b/.gitignore index a80c0cc41..b736d9930 100644 --- a/.gitignore +++ b/.gitignore @@ -6,4 +6,5 @@ dist **/node_modules/ showcase .codegpt -**/.yarn/ \ No newline at end of file +**/.yarn/ +output/* \ No newline at end of file diff --git a/circuits/scripts/build/build_cpp.sh b/circuits/scripts/build/build_cpp.sh new file mode 100755 index 000000000..03e41c8e2 --- /dev/null +++ b/circuits/scripts/build/build_cpp.sh @@ -0,0 +1,109 @@ +#!/bin/bash + +# run from root +# first argument should register | dsc | disclose +if [[ $1 != "register" && $1 != "dsc" && $1 != "disclose" ]]; then + echo "first argument should be register | dsc | disclose" + exit 1 +fi + +REGISTER_CIRCUITS=( + "register_sha1_sha1_sha1_ecdsa_brainpoolP224r1:false" + "register_sha1_sha1_sha1_ecdsa_secp256r1:false" + "register_sha1_sha1_sha1_rsa_65537_2048:false" + "register_sha1_sha256_sha256_rsa_65537_4096:true" + "register_sha256_sha224_sha224_ecdsa_brainpoolP224r1:false" + "register_sha256_sha256_sha256_ecdsa_brainpoolP224r1:false" + "register_sha256_sha256_sha256_ecdsa_brainpoolP256r1:true" + "register_sha256_sha256_sha256_ecdsa_secp256r1:false" + "register_sha256_sha256_sha256_ecdsa_secp384r1:false" + "register_sha256_sha256_sha256_rsa_65537_3072:false" + "register_sha256_sha256_sha256_rsa_65537_4096:false" + "register_sha256_sha256_sha256_rsapss_3_32_4096:false" + "register_sha256_sha256_sha256_rsapss_65537_4096:false" + "register_sha384_sha384_sha384_ecdsa_brainpoolP256r1:false" + "register_sha384_sha384_sha384_ecdsa_brainpoolP384r1:false" + "register_sha384_sha384_sha384_ecdsa_secp384r1:false" + "register_sha512_sha512_sha512_ecdsa_brainpoolP256r1:false" + "register_sha512_sha512_sha512_ecdsa_brainpoolP384r1:false" + "register_sha512_sha512_sha512_ecdsa_brainpoolP512r1:false" + "register_sha512_sha512_sha512_rsa_65537_4096:false" +) + +DISCLOSE_CIRCUITS=( + "vc_and_disclose:true" +) + +DSC_CIRCUITS=( + # ECDSA circuits + "dsc_sha1_ecdsa_brainpoolP256r1:false" + "dsc_sha256_ecdsa_brainpoolP224r1:false" + "dsc_sha256_ecdsa_brainpoolP256r1:false" + "dsc_sha256_ecdsa_brainpoolP384r1:false" + "dsc_sha256_ecdsa_secp256r1:false" + "dsc_sha256_ecdsa_secp384r1:false" + "dsc_sha256_ecdsa_secp521r1:false" + "dsc_sha384_ecdsa_brainpoolP384r1:false" + "dsc_sha384_ecdsa_brainpoolP512r1:false" + "dsc_sha384_ecdsa_secp384r1:false" + "dsc_sha512_ecdsa_brainpoolP512r1:false" + "dsc_sha512_ecdsa_secp521r1:false" + + # RSA circuits + "dsc_sha1_rsa_65537_4096:false" + "dsc_sha256_rsa_65537_4096:true" + "dsc_sha512_rsa_65537_4096:false" + + # RSA-PSS circuits + "dsc_sha256_rsapss_3_32_3072:false" + "dsc_sha256_rsapss_65537_32_3072:false" + "dsc_sha256_rsapss_65537_32_4096:false" + "dsc_sha512_rsapss_65537_64_4096:false" +) + +if [[ $1 == "register" ]]; then + allowed_circuits=("${REGISTER_CIRCUITS[@]}") + output="output/register" + mkdir -p $output + basepath="./circuits/circuits/register/instances" +elif [[ $1 == "dsc" ]]; then + allowed_circuits=("${DSC_CIRCUITS[@]}") + output="output/dsc" + mkdir -p $output + basepath="./circuits/circuits/dsc/instances" +elif [[ $1 == "disclose" ]]; then + allowed_circuits=("${DISCLOSE_CIRCUITS[@]}") + output="output/disclose" + mkdir -p $output + basepath="./circuits/circuits/disclose" +fi + +pids=() +for item in "${allowed_circuits[@]}"; do + filename=$(echo "$item" | cut -d':' -f1) + allowed=$(echo "$item" | cut -d':' -f2) + + if [[ $allowed == 'false' ]]; then + echo "Skipping $filename (not in allowed circuits)" + continue + fi + + echo $filename $allowed + filepath=${basepath}/${filename}.circom + circom_pid=$! + circuit_name="${filename%.*}" + ( + circom $filepath \ + -l "circuits/node_modules" \ + -l "circuits/node_modules/@zk-kit/binary-merkle-root.circom/src" \ + -l "circuits/node_modules/circomlib/circuits" \ + --O1 -c --output $output && \ + cd $output/${circuit_name}_cpp && \ + make + ) & + pids+=($!) +done + +echo "Waiting for all circuits to compile..." +wait "${pids[@]}" +echo "All circuits compiled successfully!"