mirror of
https://github.com/vacp2p/linea-monorepo.git
synced 2026-01-09 04:08:01 -05:00
Prover: connect the codehash and the statesummary module (#463)
* clean(prover): more hilo into zkevm/prover/common * feat(codehash): implements the module connecting the codehash and the statesummary * clean(ss): apply the changes for the statesummary * feat(rand): moves everything to use rand/v2 * feat(csv): adds WriteExplicit * feat(codehash): implements the consistency module * fix(rng): Int31n -> Int32N * fix(lint): pass the use of test-rng * clean: clean one of the comment to remove debugging data * fix(test): fix conversion test and also simplify the use of rng * feat(codehash): enable the codehash consistency module * reconnect the execution data hasher with the public input * revert the rand/v2 for the testcase-gen of the contracts
This commit is contained in:
AlexandreBelling
@@ -19,29 +19,28 @@
|
||||
pragma solidity 0.8.26;
|
||||
|
||||
contract PlonkVerifierForDataAggregation {
|
||||
uint256 private constant R_MOD = 21888242871839275222246405745257275088548364400416034343698204186575808495617;
|
||||
uint256 private constant R_MOD_MINUS_ONE =
|
||||
21888242871839275222246405745257275088548364400416034343698204186575808495616;
|
||||
uint256 private constant P_MOD = 21888242871839275222246405745257275088696311157297823662689037894645226208583;
|
||||
|
||||
uint256 private constant R_MOD = 21888242871839275222246405745257275088548364400416034343698204186575808495617;
|
||||
uint256 private constant R_MOD_MINUS_ONE = 21888242871839275222246405745257275088548364400416034343698204186575808495616;
|
||||
uint256 private constant P_MOD = 21888242871839275222246405745257275088696311157297823662689037894645226208583;
|
||||
|
||||
uint256 private constant G2_SRS_0_X_0 = 11559732032986387107991004021392285783925812861821192530917403151452391805634;
|
||||
uint256 private constant G2_SRS_0_X_1 = 10857046999023057135944570762232829481370756359578518086990519993285655852781;
|
||||
uint256 private constant G2_SRS_0_Y_0 = 4082367875863433681332203403145435568316851327593401208105741076214120093531;
|
||||
uint256 private constant G2_SRS_0_Y_1 = 8495653923123431417604973247489272438418190587263600148770280649306958101930;
|
||||
|
||||
|
||||
uint256 private constant G2_SRS_1_X_0 = 15805639136721018565402881920352193254830339253282065586954346329754995870280;
|
||||
uint256 private constant G2_SRS_1_X_1 = 19089565590083334368588890253123139704298730990782503769911324779715431555531;
|
||||
uint256 private constant G2_SRS_1_Y_0 = 9779648407879205346559610309258181044130619080926897934572699915909528404984;
|
||||
uint256 private constant G2_SRS_1_Y_1 = 6779728121489434657638426458390319301070371227460768374343986326751507916979;
|
||||
|
||||
|
||||
uint256 private constant G1_SRS_X = 14312776538779914388377568895031746459131577658076416373430523308756343304251;
|
||||
uint256 private constant G1_SRS_Y = 11763105256161367503191792604679297387056316997144156930871823008787082098465;
|
||||
|
||||
// ----------------------- vk ---------------------
|
||||
uint256 private constant VK_NB_PUBLIC_INPUTS = 1;
|
||||
uint256 private constant VK_DOMAIN_SIZE = 16;
|
||||
uint256 private constant VK_INV_DOMAIN_SIZE =
|
||||
20520227692349320520856005386178695395514091625390032197217066424914820464641;
|
||||
uint256 private constant VK_INV_DOMAIN_SIZE = 20520227692349320520856005386178695395514091625390032197217066424914820464641;
|
||||
uint256 private constant VK_OMEGA = 14940766826517323942636479241147756311199852622225275649687664389641784935947;
|
||||
uint256 private constant VK_QL_COM_X = 3767637989833674092151354229632559107224950590673664856842061399469467338879;
|
||||
uint256 private constant VK_QL_COM_Y = 18545409996679466114224178746162553880737296402729089689774308937082946761979;
|
||||
@@ -53,21 +52,23 @@ contract PlonkVerifierForDataAggregation {
|
||||
uint256 private constant VK_QO_COM_Y = 10782414695040549646706468913781794882209258381887890407509684555513355143197;
|
||||
uint256 private constant VK_QK_COM_X = 309591480144351325314158474719361148480191595146291661238142838254651436989;
|
||||
uint256 private constant VK_QK_COM_Y = 12063173869829536468830946547606069911666129778788708678515573607390482939756;
|
||||
|
||||
|
||||
uint256 private constant VK_S1_COM_X = 12287072751694848944507699577006619791724925439540371477056092891137357229312;
|
||||
uint256 private constant VK_S1_COM_Y = 2469356406782415219782253630635766217009619642857495098799013714324696399305;
|
||||
|
||||
|
||||
uint256 private constant VK_S2_COM_X = 17261757720471042341269061128759148572672168808566386603388432325173708264418;
|
||||
uint256 private constant VK_S2_COM_Y = 20976565876611279190744172824963243461988367679364518747954008723085439460611;
|
||||
|
||||
|
||||
uint256 private constant VK_S3_COM_X = 18758025488249277181117376239193628449359868741625564388668468130204669284937;
|
||||
uint256 private constant VK_S3_COM_Y = 15566903578741238761792344329051427316196307361197991677131114502821508927172;
|
||||
|
||||
|
||||
uint256 private constant VK_COSET_SHIFT = 5;
|
||||
|
||||
|
||||
|
||||
uint256 private constant VK_QCP_0_X = 4559262075452024065272338216146989708834054079507534161096300708463935456394;
|
||||
uint256 private constant VK_QCP_0_Y = 1898950104727986554890445533779776634695458253078091580309593009754027486622;
|
||||
|
||||
|
||||
|
||||
uint256 private constant VK_INDEX_COMMIT_API_0 = 5;
|
||||
uint256 private constant VK_NB_CUSTOM_GATES = 1;
|
||||
|
||||
@@ -77,7 +78,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
uint256 private constant FIXED_PROOF_SIZE = 0x300;
|
||||
|
||||
// offset proof
|
||||
|
||||
|
||||
uint256 private constant PROOF_L_COM_X = 0x0;
|
||||
uint256 private constant PROOF_L_COM_Y = 0x20;
|
||||
uint256 private constant PROOF_R_COM_X = 0x40;
|
||||
@@ -121,7 +122,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
// -------- offset state
|
||||
|
||||
// challenges to check the claimed quotient
|
||||
|
||||
|
||||
uint256 private constant STATE_ALPHA = 0x0;
|
||||
uint256 private constant STATE_BETA = 0x20;
|
||||
uint256 private constant STATE_GAMMA = 0x40;
|
||||
@@ -152,13 +153,15 @@ contract PlonkVerifierForDataAggregation {
|
||||
// -------- errors
|
||||
uint256 private constant ERROR_STRING_ID = 0x08c379a000000000000000000000000000000000000000000000000000000000; // selector for function Error(string)
|
||||
|
||||
|
||||
// -------- utils (for hash_fr)
|
||||
uint256 private constant HASH_FR_BB = 340282366920938463463374607431768211456; // 2**128
|
||||
uint256 private constant HASH_FR_ZERO_UINT256 = 0;
|
||||
uint8 private constant HASH_FR_LEN_IN_BYTES = 48;
|
||||
uint8 private constant HASH_FR_SIZE_DOMAIN = 11;
|
||||
uint8 private constant HASH_FR_ONE = 1;
|
||||
uint8 private constant HASH_FR_TWO = 2;
|
||||
uint256 private constant HASH_FR_BB = 340282366920938463463374607431768211456; // 2**128
|
||||
uint256 private constant HASH_FR_ZERO_UINT256 = 0;
|
||||
uint8 private constant HASH_FR_LEN_IN_BYTES = 48;
|
||||
uint8 private constant HASH_FR_SIZE_DOMAIN = 11;
|
||||
uint8 private constant HASH_FR_ONE = 1;
|
||||
uint8 private constant HASH_FR_TWO = 2;
|
||||
|
||||
|
||||
// -------- precompiles
|
||||
uint8 private constant SHA2 = 0x2;
|
||||
@@ -166,14 +169,17 @@ contract PlonkVerifierForDataAggregation {
|
||||
uint8 private constant EC_ADD = 0x6;
|
||||
uint8 private constant EC_MUL = 0x7;
|
||||
uint8 private constant EC_PAIR = 0x8;
|
||||
|
||||
|
||||
/// Verify a Plonk proof.
|
||||
/// Reverts if the proof or the public inputs are malformed.
|
||||
/// @param proof serialised plonk proof (using gnark's MarshalSolidity)
|
||||
/// @param public_inputs (must be reduced)
|
||||
/// @return success true if the proof passes false otherwise
|
||||
function Verify(bytes calldata proof, uint256[] calldata public_inputs) public view returns (bool success) {
|
||||
function Verify(bytes calldata proof, uint256[] calldata public_inputs)
|
||||
public view returns(bool success) {
|
||||
|
||||
assembly {
|
||||
|
||||
let mem := mload(0x40)
|
||||
let freeMem := add(mem, STATE_LAST_MEM)
|
||||
|
||||
@@ -305,23 +311,20 @@ contract PlonkVerifierForDataAggregation {
|
||||
// end errors -------------------------------------------------
|
||||
|
||||
// Beginning checks -------------------------------------------------
|
||||
|
||||
|
||||
/// @param s actual number of public inputs
|
||||
function check_number_of_public_inputs(s) {
|
||||
if iszero(eq(s, VK_NB_PUBLIC_INPUTS)) {
|
||||
error_nb_public_inputs()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/// Checks that the public inputs are < R_MOD.
|
||||
/// @param s number of public inputs
|
||||
/// @param p pointer to the public inputs array
|
||||
function check_inputs_size(s, p) {
|
||||
for {
|
||||
let i
|
||||
} lt(i, s) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i} lt(i, s) {i:=add(i,1)}
|
||||
{
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
error_inputs_size()
|
||||
}
|
||||
@@ -332,16 +335,17 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// Checks if the proof is of the correct size
|
||||
/// @param actual_proof_size size of the proof (not the expected size)
|
||||
function check_proof_size(actual_proof_size) {
|
||||
let expected_proof_size := add(FIXED_PROOF_SIZE, mul(VK_NB_CUSTOM_GATES, 0x60))
|
||||
let expected_proof_size := add(FIXED_PROOF_SIZE, mul(VK_NB_CUSTOM_GATES,0x60))
|
||||
if iszero(eq(actual_proof_size, expected_proof_size)) {
|
||||
error_proof_size()
|
||||
error_proof_size()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/// Checks if the multiple openings of the polynomials are < R_MOD.
|
||||
/// @param aproof pointer to the beginning of the proof
|
||||
/// @dev the 'a' prepending proof is to have a local name
|
||||
function check_proof_openings_size(aproof) {
|
||||
|
||||
// PROOF_L_AT_ZETA
|
||||
let p := add(aproof, PROOF_L_AT_ZETA)
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
@@ -365,7 +369,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
error_proof_openings_size()
|
||||
}
|
||||
|
||||
|
||||
// PROOF_S2_AT_ZETA
|
||||
p := add(aproof, PROOF_S2_AT_ZETA)
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
@@ -379,18 +383,16 @@ contract PlonkVerifierForDataAggregation {
|
||||
}
|
||||
|
||||
// PROOF_OPENING_QCP_AT_ZETA
|
||||
|
||||
|
||||
p := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, VK_NB_CUSTOM_GATES) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i:=0} lt(i, VK_NB_CUSTOM_GATES) {i:=add(i,1)}
|
||||
{
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
error_proof_openings_size()
|
||||
}
|
||||
p := add(p, 0x20)
|
||||
}
|
||||
|
||||
}
|
||||
// end checks -------------------------------------------------
|
||||
|
||||
@@ -412,32 +414,34 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// and is encoded as a uint256 number n. In basis b = 256, the number looks like this
|
||||
/// [0 0 0 .. 0x67 0x61 0x6d, 0x6d, 0x61]. The first non zero entry is at position 27=0x1b
|
||||
/// Gamma reduced (the actual challenge) is stored at add(state, state_gamma)
|
||||
function derive_gamma(aproof, nb_pi, pi) -> gamma_not_reduced {
|
||||
function derive_gamma(aproof, nb_pi, pi)->gamma_not_reduced {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(state, STATE_LAST_MEM)
|
||||
|
||||
mstore(mPtr, FS_GAMMA) // "gamma"
|
||||
|
||||
mstore(add(mPtr, 0x20), VK_S1_COM_X)
|
||||
mstore(add(mPtr, 0x40), VK_S1_COM_Y)
|
||||
mstore(add(mPtr, 0x60), VK_S2_COM_X)
|
||||
mstore(add(mPtr, 0x80), VK_S2_COM_Y)
|
||||
mstore(add(mPtr, 0xa0), VK_S3_COM_X)
|
||||
mstore(add(mPtr, 0xc0), VK_S3_COM_Y)
|
||||
mstore(add(mPtr, 0xe0), VK_QL_COM_X)
|
||||
mstore(add(mPtr, 0x100), VK_QL_COM_Y)
|
||||
mstore(add(mPtr, 0x120), VK_QR_COM_X)
|
||||
mstore(add(mPtr, 0x140), VK_QR_COM_Y)
|
||||
mstore(add(mPtr, 0x160), VK_QM_COM_X)
|
||||
mstore(add(mPtr, 0x180), VK_QM_COM_Y)
|
||||
mstore(add(mPtr, 0x1a0), VK_QO_COM_X)
|
||||
mstore(add(mPtr, 0x1c0), VK_QO_COM_Y)
|
||||
mstore(add(mPtr, 0x1e0), VK_QK_COM_X)
|
||||
mstore(add(mPtr, 0x200), VK_QK_COM_Y)
|
||||
|
||||
mstore(add(mPtr, 0x220), VK_QCP_0_X)
|
||||
mstore(add(mPtr, 0x240), VK_QCP_0_Y)
|
||||
|
||||
|
||||
mstore(add(mPtr, 0x20), VK_S1_COM_X)
|
||||
mstore(add(mPtr, 0x40), VK_S1_COM_Y)
|
||||
mstore(add(mPtr, 0x60), VK_S2_COM_X)
|
||||
mstore(add(mPtr, 0x80), VK_S2_COM_Y)
|
||||
mstore(add(mPtr, 0xa0), VK_S3_COM_X)
|
||||
mstore(add(mPtr, 0xc0), VK_S3_COM_Y)
|
||||
mstore(add(mPtr, 0xe0), VK_QL_COM_X)
|
||||
mstore(add(mPtr, 0x100), VK_QL_COM_Y)
|
||||
mstore(add(mPtr, 0x120), VK_QR_COM_X)
|
||||
mstore(add(mPtr, 0x140), VK_QR_COM_Y)
|
||||
mstore(add(mPtr, 0x160), VK_QM_COM_X)
|
||||
mstore(add(mPtr, 0x180), VK_QM_COM_Y)
|
||||
mstore(add(mPtr, 0x1a0), VK_QO_COM_X)
|
||||
mstore(add(mPtr, 0x1c0), VK_QO_COM_Y)
|
||||
mstore(add(mPtr, 0x1e0), VK_QK_COM_X)
|
||||
mstore(add(mPtr, 0x200), VK_QK_COM_Y)
|
||||
|
||||
mstore(add(mPtr, 0x220), VK_QCP_0_X)
|
||||
mstore(add(mPtr, 0x240), VK_QCP_0_Y)
|
||||
|
||||
// public inputs
|
||||
let _mPtr := add(mPtr, 0x260)
|
||||
let size_pi_in_bytes := mul(nb_pi, 0x20)
|
||||
@@ -454,7 +458,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
// + nb_public_inputs*0x20
|
||||
// + nb_custom gates*0x40
|
||||
let size := add(0x2c5, size_pi_in_bytes)
|
||||
|
||||
|
||||
size := add(size, mul(VK_NB_CUSTOM_GATES, 0x40))
|
||||
let l_success := staticcall(gas(), SHA2, add(mPtr, 0x1b), size, mPtr, 0x20) //0x1b -> 000.."gamma"
|
||||
if iszero(l_success) {
|
||||
@@ -469,7 +473,8 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @return beta_not_reduced the next challenge, beta, not reduced
|
||||
/// @notice the transcript consists of the previous challenge only.
|
||||
/// The reduced version of beta is stored at add(state, state_beta)
|
||||
function derive_beta(gamma_not_reduced) -> beta_not_reduced {
|
||||
function derive_beta(gamma_not_reduced)->beta_not_reduced{
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -490,8 +495,9 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @return alpha_not_reduced the next challenge, alpha, not reduced
|
||||
/// @notice the transcript consists of the previous challenge (beta)
|
||||
/// not reduced, the commitments to the wires associated to the QCP_i,
|
||||
/// and the commitment to the grand product polynomial
|
||||
function derive_alpha(aproof, beta_not_reduced) -> alpha_not_reduced {
|
||||
/// and the commitment to the grand product polynomial
|
||||
function derive_alpha(aproof, beta_not_reduced)->alpha_not_reduced {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
let full_size := 0x65 // size("alpha") + 0x20 (previous challenge)
|
||||
@@ -501,14 +507,14 @@ contract PlonkVerifierForDataAggregation {
|
||||
let _mPtr := add(mPtr, 0x20)
|
||||
mstore(_mPtr, beta_not_reduced)
|
||||
_mPtr := add(_mPtr, 0x20)
|
||||
|
||||
|
||||
// Bsb22Commitments
|
||||
let proof_bsb_commitments := add(aproof, PROOF_BSB_COMMITMENTS)
|
||||
let size_bsb_commitments := mul(0x40, VK_NB_CUSTOM_GATES)
|
||||
calldatacopy(_mPtr, proof_bsb_commitments, size_bsb_commitments)
|
||||
_mPtr := add(_mPtr, size_bsb_commitments)
|
||||
full_size := add(full_size, size_bsb_commitments)
|
||||
|
||||
|
||||
// [Z], the commitment to the grand product polynomial
|
||||
calldatacopy(_mPtr, add(aproof, PROOF_GRAND_PRODUCT_COMMITMENT_X), 0x40)
|
||||
let l_success := staticcall(gas(), SHA2, add(mPtr, 0x1b), full_size, mPtr, 0x20)
|
||||
@@ -526,6 +532,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// The transcript consists of the previous challenge and the commitment to
|
||||
/// the quotient polynomial h.
|
||||
function derive_zeta(aproof, alpha_not_reduced) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -550,7 +557,8 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param n number of public inputs
|
||||
/// @param mPtr free memory
|
||||
/// @return pi_wo_commit public inputs contribution (except the public inputs coming from the custom gate)
|
||||
function sum_pi_wo_api_commit(ins, n, mPtr) -> pi_wo_commit {
|
||||
function sum_pi_wo_api_commit(ins, n, mPtr)->pi_wo_commit {
|
||||
|
||||
let state := mload(0x40)
|
||||
let z := mload(add(state, STATE_ZETA))
|
||||
let zpnmo := mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE))
|
||||
@@ -559,16 +567,14 @@ contract PlonkVerifierForDataAggregation {
|
||||
batch_compute_lagranges_at_z(z, zpnmo, n, li)
|
||||
|
||||
let tmp := 0
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, n) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i:=0} lt(i,n) {i:=add(i,1)}
|
||||
{
|
||||
tmp := mulmod(mload(li), calldataload(ins), R_MOD)
|
||||
pi_wo_commit := addmod(pi_wo_commit, tmp, R_MOD)
|
||||
li := add(li, 0x20)
|
||||
ins := add(ins, 0x20)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/// batch_compute_lagranges_at_z computes [L_0(z), .., L_{n-1}(z)]
|
||||
@@ -577,32 +583,27 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param n_pub number of public inputs (number of Lagranges to compute)
|
||||
/// @param mPtr pointer to which the results are stored
|
||||
function batch_compute_lagranges_at_z(z, zpnmo, n_pub, mPtr) {
|
||||
let zn := mulmod(zpnmo, VK_INV_DOMAIN_SIZE, R_MOD) // 1/n * (ζⁿ - 1)
|
||||
|
||||
let zn := mulmod(zpnmo, VK_INV_DOMAIN_SIZE, R_MOD) // 1/n * (ζⁿ - 1)
|
||||
|
||||
let _w := 1
|
||||
let _mPtr := mPtr
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, n_pub) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
mstore(_mPtr, addmod(z, sub(R_MOD, _w), R_MOD))
|
||||
for {let i:=0} lt(i,n_pub) {i:=add(i,1)}
|
||||
{
|
||||
mstore(_mPtr, addmod(z,sub(R_MOD, _w), R_MOD))
|
||||
_w := mulmod(_w, VK_OMEGA, R_MOD)
|
||||
_mPtr := add(_mPtr, 0x20)
|
||||
}
|
||||
batch_invert(mPtr, n_pub, _mPtr)
|
||||
_mPtr := mPtr
|
||||
_w := 1
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, n_pub) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
mstore(_mPtr, mulmod(mulmod(mload(_mPtr), zn, R_MOD), _w, R_MOD))
|
||||
for {let i:=0} lt(i,n_pub) {i:=add(i,1)}
|
||||
{
|
||||
mstore(_mPtr, mulmod(mulmod(mload(_mPtr), zn , R_MOD), _w, R_MOD))
|
||||
_mPtr := add(_mPtr, 0x20)
|
||||
_w := mulmod(_w, VK_OMEGA, R_MOD)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// @notice Montgomery trick for batch inversion mod R_MOD
|
||||
/// @param ins pointer to the data to batch invert
|
||||
@@ -611,11 +612,8 @@ contract PlonkVerifierForDataAggregation {
|
||||
function batch_invert(ins, nb_ins, mPtr) {
|
||||
mstore(mPtr, 1)
|
||||
let offset := 0
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, nb_ins) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i:=0} lt(i, nb_ins) {i:=add(i,1)}
|
||||
{
|
||||
let prev := mload(add(mPtr, offset))
|
||||
let cur := mload(add(ins, offset))
|
||||
cur := mulmod(prev, cur, R_MOD)
|
||||
@@ -624,12 +622,9 @@ contract PlonkVerifierForDataAggregation {
|
||||
}
|
||||
ins := add(ins, sub(offset, 0x20))
|
||||
mPtr := add(mPtr, offset)
|
||||
let inv := pow(mload(mPtr), sub(R_MOD, 2), add(mPtr, 0x20))
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, nb_ins) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
let inv := pow(mload(mPtr), sub(R_MOD,2), add(mPtr, 0x20))
|
||||
for {let i:=0} lt(i, nb_ins) {i:=add(i,1)}
|
||||
{
|
||||
mPtr := sub(mPtr, 0x20)
|
||||
let tmp := mload(ins)
|
||||
let cur := mulmod(inv, mload(mPtr), R_MOD)
|
||||
@@ -639,12 +634,14 @@ contract PlonkVerifierForDataAggregation {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/// Public inputs (the ones coming from the custom gate) contribution
|
||||
/// @param aproof pointer to the proof
|
||||
/// @param nb_public_inputs number of public inputs
|
||||
/// @param mPtr pointer to free memory
|
||||
/// @return pi_commit custom gate public inputs contribution
|
||||
function sum_pi_commit(aproof, nb_public_inputs, mPtr) -> pi_commit {
|
||||
function sum_pi_commit(aproof, nb_public_inputs, mPtr)->pi_commit {
|
||||
|
||||
let state := mload(0x40)
|
||||
let z := mload(add(state, STATE_ZETA))
|
||||
let zpnmo := mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE))
|
||||
@@ -652,10 +649,14 @@ contract PlonkVerifierForDataAggregation {
|
||||
let p := add(aproof, PROOF_BSB_COMMITMENTS)
|
||||
|
||||
let h_fr, ith_lagrange
|
||||
|
||||
|
||||
|
||||
h_fr := hash_fr(calldataload(p), calldataload(add(p, 0x20)), mPtr)
|
||||
ith_lagrange := compute_ith_lagrange_at_z(z, zpnmo, add(nb_public_inputs, VK_INDEX_COMMIT_API_0), mPtr)
|
||||
pi_commit := addmod(pi_commit, mulmod(h_fr, ith_lagrange, R_MOD), R_MOD)
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
/// Computes L_i(zeta) = ωⁱ/n * (ζⁿ-1)/(ζ-ωⁱ) where:
|
||||
@@ -663,14 +664,16 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param zpmno ζⁿ-1
|
||||
/// @param i i-th lagrange
|
||||
/// @param mPtr free memory
|
||||
/// @return res = ωⁱ/n * (ζⁿ-1)/(ζ-ωⁱ)
|
||||
function compute_ith_lagrange_at_z(z, zpnmo, i, mPtr) -> res {
|
||||
/// @return res = ωⁱ/n * (ζⁿ-1)/(ζ-ωⁱ)
|
||||
function compute_ith_lagrange_at_z(z, zpnmo, i, mPtr)->res {
|
||||
|
||||
let w := pow(VK_OMEGA, i, mPtr) // w**i
|
||||
i := addmod(z, sub(R_MOD, w), R_MOD) // z-w**i
|
||||
w := mulmod(w, VK_INV_DOMAIN_SIZE, R_MOD) // w**i/n
|
||||
i := pow(i, sub(R_MOD, 2), mPtr) // (z-w**i)**-1
|
||||
i := pow(i, sub(R_MOD,2), mPtr) // (z-w**i)**-1
|
||||
w := mulmod(w, i, R_MOD) // w**i/n*(z-w)**-1
|
||||
res := mulmod(w, zpnmo, R_MOD)
|
||||
|
||||
}
|
||||
|
||||
/// @dev https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-06#section-5.2
|
||||
@@ -678,14 +681,15 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param y y coordinate of a point on Bn254(𝔽_p)
|
||||
/// @param mPtr free memory
|
||||
/// @return res an element mod R_MOD
|
||||
function hash_fr(x, y, mPtr) -> res {
|
||||
function hash_fr(x, y, mPtr)->res {
|
||||
|
||||
// [0x00, .. , 0x00 || x, y, || 0, 48, 0, dst, HASH_FR_SIZE_DOMAIN]
|
||||
// <- 64 bytes -> <-64b -> <- 1 bytes each ->
|
||||
|
||||
// [0x00, .., 0x00] 64 bytes of zero
|
||||
mstore(mPtr, HASH_FR_ZERO_UINT256)
|
||||
mstore(add(mPtr, 0x20), HASH_FR_ZERO_UINT256)
|
||||
|
||||
|
||||
// msg = x || y , both on 32 bytes
|
||||
mstore(add(mPtr, 0x40), x)
|
||||
mstore(add(mPtr, 0x60), y)
|
||||
@@ -721,7 +725,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
// [b0 || one || dst || HASH_FR_SIZE_DOMAIN]
|
||||
// <-64bytes -> <- 1 byte each ->
|
||||
mstore8(add(mPtr, 0x20), HASH_FR_ONE) // 1
|
||||
|
||||
|
||||
mstore8(add(mPtr, 0x21), 0x42) // dst
|
||||
mstore8(add(mPtr, 0x22), 0x53)
|
||||
mstore8(add(mPtr, 0x23), 0x42)
|
||||
@@ -773,8 +777,9 @@ contract PlonkVerifierForDataAggregation {
|
||||
res := mulmod(mload(mPtr), HASH_FR_BB, R_MOD) // <- res = 2**128 * mPtr[:32]
|
||||
let b1 := shr(128, mload(add(mPtr, 0x20))) // b1 <- [0, 0, .., 0 || b2[:16] ]
|
||||
res := addmod(res, b1, R_MOD)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// END compute_pi -------------------------------------------------
|
||||
|
||||
/// @notice compute α² * 1/n * (ζ{n}-1)/(ζ - 1) where
|
||||
@@ -782,7 +787,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// * n = vk_domain_size
|
||||
/// * ω = vk_omega (generator of the multiplicative cyclic group of order n in (ℤ/rℤ)*)
|
||||
/// * ζ = zeta (challenge derived with Fiat Shamir)
|
||||
function compute_alpha_square_lagrange_0() {
|
||||
function compute_alpha_square_lagrange_0() {
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -822,7 +827,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
mstore(add(mPtr, 0x100), mload(add(state, STATE_ZETA)))
|
||||
mstore(add(mPtr, 0x120), mload(add(state, STATE_GAMMA_KZG)))
|
||||
let random := staticcall(gas(), SHA2, mPtr, 0x140, mPtr, 0x20)
|
||||
if iszero(random) {
|
||||
if iszero(random){
|
||||
error_random_generation()
|
||||
}
|
||||
random := mod(mload(mPtr), R_MOD) // use the same variable as we are one variable away from getting stack-too-deep error...
|
||||
@@ -871,18 +876,18 @@ contract PlonkVerifierForDataAggregation {
|
||||
mstore(folded_quotients_y, sub(P_MOD, mload(folded_quotients_y)))
|
||||
|
||||
mstore(mPtr, mload(folded_digests))
|
||||
|
||||
mstore(add(mPtr, 0x20), mload(add(folded_digests, 0x20)))
|
||||
mstore(add(mPtr, 0x40), G2_SRS_0_X_0) // the 4 lines are the canonical G2 point on BN254
|
||||
mstore(add(mPtr, 0x60), G2_SRS_0_X_1)
|
||||
mstore(add(mPtr, 0x80), G2_SRS_0_Y_0)
|
||||
mstore(add(mPtr, 0xa0), G2_SRS_0_Y_1)
|
||||
mstore(add(mPtr, 0xc0), mload(folded_quotients))
|
||||
mstore(add(mPtr, 0xe0), mload(add(folded_quotients, 0x20)))
|
||||
mstore(add(mPtr, 0x100), G2_SRS_1_X_0)
|
||||
mstore(add(mPtr, 0x120), G2_SRS_1_X_1)
|
||||
mstore(add(mPtr, 0x140), G2_SRS_1_Y_0)
|
||||
mstore(add(mPtr, 0x160), G2_SRS_1_Y_1)
|
||||
|
||||
mstore(add(mPtr, 0x20), mload(add(folded_digests, 0x20)))
|
||||
mstore(add(mPtr, 0x40), G2_SRS_0_X_0) // the 4 lines are the canonical G2 point on BN254
|
||||
mstore(add(mPtr, 0x60), G2_SRS_0_X_1)
|
||||
mstore(add(mPtr, 0x80), G2_SRS_0_Y_0)
|
||||
mstore(add(mPtr, 0xa0), G2_SRS_0_Y_1)
|
||||
mstore(add(mPtr, 0xc0), mload(folded_quotients))
|
||||
mstore(add(mPtr, 0xe0), mload(add(folded_quotients, 0x20)))
|
||||
mstore(add(mPtr, 0x100), G2_SRS_1_X_0)
|
||||
mstore(add(mPtr, 0x120), G2_SRS_1_X_1)
|
||||
mstore(add(mPtr, 0x140), G2_SRS_1_Y_0)
|
||||
mstore(add(mPtr, 0x160), G2_SRS_1_Y_1)
|
||||
check_pairing_kzg(mPtr)
|
||||
}
|
||||
|
||||
@@ -907,6 +912,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param aproof pointer to the proof
|
||||
/// acc_gamma stores the γⁱ
|
||||
function fold_state(aproof) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
let mPtr20 := add(mPtr, 0x20)
|
||||
@@ -943,14 +949,15 @@ contract PlonkVerifierForDataAggregation {
|
||||
point_acc_mul(state_folded_digests, mPtr, acc_gamma, mPtr40)
|
||||
fr_acc_mul_calldata(add(state, STATE_FOLDED_CLAIMED_VALUES), add(aproof, PROOF_S2_AT_ZETA), acc_gamma)
|
||||
let poqaz := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
|
||||
|
||||
acc_gamma := mulmod(acc_gamma, l_gamma_kzg, R_MOD)
|
||||
mstore(mPtr, VK_QCP_0_X)
|
||||
mstore(mPtr20, VK_QCP_0_Y)
|
||||
point_acc_mul(state_folded_digests, mPtr, acc_gamma, mPtr40)
|
||||
fr_acc_mul_calldata(add(state, STATE_FOLDED_CLAIMED_VALUES), poqaz, acc_gamma)
|
||||
poqaz := add(poqaz, 0x20)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/// @notice generate the challenge (using Fiat Shamir) to fold the opening proofs
|
||||
/// at ζ.
|
||||
@@ -968,22 +975,23 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// * Z(ζω)
|
||||
/// @param aproof pointer to the proof
|
||||
function compute_gamma_kzg(aproof) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
mstore(mPtr, FS_GAMMA_KZG) // "gamma"
|
||||
mstore(add(mPtr, 0x20), mload(add(state, STATE_ZETA)))
|
||||
mstore(add(mPtr, 0x40), mload(add(state, STATE_LINEARISED_POLYNOMIAL_X)))
|
||||
mstore(add(mPtr, 0x60), mload(add(state, STATE_LINEARISED_POLYNOMIAL_Y)))
|
||||
mstore(add(mPtr,0x40), mload(add(state, STATE_LINEARISED_POLYNOMIAL_X)))
|
||||
mstore(add(mPtr,0x60), mload(add(state, STATE_LINEARISED_POLYNOMIAL_Y)))
|
||||
calldatacopy(add(mPtr, 0x80), add(aproof, PROOF_L_COM_X), 0xc0)
|
||||
mstore(add(mPtr, 0x140), VK_S1_COM_X)
|
||||
mstore(add(mPtr, 0x160), VK_S1_COM_Y)
|
||||
mstore(add(mPtr, 0x180), VK_S2_COM_X)
|
||||
mstore(add(mPtr, 0x1a0), VK_S2_COM_Y)
|
||||
|
||||
mstore(add(mPtr,0x140), VK_S1_COM_X)
|
||||
mstore(add(mPtr,0x160), VK_S1_COM_Y)
|
||||
mstore(add(mPtr,0x180), VK_S2_COM_X)
|
||||
mstore(add(mPtr,0x1a0), VK_S2_COM_Y)
|
||||
|
||||
let offset := 0x1c0
|
||||
|
||||
mstore(add(mPtr, offset), VK_QCP_0_X)
|
||||
mstore(add(mPtr, add(offset, 0x20)), VK_QCP_0_Y)
|
||||
|
||||
mstore(add(mPtr,offset), VK_QCP_0_X)
|
||||
mstore(add(mPtr,add(offset, 0x20)), VK_QCP_0_Y)
|
||||
offset := add(offset, 0x40)
|
||||
mstore(add(mPtr, offset), mload(add(state, STATE_OPENING_LINEARISED_POLYNOMIAL_ZETA)))
|
||||
mstore(add(mPtr, add(offset, 0x20)), calldataload(add(aproof, PROOF_L_AT_ZETA)))
|
||||
@@ -994,23 +1002,18 @@ contract PlonkVerifierForDataAggregation {
|
||||
|
||||
let _mPtr := add(mPtr, add(offset, 0xc0))
|
||||
|
||||
|
||||
let _poqaz := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
calldatacopy(_mPtr, _poqaz, mul(VK_NB_CUSTOM_GATES, 0x20))
|
||||
_mPtr := add(_mPtr, mul(VK_NB_CUSTOM_GATES, 0x20))
|
||||
|
||||
|
||||
mstore(_mPtr, calldataload(add(aproof, PROOF_GRAND_PRODUCT_AT_ZETA_OMEGA)))
|
||||
|
||||
let start_input := 0x1b // 00.."gamma"
|
||||
let size_input := add(0x14, mul(VK_NB_CUSTOM_GATES, 3)) // number of 32bytes elmts = 0x14 (zeta+3*6 for the digests+openings) + 3*VK_NB_CUSTOM_GATES (for the commitments of the selectors) + 1 (opening of Z at ζω)
|
||||
let size_input := add(0x14, mul(VK_NB_CUSTOM_GATES,3)) // number of 32bytes elmts = 0x14 (zeta+3*6 for the digests+openings) + 3*VK_NB_CUSTOM_GATES (for the commitments of the selectors) + 1 (opening of Z at ζω)
|
||||
size_input := add(0x5, mul(size_input, 0x20)) // size in bytes: 15*32 bytes + 5 bytes for gamma
|
||||
let check_staticcall := staticcall(
|
||||
gas(),
|
||||
SHA2,
|
||||
add(mPtr, start_input),
|
||||
size_input,
|
||||
add(state, STATE_GAMMA_KZG),
|
||||
0x20
|
||||
)
|
||||
let check_staticcall := staticcall(gas(), SHA2, add(mPtr,start_input), size_input, add(state, STATE_GAMMA_KZG), 0x20)
|
||||
if iszero(check_staticcall) {
|
||||
error_verify()
|
||||
}
|
||||
@@ -1018,6 +1021,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
}
|
||||
|
||||
function compute_commitment_linearised_polynomial_ec(aproof, s1, s2) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -1062,6 +1066,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
add(mPtr, 0x40)
|
||||
)
|
||||
|
||||
|
||||
let qcp_opening_at_zeta := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
let bsb_commitments := add(aproof, PROOF_BSB_COMMITMENTS)
|
||||
for {
|
||||
@@ -1080,6 +1085,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
qcp_opening_at_zeta := add(qcp_opening_at_zeta, 0x20)
|
||||
bsb_commitments := add(bsb_commitments, 0x40)
|
||||
}
|
||||
|
||||
|
||||
mstore(mPtr, VK_S3_COM_X)
|
||||
mstore(add(mPtr, 0x20), VK_S3_COM_Y)
|
||||
@@ -1090,11 +1096,10 @@ contract PlonkVerifierForDataAggregation {
|
||||
point_acc_mul(add(state, STATE_LINEARISED_POLYNOMIAL_X), mPtr, s2, add(mPtr, 0x40))
|
||||
|
||||
point_add(
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
mPtr
|
||||
)
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
mPtr)
|
||||
}
|
||||
|
||||
/// @notice Compute the commitment to the linearized polynomial equal to
|
||||
@@ -1161,25 +1166,10 @@ contract PlonkVerifierForDataAggregation {
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
let zeta_power_n_plus_two := pow(mload(add(state, STATE_ZETA)), n_plus_two, mPtr)
|
||||
point_mul_calldata(add(state, STATE_FOLDED_H_X), add(aproof, PROOF_H_2_COM_X), zeta_power_n_plus_two, mPtr)
|
||||
point_add_calldata(
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(aproof, PROOF_H_1_COM_X),
|
||||
mPtr
|
||||
)
|
||||
point_add_calldata(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), add(aproof, PROOF_H_1_COM_X), mPtr)
|
||||
point_mul(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), zeta_power_n_plus_two, mPtr)
|
||||
point_add_calldata(
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(aproof, PROOF_H_0_COM_X),
|
||||
mPtr
|
||||
)
|
||||
point_mul(
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE)),
|
||||
mPtr
|
||||
)
|
||||
point_add_calldata(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), add(aproof, PROOF_H_0_COM_X), mPtr)
|
||||
point_mul(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE)), mPtr)
|
||||
let folded_h_y := mload(add(state, STATE_FOLDED_H_Y))
|
||||
folded_h_y := sub(P_MOD, folded_h_y)
|
||||
mstore(add(state, STATE_FOLDED_H_Y), folded_h_y)
|
||||
@@ -1189,6 +1179,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// - [ PI(ζ) - α²*L₁(ζ) + α(l(ζ)+β*s1(ζ)+γ)(r(ζ)+β*s2(ζ)+γ)(o(ζ)+γ)*z(ωζ) ]
|
||||
/// @param aproof pointer to the proof
|
||||
function compute_opening_linearised_polynomial(aproof) {
|
||||
|
||||
let state := mload(0x40)
|
||||
|
||||
// (l(ζ)+β*s1(ζ)+γ)
|
||||
@@ -1224,7 +1215,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
}
|
||||
|
||||
// BEGINNING utils math functions -------------------------------------------------
|
||||
|
||||
|
||||
/// @param dst pointer storing the result
|
||||
/// @param p pointer to the first point
|
||||
/// @param q pointer to the second point
|
||||
@@ -1234,7 +1225,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
mstore(add(mPtr, 0x20), mload(add(p, 0x20)))
|
||||
mstore(add(mPtr, 0x40), mload(q))
|
||||
mstore(add(mPtr, 0x60), mload(add(q, 0x20)))
|
||||
let l_success := staticcall(gas(), EC_ADD, mPtr, 0x80, dst, 0x40)
|
||||
let l_success := staticcall(gas(),EC_ADD,mPtr,0x80,dst,0x40)
|
||||
if iszero(l_success) {
|
||||
error_ec_op()
|
||||
}
|
||||
@@ -1259,11 +1250,11 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param src pointer to a point on Bn254(𝔽_p)
|
||||
/// @param s scalar
|
||||
/// @param mPtr free memory
|
||||
function point_mul(dst, src, s, mPtr) {
|
||||
mstore(mPtr, mload(src))
|
||||
mstore(add(mPtr, 0x20), mload(add(src, 0x20)))
|
||||
mstore(add(mPtr, 0x40), s)
|
||||
let l_success := staticcall(gas(), EC_MUL, mPtr, 0x60, dst, 0x40)
|
||||
function point_mul(dst,src,s, mPtr) {
|
||||
mstore(mPtr,mload(src))
|
||||
mstore(add(mPtr,0x20),mload(add(src,0x20)))
|
||||
mstore(add(mPtr,0x40),s)
|
||||
let l_success := staticcall(gas(),EC_MUL,mPtr,0x60,dst,0x40)
|
||||
if iszero(l_success) {
|
||||
error_ec_op()
|
||||
}
|
||||
@@ -1288,14 +1279,14 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param src pointer to the point to multiply and add
|
||||
/// @param s scalar
|
||||
/// @param mPtr free memory
|
||||
function point_acc_mul(dst, src, s, mPtr) {
|
||||
mstore(mPtr, mload(src))
|
||||
mstore(add(mPtr, 0x20), mload(add(src, 0x20)))
|
||||
mstore(add(mPtr, 0x40), s)
|
||||
let l_success := staticcall(gas(), 7, mPtr, 0x60, mPtr, 0x40)
|
||||
mstore(add(mPtr, 0x40), mload(dst))
|
||||
mstore(add(mPtr, 0x60), mload(add(dst, 0x20)))
|
||||
l_success := and(l_success, staticcall(gas(), EC_ADD, mPtr, 0x80, dst, 0x40))
|
||||
function point_acc_mul(dst,src,s, mPtr) {
|
||||
mstore(mPtr,mload(src))
|
||||
mstore(add(mPtr,0x20),mload(add(src,0x20)))
|
||||
mstore(add(mPtr,0x40),s)
|
||||
let l_success := staticcall(gas(),7,mPtr,0x60,mPtr,0x40)
|
||||
mstore(add(mPtr,0x40),mload(dst))
|
||||
mstore(add(mPtr,0x60),mload(add(dst,0x20)))
|
||||
l_success := and(l_success, staticcall(gas(),EC_ADD,mPtr,0x80,dst, 0x40))
|
||||
if iszero(l_success) {
|
||||
error_ec_op()
|
||||
}
|
||||
@@ -1324,7 +1315,7 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param src pointer to the scalar to multiply and add (on calldata)
|
||||
/// @param s scalar
|
||||
function fr_acc_mul_calldata(dst, src, s) {
|
||||
let tmp := mulmod(calldataload(src), s, R_MOD)
|
||||
let tmp := mulmod(calldataload(src), s, R_MOD)
|
||||
mstore(dst, addmod(mload(dst), tmp, R_MOD))
|
||||
}
|
||||
|
||||
@@ -1332,16 +1323,16 @@ contract PlonkVerifierForDataAggregation {
|
||||
/// @param e exponent
|
||||
/// @param mPtr free memory
|
||||
/// @return res x ** e mod r
|
||||
function pow(x, e, mPtr) -> res {
|
||||
function pow(x, e, mPtr)->res {
|
||||
mstore(mPtr, 0x20)
|
||||
mstore(add(mPtr, 0x20), 0x20)
|
||||
mstore(add(mPtr, 0x40), 0x20)
|
||||
mstore(add(mPtr, 0x60), x)
|
||||
mstore(add(mPtr, 0x80), e)
|
||||
mstore(add(mPtr, 0xa0), R_MOD)
|
||||
let check_staticcall := staticcall(gas(), MOD_EXP, mPtr, 0xc0, mPtr, 0x20)
|
||||
let check_staticcall := staticcall(gas(),MOD_EXP,mPtr,0xc0,mPtr,0x20)
|
||||
if eq(check_staticcall, 0) {
|
||||
error_mod_exp()
|
||||
error_mod_exp()
|
||||
}
|
||||
res := mload(mPtr)
|
||||
}
|
||||
|
||||
@@ -19,29 +19,28 @@
|
||||
pragma solidity 0.8.26;
|
||||
|
||||
contract TestPlonkVerifierForDataAggregation {
|
||||
uint256 private constant R_MOD = 21888242871839275222246405745257275088548364400416034343698204186575808495617;
|
||||
uint256 private constant R_MOD_MINUS_ONE =
|
||||
21888242871839275222246405745257275088548364400416034343698204186575808495616;
|
||||
uint256 private constant P_MOD = 21888242871839275222246405745257275088696311157297823662689037894645226208583;
|
||||
|
||||
uint256 private constant R_MOD = 21888242871839275222246405745257275088548364400416034343698204186575808495617;
|
||||
uint256 private constant R_MOD_MINUS_ONE = 21888242871839275222246405745257275088548364400416034343698204186575808495616;
|
||||
uint256 private constant P_MOD = 21888242871839275222246405745257275088696311157297823662689037894645226208583;
|
||||
|
||||
uint256 private constant G2_SRS_0_X_0 = 11559732032986387107991004021392285783925812861821192530917403151452391805634;
|
||||
uint256 private constant G2_SRS_0_X_1 = 10857046999023057135944570762232829481370756359578518086990519993285655852781;
|
||||
uint256 private constant G2_SRS_0_Y_0 = 4082367875863433681332203403145435568316851327593401208105741076214120093531;
|
||||
uint256 private constant G2_SRS_0_Y_1 = 8495653923123431417604973247489272438418190587263600148770280649306958101930;
|
||||
|
||||
|
||||
uint256 private constant G2_SRS_1_X_0 = 15805639136721018565402881920352193254830339253282065586954346329754995870280;
|
||||
uint256 private constant G2_SRS_1_X_1 = 19089565590083334368588890253123139704298730990782503769911324779715431555531;
|
||||
uint256 private constant G2_SRS_1_Y_0 = 9779648407879205346559610309258181044130619080926897934572699915909528404984;
|
||||
uint256 private constant G2_SRS_1_Y_1 = 6779728121489434657638426458390319301070371227460768374343986326751507916979;
|
||||
|
||||
|
||||
uint256 private constant G1_SRS_X = 14312776538779914388377568895031746459131577658076416373430523308756343304251;
|
||||
uint256 private constant G1_SRS_Y = 11763105256161367503191792604679297387056316997144156930871823008787082098465;
|
||||
|
||||
// ----------------------- vk ---------------------
|
||||
uint256 private constant VK_NB_PUBLIC_INPUTS = 1;
|
||||
uint256 private constant VK_DOMAIN_SIZE = 16;
|
||||
uint256 private constant VK_INV_DOMAIN_SIZE =
|
||||
20520227692349320520856005386178695395514091625390032197217066424914820464641;
|
||||
uint256 private constant VK_INV_DOMAIN_SIZE = 20520227692349320520856005386178695395514091625390032197217066424914820464641;
|
||||
uint256 private constant VK_OMEGA = 14940766826517323942636479241147756311199852622225275649687664389641784935947;
|
||||
uint256 private constant VK_QL_COM_X = 3767637989833674092151354229632559107224950590673664856842061399469467338879;
|
||||
uint256 private constant VK_QL_COM_Y = 18545409996679466114224178746162553880737296402729089689774308937082946761979;
|
||||
@@ -53,21 +52,23 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
uint256 private constant VK_QO_COM_Y = 10782414695040549646706468913781794882209258381887890407509684555513355143197;
|
||||
uint256 private constant VK_QK_COM_X = 309591480144351325314158474719361148480191595146291661238142838254651436989;
|
||||
uint256 private constant VK_QK_COM_Y = 12063173869829536468830946547606069911666129778788708678515573607390482939756;
|
||||
|
||||
|
||||
uint256 private constant VK_S1_COM_X = 12287072751694848944507699577006619791724925439540371477056092891137357229312;
|
||||
uint256 private constant VK_S1_COM_Y = 2469356406782415219782253630635766217009619642857495098799013714324696399305;
|
||||
|
||||
|
||||
uint256 private constant VK_S2_COM_X = 17261757720471042341269061128759148572672168808566386603388432325173708264418;
|
||||
uint256 private constant VK_S2_COM_Y = 20976565876611279190744172824963243461988367679364518747954008723085439460611;
|
||||
|
||||
|
||||
uint256 private constant VK_S3_COM_X = 18758025488249277181117376239193628449359868741625564388668468130204669284937;
|
||||
uint256 private constant VK_S3_COM_Y = 15566903578741238761792344329051427316196307361197991677131114502821508927172;
|
||||
|
||||
|
||||
uint256 private constant VK_COSET_SHIFT = 5;
|
||||
|
||||
|
||||
|
||||
uint256 private constant VK_QCP_0_X = 4559262075452024065272338216146989708834054079507534161096300708463935456394;
|
||||
uint256 private constant VK_QCP_0_Y = 1898950104727986554890445533779776634695458253078091580309593009754027486622;
|
||||
|
||||
|
||||
|
||||
uint256 private constant VK_INDEX_COMMIT_API_0 = 5;
|
||||
uint256 private constant VK_NB_CUSTOM_GATES = 1;
|
||||
|
||||
@@ -77,7 +78,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
uint256 private constant FIXED_PROOF_SIZE = 0x300;
|
||||
|
||||
// offset proof
|
||||
|
||||
|
||||
uint256 private constant PROOF_L_COM_X = 0x0;
|
||||
uint256 private constant PROOF_L_COM_Y = 0x20;
|
||||
uint256 private constant PROOF_R_COM_X = 0x40;
|
||||
@@ -121,7 +122,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
// -------- offset state
|
||||
|
||||
// challenges to check the claimed quotient
|
||||
|
||||
|
||||
uint256 private constant STATE_ALPHA = 0x0;
|
||||
uint256 private constant STATE_BETA = 0x20;
|
||||
uint256 private constant STATE_GAMMA = 0x40;
|
||||
@@ -152,13 +153,15 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
// -------- errors
|
||||
uint256 private constant ERROR_STRING_ID = 0x08c379a000000000000000000000000000000000000000000000000000000000; // selector for function Error(string)
|
||||
|
||||
|
||||
// -------- utils (for hash_fr)
|
||||
uint256 private constant HASH_FR_BB = 340282366920938463463374607431768211456; // 2**128
|
||||
uint256 private constant HASH_FR_ZERO_UINT256 = 0;
|
||||
uint8 private constant HASH_FR_LEN_IN_BYTES = 48;
|
||||
uint8 private constant HASH_FR_SIZE_DOMAIN = 11;
|
||||
uint8 private constant HASH_FR_ONE = 1;
|
||||
uint8 private constant HASH_FR_TWO = 2;
|
||||
uint256 private constant HASH_FR_BB = 340282366920938463463374607431768211456; // 2**128
|
||||
uint256 private constant HASH_FR_ZERO_UINT256 = 0;
|
||||
uint8 private constant HASH_FR_LEN_IN_BYTES = 48;
|
||||
uint8 private constant HASH_FR_SIZE_DOMAIN = 11;
|
||||
uint8 private constant HASH_FR_ONE = 1;
|
||||
uint8 private constant HASH_FR_TWO = 2;
|
||||
|
||||
|
||||
// -------- precompiles
|
||||
uint8 private constant SHA2 = 0x2;
|
||||
@@ -166,14 +169,17 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
uint8 private constant EC_ADD = 0x6;
|
||||
uint8 private constant EC_MUL = 0x7;
|
||||
uint8 private constant EC_PAIR = 0x8;
|
||||
|
||||
|
||||
/// Verify a Plonk proof.
|
||||
/// Reverts if the proof or the public inputs are malformed.
|
||||
/// @param proof serialised plonk proof (using gnark's MarshalSolidity)
|
||||
/// @param public_inputs (must be reduced)
|
||||
/// @return success true if the proof passes false otherwise
|
||||
function Verify(bytes calldata proof, uint256[] calldata public_inputs) public view returns (bool success) {
|
||||
function Verify(bytes calldata proof, uint256[] calldata public_inputs)
|
||||
public view returns(bool success) {
|
||||
|
||||
assembly {
|
||||
|
||||
let mem := mload(0x40)
|
||||
let freeMem := add(mem, STATE_LAST_MEM)
|
||||
|
||||
@@ -305,23 +311,20 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
// end errors -------------------------------------------------
|
||||
|
||||
// Beginning checks -------------------------------------------------
|
||||
|
||||
|
||||
/// @param s actual number of public inputs
|
||||
function check_number_of_public_inputs(s) {
|
||||
if iszero(eq(s, VK_NB_PUBLIC_INPUTS)) {
|
||||
error_nb_public_inputs()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/// Checks that the public inputs are < R_MOD.
|
||||
/// @param s number of public inputs
|
||||
/// @param p pointer to the public inputs array
|
||||
function check_inputs_size(s, p) {
|
||||
for {
|
||||
let i
|
||||
} lt(i, s) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i} lt(i, s) {i:=add(i,1)}
|
||||
{
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
error_inputs_size()
|
||||
}
|
||||
@@ -332,16 +335,17 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// Checks if the proof is of the correct size
|
||||
/// @param actual_proof_size size of the proof (not the expected size)
|
||||
function check_proof_size(actual_proof_size) {
|
||||
let expected_proof_size := add(FIXED_PROOF_SIZE, mul(VK_NB_CUSTOM_GATES, 0x60))
|
||||
let expected_proof_size := add(FIXED_PROOF_SIZE, mul(VK_NB_CUSTOM_GATES,0x60))
|
||||
if iszero(eq(actual_proof_size, expected_proof_size)) {
|
||||
error_proof_size()
|
||||
error_proof_size()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/// Checks if the multiple openings of the polynomials are < R_MOD.
|
||||
/// @param aproof pointer to the beginning of the proof
|
||||
/// @dev the 'a' prepending proof is to have a local name
|
||||
function check_proof_openings_size(aproof) {
|
||||
|
||||
// PROOF_L_AT_ZETA
|
||||
let p := add(aproof, PROOF_L_AT_ZETA)
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
@@ -365,7 +369,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
error_proof_openings_size()
|
||||
}
|
||||
|
||||
|
||||
// PROOF_S2_AT_ZETA
|
||||
p := add(aproof, PROOF_S2_AT_ZETA)
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
@@ -379,18 +383,16 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
}
|
||||
|
||||
// PROOF_OPENING_QCP_AT_ZETA
|
||||
|
||||
|
||||
p := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, VK_NB_CUSTOM_GATES) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i:=0} lt(i, VK_NB_CUSTOM_GATES) {i:=add(i,1)}
|
||||
{
|
||||
if gt(calldataload(p), R_MOD_MINUS_ONE) {
|
||||
error_proof_openings_size()
|
||||
}
|
||||
p := add(p, 0x20)
|
||||
}
|
||||
|
||||
}
|
||||
// end checks -------------------------------------------------
|
||||
|
||||
@@ -412,32 +414,34 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// and is encoded as a uint256 number n. In basis b = 256, the number looks like this
|
||||
/// [0 0 0 .. 0x67 0x61 0x6d, 0x6d, 0x61]. The first non zero entry is at position 27=0x1b
|
||||
/// Gamma reduced (the actual challenge) is stored at add(state, state_gamma)
|
||||
function derive_gamma(aproof, nb_pi, pi) -> gamma_not_reduced {
|
||||
function derive_gamma(aproof, nb_pi, pi)->gamma_not_reduced {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(state, STATE_LAST_MEM)
|
||||
|
||||
mstore(mPtr, FS_GAMMA) // "gamma"
|
||||
|
||||
mstore(add(mPtr, 0x20), VK_S1_COM_X)
|
||||
mstore(add(mPtr, 0x40), VK_S1_COM_Y)
|
||||
mstore(add(mPtr, 0x60), VK_S2_COM_X)
|
||||
mstore(add(mPtr, 0x80), VK_S2_COM_Y)
|
||||
mstore(add(mPtr, 0xa0), VK_S3_COM_X)
|
||||
mstore(add(mPtr, 0xc0), VK_S3_COM_Y)
|
||||
mstore(add(mPtr, 0xe0), VK_QL_COM_X)
|
||||
mstore(add(mPtr, 0x100), VK_QL_COM_Y)
|
||||
mstore(add(mPtr, 0x120), VK_QR_COM_X)
|
||||
mstore(add(mPtr, 0x140), VK_QR_COM_Y)
|
||||
mstore(add(mPtr, 0x160), VK_QM_COM_X)
|
||||
mstore(add(mPtr, 0x180), VK_QM_COM_Y)
|
||||
mstore(add(mPtr, 0x1a0), VK_QO_COM_X)
|
||||
mstore(add(mPtr, 0x1c0), VK_QO_COM_Y)
|
||||
mstore(add(mPtr, 0x1e0), VK_QK_COM_X)
|
||||
mstore(add(mPtr, 0x200), VK_QK_COM_Y)
|
||||
|
||||
mstore(add(mPtr, 0x220), VK_QCP_0_X)
|
||||
mstore(add(mPtr, 0x240), VK_QCP_0_Y)
|
||||
|
||||
|
||||
mstore(add(mPtr, 0x20), VK_S1_COM_X)
|
||||
mstore(add(mPtr, 0x40), VK_S1_COM_Y)
|
||||
mstore(add(mPtr, 0x60), VK_S2_COM_X)
|
||||
mstore(add(mPtr, 0x80), VK_S2_COM_Y)
|
||||
mstore(add(mPtr, 0xa0), VK_S3_COM_X)
|
||||
mstore(add(mPtr, 0xc0), VK_S3_COM_Y)
|
||||
mstore(add(mPtr, 0xe0), VK_QL_COM_X)
|
||||
mstore(add(mPtr, 0x100), VK_QL_COM_Y)
|
||||
mstore(add(mPtr, 0x120), VK_QR_COM_X)
|
||||
mstore(add(mPtr, 0x140), VK_QR_COM_Y)
|
||||
mstore(add(mPtr, 0x160), VK_QM_COM_X)
|
||||
mstore(add(mPtr, 0x180), VK_QM_COM_Y)
|
||||
mstore(add(mPtr, 0x1a0), VK_QO_COM_X)
|
||||
mstore(add(mPtr, 0x1c0), VK_QO_COM_Y)
|
||||
mstore(add(mPtr, 0x1e0), VK_QK_COM_X)
|
||||
mstore(add(mPtr, 0x200), VK_QK_COM_Y)
|
||||
|
||||
mstore(add(mPtr, 0x220), VK_QCP_0_X)
|
||||
mstore(add(mPtr, 0x240), VK_QCP_0_Y)
|
||||
|
||||
// public inputs
|
||||
let _mPtr := add(mPtr, 0x260)
|
||||
let size_pi_in_bytes := mul(nb_pi, 0x20)
|
||||
@@ -454,7 +458,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
// + nb_public_inputs*0x20
|
||||
// + nb_custom gates*0x40
|
||||
let size := add(0x2c5, size_pi_in_bytes)
|
||||
|
||||
|
||||
size := add(size, mul(VK_NB_CUSTOM_GATES, 0x40))
|
||||
let l_success := staticcall(gas(), SHA2, add(mPtr, 0x1b), size, mPtr, 0x20) //0x1b -> 000.."gamma"
|
||||
if iszero(l_success) {
|
||||
@@ -469,7 +473,8 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @return beta_not_reduced the next challenge, beta, not reduced
|
||||
/// @notice the transcript consists of the previous challenge only.
|
||||
/// The reduced version of beta is stored at add(state, state_beta)
|
||||
function derive_beta(gamma_not_reduced) -> beta_not_reduced {
|
||||
function derive_beta(gamma_not_reduced)->beta_not_reduced{
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -490,8 +495,9 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @return alpha_not_reduced the next challenge, alpha, not reduced
|
||||
/// @notice the transcript consists of the previous challenge (beta)
|
||||
/// not reduced, the commitments to the wires associated to the QCP_i,
|
||||
/// and the commitment to the grand product polynomial
|
||||
function derive_alpha(aproof, beta_not_reduced) -> alpha_not_reduced {
|
||||
/// and the commitment to the grand product polynomial
|
||||
function derive_alpha(aproof, beta_not_reduced)->alpha_not_reduced {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
let full_size := 0x65 // size("alpha") + 0x20 (previous challenge)
|
||||
@@ -501,14 +507,14 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
let _mPtr := add(mPtr, 0x20)
|
||||
mstore(_mPtr, beta_not_reduced)
|
||||
_mPtr := add(_mPtr, 0x20)
|
||||
|
||||
|
||||
// Bsb22Commitments
|
||||
let proof_bsb_commitments := add(aproof, PROOF_BSB_COMMITMENTS)
|
||||
let size_bsb_commitments := mul(0x40, VK_NB_CUSTOM_GATES)
|
||||
calldatacopy(_mPtr, proof_bsb_commitments, size_bsb_commitments)
|
||||
_mPtr := add(_mPtr, size_bsb_commitments)
|
||||
full_size := add(full_size, size_bsb_commitments)
|
||||
|
||||
|
||||
// [Z], the commitment to the grand product polynomial
|
||||
calldatacopy(_mPtr, add(aproof, PROOF_GRAND_PRODUCT_COMMITMENT_X), 0x40)
|
||||
let l_success := staticcall(gas(), SHA2, add(mPtr, 0x1b), full_size, mPtr, 0x20)
|
||||
@@ -526,6 +532,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// The transcript consists of the previous challenge and the commitment to
|
||||
/// the quotient polynomial h.
|
||||
function derive_zeta(aproof, alpha_not_reduced) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -550,7 +557,8 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param n number of public inputs
|
||||
/// @param mPtr free memory
|
||||
/// @return pi_wo_commit public inputs contribution (except the public inputs coming from the custom gate)
|
||||
function sum_pi_wo_api_commit(ins, n, mPtr) -> pi_wo_commit {
|
||||
function sum_pi_wo_api_commit(ins, n, mPtr)->pi_wo_commit {
|
||||
|
||||
let state := mload(0x40)
|
||||
let z := mload(add(state, STATE_ZETA))
|
||||
let zpnmo := mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE))
|
||||
@@ -559,16 +567,14 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
batch_compute_lagranges_at_z(z, zpnmo, n, li)
|
||||
|
||||
let tmp := 0
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, n) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i:=0} lt(i,n) {i:=add(i,1)}
|
||||
{
|
||||
tmp := mulmod(mload(li), calldataload(ins), R_MOD)
|
||||
pi_wo_commit := addmod(pi_wo_commit, tmp, R_MOD)
|
||||
li := add(li, 0x20)
|
||||
ins := add(ins, 0x20)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/// batch_compute_lagranges_at_z computes [L_0(z), .., L_{n-1}(z)]
|
||||
@@ -577,32 +583,27 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param n_pub number of public inputs (number of Lagranges to compute)
|
||||
/// @param mPtr pointer to which the results are stored
|
||||
function batch_compute_lagranges_at_z(z, zpnmo, n_pub, mPtr) {
|
||||
let zn := mulmod(zpnmo, VK_INV_DOMAIN_SIZE, R_MOD) // 1/n * (ζⁿ - 1)
|
||||
|
||||
let zn := mulmod(zpnmo, VK_INV_DOMAIN_SIZE, R_MOD) // 1/n * (ζⁿ - 1)
|
||||
|
||||
let _w := 1
|
||||
let _mPtr := mPtr
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, n_pub) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
mstore(_mPtr, addmod(z, sub(R_MOD, _w), R_MOD))
|
||||
for {let i:=0} lt(i,n_pub) {i:=add(i,1)}
|
||||
{
|
||||
mstore(_mPtr, addmod(z,sub(R_MOD, _w), R_MOD))
|
||||
_w := mulmod(_w, VK_OMEGA, R_MOD)
|
||||
_mPtr := add(_mPtr, 0x20)
|
||||
}
|
||||
batch_invert(mPtr, n_pub, _mPtr)
|
||||
_mPtr := mPtr
|
||||
_w := 1
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, n_pub) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
mstore(_mPtr, mulmod(mulmod(mload(_mPtr), zn, R_MOD), _w, R_MOD))
|
||||
for {let i:=0} lt(i,n_pub) {i:=add(i,1)}
|
||||
{
|
||||
mstore(_mPtr, mulmod(mulmod(mload(_mPtr), zn , R_MOD), _w, R_MOD))
|
||||
_mPtr := add(_mPtr, 0x20)
|
||||
_w := mulmod(_w, VK_OMEGA, R_MOD)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// @notice Montgomery trick for batch inversion mod R_MOD
|
||||
/// @param ins pointer to the data to batch invert
|
||||
@@ -611,11 +612,8 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
function batch_invert(ins, nb_ins, mPtr) {
|
||||
mstore(mPtr, 1)
|
||||
let offset := 0
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, nb_ins) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
for {let i:=0} lt(i, nb_ins) {i:=add(i,1)}
|
||||
{
|
||||
let prev := mload(add(mPtr, offset))
|
||||
let cur := mload(add(ins, offset))
|
||||
cur := mulmod(prev, cur, R_MOD)
|
||||
@@ -624,12 +622,9 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
}
|
||||
ins := add(ins, sub(offset, 0x20))
|
||||
mPtr := add(mPtr, offset)
|
||||
let inv := pow(mload(mPtr), sub(R_MOD, 2), add(mPtr, 0x20))
|
||||
for {
|
||||
let i := 0
|
||||
} lt(i, nb_ins) {
|
||||
i := add(i, 1)
|
||||
} {
|
||||
let inv := pow(mload(mPtr), sub(R_MOD,2), add(mPtr, 0x20))
|
||||
for {let i:=0} lt(i, nb_ins) {i:=add(i,1)}
|
||||
{
|
||||
mPtr := sub(mPtr, 0x20)
|
||||
let tmp := mload(ins)
|
||||
let cur := mulmod(inv, mload(mPtr), R_MOD)
|
||||
@@ -639,12 +634,14 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/// Public inputs (the ones coming from the custom gate) contribution
|
||||
/// @param aproof pointer to the proof
|
||||
/// @param nb_public_inputs number of public inputs
|
||||
/// @param mPtr pointer to free memory
|
||||
/// @return pi_commit custom gate public inputs contribution
|
||||
function sum_pi_commit(aproof, nb_public_inputs, mPtr) -> pi_commit {
|
||||
function sum_pi_commit(aproof, nb_public_inputs, mPtr)->pi_commit {
|
||||
|
||||
let state := mload(0x40)
|
||||
let z := mload(add(state, STATE_ZETA))
|
||||
let zpnmo := mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE))
|
||||
@@ -652,10 +649,14 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
let p := add(aproof, PROOF_BSB_COMMITMENTS)
|
||||
|
||||
let h_fr, ith_lagrange
|
||||
|
||||
|
||||
|
||||
h_fr := hash_fr(calldataload(p), calldataload(add(p, 0x20)), mPtr)
|
||||
ith_lagrange := compute_ith_lagrange_at_z(z, zpnmo, add(nb_public_inputs, VK_INDEX_COMMIT_API_0), mPtr)
|
||||
pi_commit := addmod(pi_commit, mulmod(h_fr, ith_lagrange, R_MOD), R_MOD)
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
/// Computes L_i(zeta) = ωⁱ/n * (ζⁿ-1)/(ζ-ωⁱ) where:
|
||||
@@ -663,14 +664,16 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param zpmno ζⁿ-1
|
||||
/// @param i i-th lagrange
|
||||
/// @param mPtr free memory
|
||||
/// @return res = ωⁱ/n * (ζⁿ-1)/(ζ-ωⁱ)
|
||||
function compute_ith_lagrange_at_z(z, zpnmo, i, mPtr) -> res {
|
||||
/// @return res = ωⁱ/n * (ζⁿ-1)/(ζ-ωⁱ)
|
||||
function compute_ith_lagrange_at_z(z, zpnmo, i, mPtr)->res {
|
||||
|
||||
let w := pow(VK_OMEGA, i, mPtr) // w**i
|
||||
i := addmod(z, sub(R_MOD, w), R_MOD) // z-w**i
|
||||
w := mulmod(w, VK_INV_DOMAIN_SIZE, R_MOD) // w**i/n
|
||||
i := pow(i, sub(R_MOD, 2), mPtr) // (z-w**i)**-1
|
||||
i := pow(i, sub(R_MOD,2), mPtr) // (z-w**i)**-1
|
||||
w := mulmod(w, i, R_MOD) // w**i/n*(z-w)**-1
|
||||
res := mulmod(w, zpnmo, R_MOD)
|
||||
|
||||
}
|
||||
|
||||
/// @dev https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-06#section-5.2
|
||||
@@ -678,14 +681,15 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param y y coordinate of a point on Bn254(𝔽_p)
|
||||
/// @param mPtr free memory
|
||||
/// @return res an element mod R_MOD
|
||||
function hash_fr(x, y, mPtr) -> res {
|
||||
function hash_fr(x, y, mPtr)->res {
|
||||
|
||||
// [0x00, .. , 0x00 || x, y, || 0, 48, 0, dst, HASH_FR_SIZE_DOMAIN]
|
||||
// <- 64 bytes -> <-64b -> <- 1 bytes each ->
|
||||
|
||||
// [0x00, .., 0x00] 64 bytes of zero
|
||||
mstore(mPtr, HASH_FR_ZERO_UINT256)
|
||||
mstore(add(mPtr, 0x20), HASH_FR_ZERO_UINT256)
|
||||
|
||||
|
||||
// msg = x || y , both on 32 bytes
|
||||
mstore(add(mPtr, 0x40), x)
|
||||
mstore(add(mPtr, 0x60), y)
|
||||
@@ -721,7 +725,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
// [b0 || one || dst || HASH_FR_SIZE_DOMAIN]
|
||||
// <-64bytes -> <- 1 byte each ->
|
||||
mstore8(add(mPtr, 0x20), HASH_FR_ONE) // 1
|
||||
|
||||
|
||||
mstore8(add(mPtr, 0x21), 0x42) // dst
|
||||
mstore8(add(mPtr, 0x22), 0x53)
|
||||
mstore8(add(mPtr, 0x23), 0x42)
|
||||
@@ -773,8 +777,9 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
res := mulmod(mload(mPtr), HASH_FR_BB, R_MOD) // <- res = 2**128 * mPtr[:32]
|
||||
let b1 := shr(128, mload(add(mPtr, 0x20))) // b1 <- [0, 0, .., 0 || b2[:16] ]
|
||||
res := addmod(res, b1, R_MOD)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// END compute_pi -------------------------------------------------
|
||||
|
||||
/// @notice compute α² * 1/n * (ζ{n}-1)/(ζ - 1) where
|
||||
@@ -782,7 +787,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// * n = vk_domain_size
|
||||
/// * ω = vk_omega (generator of the multiplicative cyclic group of order n in (ℤ/rℤ)*)
|
||||
/// * ζ = zeta (challenge derived with Fiat Shamir)
|
||||
function compute_alpha_square_lagrange_0() {
|
||||
function compute_alpha_square_lagrange_0() {
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -822,7 +827,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
mstore(add(mPtr, 0x100), mload(add(state, STATE_ZETA)))
|
||||
mstore(add(mPtr, 0x120), mload(add(state, STATE_GAMMA_KZG)))
|
||||
let random := staticcall(gas(), SHA2, mPtr, 0x140, mPtr, 0x20)
|
||||
if iszero(random) {
|
||||
if iszero(random){
|
||||
error_random_generation()
|
||||
}
|
||||
random := mod(mload(mPtr), R_MOD) // use the same variable as we are one variable away from getting stack-too-deep error...
|
||||
@@ -871,18 +876,18 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
mstore(folded_quotients_y, sub(P_MOD, mload(folded_quotients_y)))
|
||||
|
||||
mstore(mPtr, mload(folded_digests))
|
||||
|
||||
mstore(add(mPtr, 0x20), mload(add(folded_digests, 0x20)))
|
||||
mstore(add(mPtr, 0x40), G2_SRS_0_X_0) // the 4 lines are the canonical G2 point on BN254
|
||||
mstore(add(mPtr, 0x60), G2_SRS_0_X_1)
|
||||
mstore(add(mPtr, 0x80), G2_SRS_0_Y_0)
|
||||
mstore(add(mPtr, 0xa0), G2_SRS_0_Y_1)
|
||||
mstore(add(mPtr, 0xc0), mload(folded_quotients))
|
||||
mstore(add(mPtr, 0xe0), mload(add(folded_quotients, 0x20)))
|
||||
mstore(add(mPtr, 0x100), G2_SRS_1_X_0)
|
||||
mstore(add(mPtr, 0x120), G2_SRS_1_X_1)
|
||||
mstore(add(mPtr, 0x140), G2_SRS_1_Y_0)
|
||||
mstore(add(mPtr, 0x160), G2_SRS_1_Y_1)
|
||||
|
||||
mstore(add(mPtr, 0x20), mload(add(folded_digests, 0x20)))
|
||||
mstore(add(mPtr, 0x40), G2_SRS_0_X_0) // the 4 lines are the canonical G2 point on BN254
|
||||
mstore(add(mPtr, 0x60), G2_SRS_0_X_1)
|
||||
mstore(add(mPtr, 0x80), G2_SRS_0_Y_0)
|
||||
mstore(add(mPtr, 0xa0), G2_SRS_0_Y_1)
|
||||
mstore(add(mPtr, 0xc0), mload(folded_quotients))
|
||||
mstore(add(mPtr, 0xe0), mload(add(folded_quotients, 0x20)))
|
||||
mstore(add(mPtr, 0x100), G2_SRS_1_X_0)
|
||||
mstore(add(mPtr, 0x120), G2_SRS_1_X_1)
|
||||
mstore(add(mPtr, 0x140), G2_SRS_1_Y_0)
|
||||
mstore(add(mPtr, 0x160), G2_SRS_1_Y_1)
|
||||
check_pairing_kzg(mPtr)
|
||||
}
|
||||
|
||||
@@ -907,6 +912,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param aproof pointer to the proof
|
||||
/// acc_gamma stores the γⁱ
|
||||
function fold_state(aproof) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
let mPtr20 := add(mPtr, 0x20)
|
||||
@@ -943,14 +949,15 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
point_acc_mul(state_folded_digests, mPtr, acc_gamma, mPtr40)
|
||||
fr_acc_mul_calldata(add(state, STATE_FOLDED_CLAIMED_VALUES), add(aproof, PROOF_S2_AT_ZETA), acc_gamma)
|
||||
let poqaz := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
|
||||
|
||||
acc_gamma := mulmod(acc_gamma, l_gamma_kzg, R_MOD)
|
||||
mstore(mPtr, VK_QCP_0_X)
|
||||
mstore(mPtr20, VK_QCP_0_Y)
|
||||
point_acc_mul(state_folded_digests, mPtr, acc_gamma, mPtr40)
|
||||
fr_acc_mul_calldata(add(state, STATE_FOLDED_CLAIMED_VALUES), poqaz, acc_gamma)
|
||||
poqaz := add(poqaz, 0x20)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/// @notice generate the challenge (using Fiat Shamir) to fold the opening proofs
|
||||
/// at ζ.
|
||||
@@ -968,22 +975,23 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// * Z(ζω)
|
||||
/// @param aproof pointer to the proof
|
||||
function compute_gamma_kzg(aproof) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
mstore(mPtr, FS_GAMMA_KZG) // "gamma"
|
||||
mstore(add(mPtr, 0x20), mload(add(state, STATE_ZETA)))
|
||||
mstore(add(mPtr, 0x40), mload(add(state, STATE_LINEARISED_POLYNOMIAL_X)))
|
||||
mstore(add(mPtr, 0x60), mload(add(state, STATE_LINEARISED_POLYNOMIAL_Y)))
|
||||
mstore(add(mPtr,0x40), mload(add(state, STATE_LINEARISED_POLYNOMIAL_X)))
|
||||
mstore(add(mPtr,0x60), mload(add(state, STATE_LINEARISED_POLYNOMIAL_Y)))
|
||||
calldatacopy(add(mPtr, 0x80), add(aproof, PROOF_L_COM_X), 0xc0)
|
||||
mstore(add(mPtr, 0x140), VK_S1_COM_X)
|
||||
mstore(add(mPtr, 0x160), VK_S1_COM_Y)
|
||||
mstore(add(mPtr, 0x180), VK_S2_COM_X)
|
||||
mstore(add(mPtr, 0x1a0), VK_S2_COM_Y)
|
||||
|
||||
mstore(add(mPtr,0x140), VK_S1_COM_X)
|
||||
mstore(add(mPtr,0x160), VK_S1_COM_Y)
|
||||
mstore(add(mPtr,0x180), VK_S2_COM_X)
|
||||
mstore(add(mPtr,0x1a0), VK_S2_COM_Y)
|
||||
|
||||
let offset := 0x1c0
|
||||
|
||||
mstore(add(mPtr, offset), VK_QCP_0_X)
|
||||
mstore(add(mPtr, add(offset, 0x20)), VK_QCP_0_Y)
|
||||
|
||||
mstore(add(mPtr,offset), VK_QCP_0_X)
|
||||
mstore(add(mPtr,add(offset, 0x20)), VK_QCP_0_Y)
|
||||
offset := add(offset, 0x40)
|
||||
mstore(add(mPtr, offset), mload(add(state, STATE_OPENING_LINEARISED_POLYNOMIAL_ZETA)))
|
||||
mstore(add(mPtr, add(offset, 0x20)), calldataload(add(aproof, PROOF_L_AT_ZETA)))
|
||||
@@ -994,23 +1002,18 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
|
||||
let _mPtr := add(mPtr, add(offset, 0xc0))
|
||||
|
||||
|
||||
let _poqaz := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
calldatacopy(_mPtr, _poqaz, mul(VK_NB_CUSTOM_GATES, 0x20))
|
||||
_mPtr := add(_mPtr, mul(VK_NB_CUSTOM_GATES, 0x20))
|
||||
|
||||
|
||||
mstore(_mPtr, calldataload(add(aproof, PROOF_GRAND_PRODUCT_AT_ZETA_OMEGA)))
|
||||
|
||||
let start_input := 0x1b // 00.."gamma"
|
||||
let size_input := add(0x14, mul(VK_NB_CUSTOM_GATES, 3)) // number of 32bytes elmts = 0x14 (zeta+3*6 for the digests+openings) + 3*VK_NB_CUSTOM_GATES (for the commitments of the selectors) + 1 (opening of Z at ζω)
|
||||
let size_input := add(0x14, mul(VK_NB_CUSTOM_GATES,3)) // number of 32bytes elmts = 0x14 (zeta+3*6 for the digests+openings) + 3*VK_NB_CUSTOM_GATES (for the commitments of the selectors) + 1 (opening of Z at ζω)
|
||||
size_input := add(0x5, mul(size_input, 0x20)) // size in bytes: 15*32 bytes + 5 bytes for gamma
|
||||
let check_staticcall := staticcall(
|
||||
gas(),
|
||||
SHA2,
|
||||
add(mPtr, start_input),
|
||||
size_input,
|
||||
add(state, STATE_GAMMA_KZG),
|
||||
0x20
|
||||
)
|
||||
let check_staticcall := staticcall(gas(), SHA2, add(mPtr,start_input), size_input, add(state, STATE_GAMMA_KZG), 0x20)
|
||||
if iszero(check_staticcall) {
|
||||
error_verify()
|
||||
}
|
||||
@@ -1018,6 +1021,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
}
|
||||
|
||||
function compute_commitment_linearised_polynomial_ec(aproof, s1, s2) {
|
||||
|
||||
let state := mload(0x40)
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
|
||||
@@ -1062,6 +1066,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
add(mPtr, 0x40)
|
||||
)
|
||||
|
||||
|
||||
let qcp_opening_at_zeta := add(aproof, PROOF_OPENING_QCP_AT_ZETA)
|
||||
let bsb_commitments := add(aproof, PROOF_BSB_COMMITMENTS)
|
||||
for {
|
||||
@@ -1080,6 +1085,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
qcp_opening_at_zeta := add(qcp_opening_at_zeta, 0x20)
|
||||
bsb_commitments := add(bsb_commitments, 0x40)
|
||||
}
|
||||
|
||||
|
||||
mstore(mPtr, VK_S3_COM_X)
|
||||
mstore(add(mPtr, 0x20), VK_S3_COM_Y)
|
||||
@@ -1090,11 +1096,10 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
point_acc_mul(add(state, STATE_LINEARISED_POLYNOMIAL_X), mPtr, s2, add(mPtr, 0x40))
|
||||
|
||||
point_add(
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
mPtr
|
||||
)
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_LINEARISED_POLYNOMIAL_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
mPtr)
|
||||
}
|
||||
|
||||
/// @notice Compute the commitment to the linearized polynomial equal to
|
||||
@@ -1161,25 +1166,10 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
let mPtr := add(mload(0x40), STATE_LAST_MEM)
|
||||
let zeta_power_n_plus_two := pow(mload(add(state, STATE_ZETA)), n_plus_two, mPtr)
|
||||
point_mul_calldata(add(state, STATE_FOLDED_H_X), add(aproof, PROOF_H_2_COM_X), zeta_power_n_plus_two, mPtr)
|
||||
point_add_calldata(
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(aproof, PROOF_H_1_COM_X),
|
||||
mPtr
|
||||
)
|
||||
point_add_calldata(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), add(aproof, PROOF_H_1_COM_X), mPtr)
|
||||
point_mul(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), zeta_power_n_plus_two, mPtr)
|
||||
point_add_calldata(
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(aproof, PROOF_H_0_COM_X),
|
||||
mPtr
|
||||
)
|
||||
point_mul(
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
add(state, STATE_FOLDED_H_X),
|
||||
mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE)),
|
||||
mPtr
|
||||
)
|
||||
point_add_calldata(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), add(aproof, PROOF_H_0_COM_X), mPtr)
|
||||
point_mul(add(state, STATE_FOLDED_H_X), add(state, STATE_FOLDED_H_X), mload(add(state, STATE_ZETA_POWER_N_MINUS_ONE)), mPtr)
|
||||
let folded_h_y := mload(add(state, STATE_FOLDED_H_Y))
|
||||
folded_h_y := sub(P_MOD, folded_h_y)
|
||||
mstore(add(state, STATE_FOLDED_H_Y), folded_h_y)
|
||||
@@ -1189,6 +1179,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// - [ PI(ζ) - α²*L₁(ζ) + α(l(ζ)+β*s1(ζ)+γ)(r(ζ)+β*s2(ζ)+γ)(o(ζ)+γ)*z(ωζ) ]
|
||||
/// @param aproof pointer to the proof
|
||||
function compute_opening_linearised_polynomial(aproof) {
|
||||
|
||||
let state := mload(0x40)
|
||||
|
||||
// (l(ζ)+β*s1(ζ)+γ)
|
||||
@@ -1224,7 +1215,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
}
|
||||
|
||||
// BEGINNING utils math functions -------------------------------------------------
|
||||
|
||||
|
||||
/// @param dst pointer storing the result
|
||||
/// @param p pointer to the first point
|
||||
/// @param q pointer to the second point
|
||||
@@ -1234,7 +1225,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
mstore(add(mPtr, 0x20), mload(add(p, 0x20)))
|
||||
mstore(add(mPtr, 0x40), mload(q))
|
||||
mstore(add(mPtr, 0x60), mload(add(q, 0x20)))
|
||||
let l_success := staticcall(gas(), EC_ADD, mPtr, 0x80, dst, 0x40)
|
||||
let l_success := staticcall(gas(),EC_ADD,mPtr,0x80,dst,0x40)
|
||||
if iszero(l_success) {
|
||||
error_ec_op()
|
||||
}
|
||||
@@ -1259,11 +1250,11 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param src pointer to a point on Bn254(𝔽_p)
|
||||
/// @param s scalar
|
||||
/// @param mPtr free memory
|
||||
function point_mul(dst, src, s, mPtr) {
|
||||
mstore(mPtr, mload(src))
|
||||
mstore(add(mPtr, 0x20), mload(add(src, 0x20)))
|
||||
mstore(add(mPtr, 0x40), s)
|
||||
let l_success := staticcall(gas(), EC_MUL, mPtr, 0x60, dst, 0x40)
|
||||
function point_mul(dst,src,s, mPtr) {
|
||||
mstore(mPtr,mload(src))
|
||||
mstore(add(mPtr,0x20),mload(add(src,0x20)))
|
||||
mstore(add(mPtr,0x40),s)
|
||||
let l_success := staticcall(gas(),EC_MUL,mPtr,0x60,dst,0x40)
|
||||
if iszero(l_success) {
|
||||
error_ec_op()
|
||||
}
|
||||
@@ -1288,14 +1279,14 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param src pointer to the point to multiply and add
|
||||
/// @param s scalar
|
||||
/// @param mPtr free memory
|
||||
function point_acc_mul(dst, src, s, mPtr) {
|
||||
mstore(mPtr, mload(src))
|
||||
mstore(add(mPtr, 0x20), mload(add(src, 0x20)))
|
||||
mstore(add(mPtr, 0x40), s)
|
||||
let l_success := staticcall(gas(), 7, mPtr, 0x60, mPtr, 0x40)
|
||||
mstore(add(mPtr, 0x40), mload(dst))
|
||||
mstore(add(mPtr, 0x60), mload(add(dst, 0x20)))
|
||||
l_success := and(l_success, staticcall(gas(), EC_ADD, mPtr, 0x80, dst, 0x40))
|
||||
function point_acc_mul(dst,src,s, mPtr) {
|
||||
mstore(mPtr,mload(src))
|
||||
mstore(add(mPtr,0x20),mload(add(src,0x20)))
|
||||
mstore(add(mPtr,0x40),s)
|
||||
let l_success := staticcall(gas(),7,mPtr,0x60,mPtr,0x40)
|
||||
mstore(add(mPtr,0x40),mload(dst))
|
||||
mstore(add(mPtr,0x60),mload(add(dst,0x20)))
|
||||
l_success := and(l_success, staticcall(gas(),EC_ADD,mPtr,0x80,dst, 0x40))
|
||||
if iszero(l_success) {
|
||||
error_ec_op()
|
||||
}
|
||||
@@ -1324,7 +1315,7 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param src pointer to the scalar to multiply and add (on calldata)
|
||||
/// @param s scalar
|
||||
function fr_acc_mul_calldata(dst, src, s) {
|
||||
let tmp := mulmod(calldataload(src), s, R_MOD)
|
||||
let tmp := mulmod(calldataload(src), s, R_MOD)
|
||||
mstore(dst, addmod(mload(dst), tmp, R_MOD))
|
||||
}
|
||||
|
||||
@@ -1332,16 +1323,16 @@ contract TestPlonkVerifierForDataAggregation {
|
||||
/// @param e exponent
|
||||
/// @param mPtr free memory
|
||||
/// @return res x ** e mod r
|
||||
function pow(x, e, mPtr) -> res {
|
||||
function pow(x, e, mPtr)->res {
|
||||
mstore(mPtr, 0x20)
|
||||
mstore(add(mPtr, 0x20), 0x20)
|
||||
mstore(add(mPtr, 0x40), 0x20)
|
||||
mstore(add(mPtr, 0x60), x)
|
||||
mstore(add(mPtr, 0x80), e)
|
||||
mstore(add(mPtr, 0xa0), R_MOD)
|
||||
let check_staticcall := staticcall(gas(), MOD_EXP, mPtr, 0xc0, mPtr, 0x20)
|
||||
let check_staticcall := staticcall(gas(),MOD_EXP,mPtr,0xc0,mPtr,0x20)
|
||||
if eq(check_staticcall, 0) {
|
||||
error_mod_exp()
|
||||
error_mod_exp()
|
||||
}
|
||||
res := mload(mPtr)
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0xdf1e9f621e3a89f02d44dbc266056d50d5d1524dc4d135f93b81619f3d674b7c",
|
||||
"parentAggregationFinalShnarf": "0x47452a1b9ebadfe02bdd02f580fa1eba17680d57eec968a591644d05d78ee84f",
|
||||
"aggregatedProof": "0x2e6431c2cbb8021cc213885d08b39ccb38215789c2fdced773bd4d46d41a6b8217d476fbffa85477a18981fe0ec8c776171a656b8a12a746a3319e2b54c87a400f102032e51da42427391a70286fbc85fd0dd0a49c5ae890e485ff64c0b8ab9d14ec859fdf2eaeff4997e0eb0f429bda9cdf4afef98021dab7853ede9bf3983d28d3b6b08cc253e8ac6dfd36da607ac729f97bfe52da6722c9b9b994db805934143c5c006b101df5174557240204dec4a34cacf76108e7899304c565ac4d6a18086d779a0f60c70925556824c13ac6c269eefc7aa1c1c71b9d534c5e3da6663b04d66f0539ba5396c86e1a823874b7930cd5e5e724456401bc4ec78fef893f7603312b8200ff4885183eb18caa39f3cc5addf3fa269ac3779d2e3147ef8c2e3b2e8a57e79f5817343b1a003c3aff6a8c1472b43c7bb4294ef21e8c6b32e374f901f8067adb88e2fa5acfab716e76c16c25ab3b65cbfcb45b20c376de1b52849316fdca7b5b33aa27b93047fabd81c90de25f77af21746e9323857db6c2228bf12e642cdee60640d21c1fa93085a188757e4d1af7979797c8009d2e94ae08201712498ebb4ba0dd28ce715c09af2849d9b5f3b52f366be9f677291a7adc16e13127a5d239e8a0f92ee532763c46ea4736067653048c57e2b195a73abbdbdf487f2c5fd68152c9df7e5f1bfe20c650b3db1c2c0a595df56221295092bc5847326c1779d7179390ee89f6167e3ab5af2e7183fab9e9e7790c78f0068ee2c958b20f05a975167f7e6b69c1a780b05e9b0dd82ed462bde24a9e0aee2efcbc6c28f4bb199070367e57150fcb771669cf4ba8bc68085ab13e92f1866fba6c3bea5b2e2201a4de8bece0731c62ee90a9d701ac99645f15ead828cb880f8b35f6036e463e12cc0a7c346ba3b8803e53d119d8543569d743723d88e99a4154871153d37399173bd6539f441ca603501f8f402e7b5836c7960550e137dbef5bc7c8c20d7da823aa871781f2f61565ef75bbcb703f3d7dff21322921d93e5c7a071778576aa3180c347201bfcac60ffe35ee3b5054ddf149af7a841a05fcdc7b554cbea8d6362635ba41d6b779fc01e850b450f576a34c528e850868d43764dd71755d4fe770010928c3f6c62450523d5bdfbdda93586d6dfc3ec9e685e2d247502d3836fc7910db1865595094ec3c49a5ab8f84b9c432bc1d6191354dfed12feb07415fc3fa",
|
||||
"aggregatedProof": "0x07355eb937c8508eec66315f4dd00809eab5d8ba3c6925d37edde93fc248e28c2dcbf2f29c3c0c60ada0c0ceac4c1c975f6887a7ced528804bb7a325e27b083012495f11884b911377a39f615feace8faf16dfc9f09ea7d0d0965d341b15b98c1610eff44a2a0d49e0dfc890c1d644e985579d6f489e4d8c21d8be5ff34deb9f179a29899b9eb178c33d2c433dc5e41b66f559f9b6f5e352778623a2b1ee77a51a11fea1a2dfb86dc3823c2e3e6601f9db41feab3de68c78c40a492781f2d7860451260674f076a9c8904a4d27a3b97511926950dfbebfd0a229cbe7c4d1ef6f26305ca8ee096bf2811669ca7b92a1d855c9fb11f42f0600f1775a2c745f523d0639fc44208a1ca5a955afc117fd47d7140f848171cbffb2e3a2af1523df73912fa007d9bde44a42529a3190c549a24be7947d7595d07fa2b1db6a741e955ca52c752c5953a87568229e7b2b54cafd00826fd4f048c662f7449aae87e42294d0063216d8c848ef8078771d255d5301c4a3dea3b3297d1c27eb535019518c3ad709770da25f7d789926c583295940405cbf2d1dad4de41e5ad63d2f0273a8febc2a704b00af0e74f7a4f25a35830b8f7d7e32b86546dfa931ec39db123d40e4c205266587fb9763785bb4494a1bc48b586e5ec8b417207b9458a3e6b09539d07929604002ae4c2b5492c7e191628206381eea6b19bfb15350760e10e2e8f2341f1f042a8800ed238a0372f91cb257c7f534f39d3b285e951c1d737a737390a43a26f56a0f11f32a194a85132f65e6487a391e244c21f1b848297728e277fb3c7d1815881d4d3745e91644d58b1a08b958cf0ff004d6cf3b7fe2c127012c797df01133268df0088e623dbff2e96a221e87ab909530bcb268721bf9bbe172a990322d5ff2132fce29d2d65b73697461280ad9bc0a9133a8802e0c0dcecdd6f09baa0512c4466c1848edc04e7d6a615050c10c13c6d7d600be64df9e8aa0bb371d0b0413d35d18cc70887b13c6f6e7ccbc2363f8dd60ebe93d51c15ce5601312981e200f0c9d52d84c8e7e62295db03e47c0b68e71bbe244405c4ab2eef2c524989f21d4bec0c7b91db34c06ec92226bc4845e21777c65d72c731801c576f7945f301f9aa761d088f427fbd1672cefe35a13a899ae2d52673823f11e0a34d4f849802e367e4d5c92e09a8f6309c75af52fae72040e5708080541c3ff745c2375cdc6",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x233fd3d94f86264d6b666cdcb455c1cb144d3dc399edc9d17bd50aa42ae789a2",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0x6d2b3535e06f4778e03c8439145dd9b8e4ae312953b9ccc154ef73b8a00c26c1",
|
||||
"parentAggregationFinalShnarf": "0x47452a1b9ebadfe02bdd02f580fa1eba17680d57eec968a591644d05d78ee84f",
|
||||
"aggregatedProof": "0x008e483358dc0ac1d3f6a27b43f6332e88c4196151b2a1ce6c8575013cec2cbe2f666e5649165dfc5a88ede985203341f5910ec2f4e3d4e9fa2a0a2621e4b0a70a91e0f995a8d754a3ddec1698800be83da8815650488540d2ffb699eaf3518d14bff479974f1f5f8bef7687f89c6301247cd92a4ccfa76a868bd24090a670f20eb06513431e74411648ab8c02a270353146bc759451d00cf2a59477d6106b9d11df3e18bca0d3a36951e31699b21a73e22a77fb7fe43a33b717a23dd06a889a102e4143d1e024e053e4318f903c3dbd0ec0f6e49672dd0ccb10749ac00adaf311149a24bf2c2ee4cfe7ed1db713526c6f7c0893f2ec153e5f55a4b390ce135a0d3ebe372c1beea8142afebdc96fe2764b8b5a33efc0457b9ad65f678c8b9ede196eb1fe34a82e0f370fe1d53e5cfc34bc77f38a64eddbb74f6530a82feb0e0a148de4d309b179697ff8a3c97a5516a1bbffc36d8cf153e9f5ee8fdc98002fd1136a2a12603aa1c7a985b34c5dc6774a5efd6270eac180406b4f03c7ef08eee428bb45d04a3c6635a0225aae76c0522049df5080045629cd6a686c2d50d8b7fe10e6facded652c8d75d4a67d5f8f4c3c6b491f44cc23c307064ec94f7c3a44eb1d1dcd369464960e54a88ad3f9edbdd818f2ac711d6c8f49efe224fb2616f2ac0005ca0c753c801d9e2df1133cdd4de5e54554197ac3e2f42d0b140261a12796050d64ec14bb22355173d157a7a2a9a5c0a20d47430819b4c106fda54923f9bf273cbc4145962e07b853279e64e198d3da5919814935c4cf12ffc03128d0e4fc24e8f35180d257253c0ce33725cb665a81141f16418fb20cf2abb96fa65a03bc0fa8e1e842123e2a2590f423e34c1db2c51c9e872ea41942d44d94d735cf8b4b0ccc265c6bdc41dd6f1167da133450a5ea0c07ea4704c9ca377cd201d8a63f932f7d4c9edb88269008bfe08d91d576cbf1a46c2da88b13d2a38e68f66f330552114f37a226c38ed3a9acd35b75f5852e6879eb3c8746ed2676f9e3957d32bbee1493ac055f03a56e964c4ea278d323abde55b36439b5460897771bf5ef3be1992448a5479f3515d5605d403a51391c6c6db94a90b3353aa956a5ba6f7b951fee2b7657ab431f90220c84820c2db8e4b57eaa5c3ea13e8d1f4ed31b9434c5df5c083dbb24fdf9dc5a64ba7416e6d154e6b17727a3acaa9f59820e926196efd232",
|
||||
"aggregatedProof": "0x24a763a8f31f6fc38a69c22e50e52834ec7d81dec39a242788f2d58346cf26a012f9746c9b1a1495044290332e888efd1b2d2aa2c725b8bab9c144fd7aae58b40516025862d6f66f14a94fa21056ff77852b13f490f464a72c6761f9fbaeaabd129cf08f08e796cda5731ab08ce868b3188c749363ecea66e940fa5ae7d1ac7d2a50649642f8b92a0da2e46e428c9b7e0d690ab1b55fc94166b8b8e13af5bd5c2098836444656fcc2d5bf4ba30b334685bf8c8386a5ace5110c16ea47e425b4b098fe4587fe3477eac40fb3b044ce3c9ac3c8c63c2e0b9053e5bdc835d89f9dd114f6c6781bade139e4126c3aa018d4f8277d31bdb677d202bb88308248e67ee1db7a1c7735107ea60a9136e7a4d28984152f3ec601706761bdc2942afe4860e2ae4392e300e00fd27ed3736334320874bc118a135712bc92dee276b73b5715c218f03c694d832d1b10cbc2900d09fb3df9b7b8da7639c0db268074ff046affc11bb6b6699c06792e2dfeefb27d5145375850e34b1eb984dc2c87611952d9f872dba5559b64bdaee265c91a3b4f4c01c40f75381b6a2b99468364b1056a2cf3304e1c4622cf393a2a04c8dfba895c54b97cd081d0df7457fb35954740a16f97d2828a085da44352389651ddf83ef47152e5087d94b8475ba6772d2d37502a5ae1093727448560d452f7bd77f48e114855fe255a100f3d16199d8179876aa62ba1ea4af6ac5db7007410c09d970de717777db53739c5338347e9b9a5d24787239223bbe47ee17a38e3877d004f16e1c1ecd18ab12b163fd27b6beddca3700c7ec1470e3e921d13b8e705d4cf2511441e96b3391e1e53f4dee129481a9a9307c5911a0a8eec252ee62d1ce5823d24b152ebf9763d6a95c0cdf42fd00a45056f10025521191435a9f6b48c54e67ed081b8780ffcea6cf3c1cc8aa0159af38d599162216923680b8ee251ba11ccdd12f2bcf36eaa70892096a40847aada1b64de98e1e3b7a46c11f6e9908882d44adb3195766b316a84ceac2dcc88f987db38fe01f10bfd9d877bef3590ec9186a0ad140a3818818592e1377c2d03068118abbb17c210058369bf284117a6b8431967496b5c4ad4c48db1817e2b32fbb45a57f3f2c04cfba2a9cc42b95bc194c67dcedf375fadc10ffa3c697491220ffb5a780ab07220e499810f28776110f19a92490c51df664197f281aa5491dafb6bcf5bedf47",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x216ea864c4d4392d0315997af776dbc1856686e376a07c85ed67f8509c14328e",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0x4b7f110cbe7fcab315cd99683b2c7864bff2615903a3230d5bf2222b7a71a756",
|
||||
"parentAggregationFinalShnarf": "0x6d2b3535e06f4778e03c8439145dd9b8e4ae312953b9ccc154ef73b8a00c26c1",
|
||||
"aggregatedProof": "0x2ccd7bc052a4a3347fd0fc9134d62c37208cbf5af79ceda0a62bde3861db8329195f5d25f8fee76a7d37c45055766e059dd3750dec0b903783b5928b8a5e8c830a5336cd5876cb7c1a4cb5cf329f1f6c932a38121778a56a2a80d41cf75da03013a32e6ef9159e335e8943fd9daba6d58f48a68f47dd24585cf59e50ce79cf300d84d08f9db0c62db91f0b00f410acd88e1f6217ae3565db6535a086b781038d15bdb30229a0e1a191d5ea26f38cc27bec2ac3b9ddc00ca88ce0b27a745a7b271eb64a673306440b812ac79c53c345adb2c4a7d6d983dab3e8b00e83fc36e0ba3018527b30a861d10944d6d05b295a3dcfe956da4a6b42610ec703ffe74248fb0154a0dfc7bdc8dedcfc4e6bc884a10ba3aa3073efcacd66cf7d59e38a74aa1000a36354762974e610be1ee6988f91f58ea4fa7f3335736a8af7075ffb10ea2a0bede1074f138237a509373679a8d781308401b1ac283772ce163ad1efc5af2216899a8499375154809be8367318d7916933a34f02cf76d20d7715a289c174580229d78df12a39593212751e2e70f26909f7fafc6d63bc877d28278049406f3104b870a14218cf11b2422bb46dafb11aa4fecac8d7bd8570eb72b955688bbfc80cb0fb367fddb4826b6ff2285ddf6d147f38ba068e3d35cf0568a8141e3871b61eeabdbab18df69f0e8087484c2fa7eb15241b8d0e40d2883daf1addff7691e3241ad52968445fb97749bbe4ab7ab2e31717ed545c9d078a57eab2de9cd9db982377d1ba338e35fe231a05a1b81b4c9d4d1332c97cdfc1d0b6e3c6f190c932f201e8814a714bff8c37e80b1aac4ae26c8fe4fa68ca041713aacd705b3306926617503f4eca6c1893e6f5ced6ece0614e66624b9b817c664bc26e3bda711501980cf48324ee61112ac8105e1d645dd72ea6f99312a9f99f37e156b54f4d07f65c2d2dea5a66368fe0d42efbeb6983c81622c5e25eae779dd9ae3be074ca9772be1e65c0906da0e0f408b3daee7d505b99cfabaa3427a9a1abbfe78d273275fe2606f9e57936aad44f500f8ade2e3c0c350dcfbbeba3218205ee74818376bc87f70d0bb1ba55e09ba360aa28037bd8d99ba3ff700045c525b6c8a08acddbaf75d12e3a7863068be75c7e889962d10b6e0d40e0ae9c8334be7597e45936a12249ea0578371f6f0bc77cffeb47527760fcd3ead96ec5349779e8142b8cf6a9304eba",
|
||||
"aggregatedProof": "0x3058be439578068164e57d400f4fb99fef6e787c4776d5a6ede3a472eb9db8550e7c675c2a6119e7fb9bbf689d106351f7258c1afb0a14e5698f8d7837dda0a7264718b9fe77f2c85fb9d470626a6879aa8c5606b319661ed6f473ffa904e18326aed08ba42ed28ddf241680eb7b91150829e103ca86fa0e8a5173a2d4df3db20290db040fdca9b1d110ed72785ea3136cabc7081086ff9bfa3ad5d888bb862c2fed2ebfa5dc1f369fec685b5186ab236749bfec901b401a0589034f9d91f23a01bf0d48361c739752d2ad2e126afe5cdd279f405686efe04534fa763f2228c0160be2ad00b52ea64866cc91f05b8c5a5ab13a2a7db94fdaca44dcfac37d882e074fbbfc17f2d31fdbcad3f64ac3dc97d7d0c75e1a0bc0f24fa6a61e04784e6c0d6a29ad5deaebce34f6baa476b04338db1b98fcbe6b304b444eaf2576fbf9de02071a9423b3180d56cc391aa53f897fa6c0680fc1da36e3987b8184be8d49ed1c25f3c6d1743818dedf5354b3dcdd4b0a3fe9eff46bff11de89ca345fde57b405d575c99531f75245753564e0e28bf79031680d5c49488ce3c53efdc7b9bbdb22b9edefd5cdf97d930bbe9a50da99e64b5681f916f5fbf3518d2268369437fa02634b634cc719745541d74c0b8931bcdfd0f58f242b42c523d172e7aadff17706dfcfb36d31bd7f47e9ce133b7fc8bfcb1fea34a663248f7a7cd2f0bc13013701d351aa4dbb5092ee7def90e9dbe4c2a5720f8a6124b173ac125bc7e0f5dcd42f011af66bc76e7eb4ebef3133f6a8bf64e53f66dfe4f87d3c526c7d227a860f21a8f1370c88e918332e9bccb39f447a09972b0354f23dc3e6b5f158d1ebac961b2739fe7f83f2b6ef3d123de66d542a3f34d4f9c78e1e2658510552d65fafb60078682146f1d4a0722af05a330e19c6d023e0df11049ff27353687f423c422f1785bbb23741318c996131bf1cd56e944bce6d30eef3c02eeb2340cdfe6e3b1616f4099da8287d8a583ffb9c8c1b3062000e4d02179c75c242d54bd5bda7e2fe23a3e64e83aeaf582ed679728a26b149dcfcf4ba430229eaf003ac9c45623efb0436569a67bab0e32235c2b17dd21ea42fd284c99d8645fce7f0d4cfd90ef5850c5dbd74eb3d464ae8331eab5c18309db40d731c6c21985890d86e839f0f244e163dfb108c8829e096308b53b143ab8bc0ad83eee2ddcdd9c1815fa634f5f9f4",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x0ecda6d6b122aa50210c937e14351066a6e98db71c066ace19abb75a3abdfda8",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0x9562fa89830a0ba0063a636ca96e52ce2f032b855336c95dd788321f4e193419",
|
||||
"parentAggregationFinalShnarf": "0x47452a1b9ebadfe02bdd02f580fa1eba17680d57eec968a591644d05d78ee84f",
|
||||
"aggregatedProof": "0x2b8a08e4b319c731ae97081a486f1194d72740fa1bc4a4bdcd310ddf50a75c2f02e6ae770debd31337489d9655d16ab026af7219695762a2475a4875263aa2c120fc987bcfb7e9fdeac64a1db6bc5c9d4d7731a583d84a5d8db3e69132b5583116bb7a6ac8f081a1c33fecf42b51b7f8f827066b79e19d45d587d368ebfee5421e6a8a0d63a2fe696e647088d81c1b6c96190432f42bf5f7cdedddc3fd0698581dc557b353523782c2f137f71cd76f790f4b8be7c5d3f200befaaca4cf95366328cc64b4c98566701bde2e5710cc84dbbaa50e2d1f29147bcbc506924adfd30e016218b1f40bcc6a0bac3faa9023f6855e217a5d98ac9fc7f14005adfc18d52c1368b188aaacf77ec4bbf81a6ebc567330eb405db0effdc9447f744d0595732b19322fcdba4be23e05844ecbda382ba93730fc21d9d12200f0bc625a2f5350840348893f7a0600fdd932e86a2b6c28500fb40eb578563061ce1a27bb401eb7f128233c28ecf4e3e35ed53657aaf820a4cfe9a4057c496e95fc23031c2717bf761fb7a6e471e57990f36187c93c8159929a0141ed568eb05b68dad58fc826c3f90364821de7e0cefeff209bcd7f5250efed7cb3d6ad435fc774161cfb6787916a0f669b7c1668e79d160c0e680d674279217c40b662ee91b5165f94d6939e2a5a05ab12b274c697e35d60943be8aa53ff762c1d52d3390a80f76664737de582e72430b98e07146717df294d8eb5ca704444917c6c9c3f819b929af0e44e34e9dd23c7fd04a541107fb3c74bd1fb583aaf401b6fde6a48e4d8fcb0347d04d73a280c7c5f2807c540474634d323d23d8fde9173b98008d03273a55a1d023093c4730a6ce93a60ee79aa6942c159a3ddf086311e51eafbc90fb81b919a0d588c8c6529f0df37ab008b965e10f1c6560063f0b07bc2299d519bfed68b7c45953726e90997da2b84436f4906546770fe651041208734586c090efa87488dd09ccec05b12f68cfa5f2984f4970801179d5335b2f28dc9303375811736d12041580abc0b10d35acfe032f08ead34481e70668c0efed88d5461529d24352fd6f6071e363703661d460e7edec53cc933b778ddabfab152a4d7aa736b3a361534aece194b15258a67556f07fe55fe84206331187ed3bc909775fb5b4174f16475fdba91a1e9037b49216246e4658fcf5a0b026a70a6316fa0c93f196c6b4cd4eea3904067d3",
|
||||
"aggregatedProof": "0x2719f74a584ca862fc2c3b582e511bad7a37e5210741e66bc14e5d1665f3a28f0b7edd2bbb775c65515f5dd0a9b293a0f96a0146976829724cf703fa8aac0c7a22eb77c319a866b6b4c975c68ab99edb61a6d212701a3c72fd275b4b918d6449244e7f50d0e466ad3542f6174287d23ae83eb96eebded41e4ca5d7f89465663019fde4dd5409b006adac5b20f6195b68c0756d9261e3c2b16355c66f0f33e3492efc72c0571ea43547d6f724b3440239cc041d7b6aa210c165c63b5d63aec1101e4f24ad4e5d4fc96ffc727fe9e6d2453627e63140442ea4e9bdd30779a3cad11c11d5599c083d81273843eaa1f7eb12161adedc5ebd46eea265acbd7a9dc02b216acb6fca1aab70e89c445d41c6e851ba5dc2ab8d3512adbc383436da05d136102023ba2509c9de41512cdae952bf525d6629796551c0be80efb55976ee13c216353cc1d4d44768939ab9c4ce48a6b76e48fa8c194d49f0dec1d252b44439d3232f9db504aa9924083b63c1a00743132310b3963170d9e597403627971a0f742f67e29f6fb7f9d52f0a0b1472b4e7f228a65efd44b34e2021b19ff2db69540f2ae932f236b10d7644b921bbae4b9f72facfc16d431f83eeb02ac166947061360a48a6415092fd1724c710cd7301702ec8f203f5e34543f938ab08c081d12d73055c482d0960c3d55f0307fadcbb97de81865bb8ee801baa4ecd9e287950ae5328f7878b4479ee246095288b28c7a17de05ab2e1b567dcf0a1c375286ca149f2077f97cf81e28fd43e0015ec3258c607815c3efc00303b3a0ca3c9f58fecf1c72165546b105f6b603107c3f6bc9d0f16bef422d4f22c94a8cba572a588c6ea9027265a18fd4ec6f760af1a61ac048a964062967c26e4d52bf0057ee481420e0c09451b3db190d4aed0f934518b34ed70cf8653f6b324ae220a967dfb5b9a9e832e156fe1c51f961457f3f6406d1c9fa5c8f4b2620a69b93f27981e0b2d194bc3085ce2856619424a24094d151baf119c6d5bddfadaf68f499ff776a06f6740d013241fd4063c9d516f0261a69e1969b4a22c8c070afbe96f5a8d8cab1c06ede512fd0c2bafabcb388536b881ccae4dc666d6b5543d1c5bdf9d06124c880f76b90e673bd2fd9e64de2675def256eaaab7c8ff19172f1680cb4ac61292aafaa93d171abdc4169cd1cb83b1acd1328e3194b40ddfd19d12f77cbc9ccdb694f9e39b",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x1e77e4d1bba517cf992e7788a104fc5612e539ea2b459b532d69efe6c416235a",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0x602c8eeedd7f6dbb7bc0348da1b0dced846acf09586c9f27aa06b494a1c49249",
|
||||
"parentAggregationFinalShnarf": "0x47452a1b9ebadfe02bdd02f580fa1eba17680d57eec968a591644d05d78ee84f",
|
||||
"aggregatedProof": "0x1ef8ad12dc4e4b2e4e8979994ab16e0e907e3d594600fe66dff8cc3c25be910508ed51fed1de1cbc4d07869125eb137ede8f908cba8a1a97e26fb666a8ac1db02480bb12080c5ff9900b12963e3dd8a7d5719b3339326232465b232a4ba53c740860893232dc4545ad6b03bb56229a56dcc186710cf398525c18caa05f915459128d2f40878e15c9911904e3c3248d259993386f56c9929d81a3f4cf4b3305931e01e03e83334d62d8581fd5b510a37403e6f53d7b6ec7299ff1bba9f2b110812de395d4b19022f90760db5046e7305620dc64f52c4096d46729b01a397bb7b72cd3d6c66c24a5eef10d3ce870f0486d83c8ec0a9817ce0af0a1b9aa9c5792230469e2cf6d693e10d8a17d60985c9e3782f33fecbd6ed02a251815da2f4e2fc4147df40a7d4e2ceea00758ccd3df17cc20585327a9820d0108dd574f1fcf896c170deac4012eb89e3540a39f3a2b73bb449e9a46bfb9c991819cdf2905398ae00e6958a50ea58f137ec3c99d1a8877e3507920f55c317d6a5fc6718ea3bc255300f1d6325be2b5a5399562a4ffbd5059a483dfc807125d7cd75dd6d668b052cf2dbe0cd5dc3a93b6d9800bde7ba796a080a5281e7b42c38963e7a1e6647ec1eb219587e94ce96c3c258828fadaa0b76bc13f9194e120c3fa8f56847b136fcdd712851a384d0d3b5975152df354ec74847395dd3f6dd4c853f258d7a855fdb12c120c46b74b715273386a5ed3c44407797fbd09f0985c177137957a1342f38e9b090be0e96f7397b6eb380544923497f8dab1c0ef4fc1553bdbcc0fcdbcda8e8604ac0162ee8c60145e4b2fa05b4d3a0e748b6e4128a29842cbffd2992f6520a0163cac4f3fe3af4f901841db9b0a22f5882d3736a498aea2c787269fbc4589c42d71fd3a43dd1b31e8f2be1af62d75172daf970241448b44a91015a7ae4e18250cf54afc8cf67756f524a1bc245c72e2dc48cece0a18f810242f37ea2d9d26460f42e555df9e183031499fd813e666939759661eb772e077150bdfc4e5d1565a2e1e957b787fdda6b1defede8aa1405a9e376212f1be6a685f2bca487440d6f20141d2969b8a40a4144675c0eea6e13512d9c85bea1d6da212f50c5ee5b4e97e29f5131c114e0a3ef0e5702c56f61c0c6fee904aa873fd7d34301d909e9dfbe306ee6a593c2e33a691b3cc62b548c35fedf1761d856e54cf9483cc32b9849ecd",
|
||||
"aggregatedProof": "0x0906688e6a1a937a5c699d7b8f19e13e959de6fc80d7da1c8299128e234310be272b5717e590f87c2132f4c71ec27f878b91e173590ea629ee56686a3a1d778522a4a4773e3df38af03c94dbf0ecf748dcbb37ef6eb39a94eaeb8b2475026a8909c380f50cb9bb8597ff47ee3dcef700a2d77382c6e700c615366497b880719b159661c3ed861a6978ceabf7c561bbf4a52e9ec784e757d62edfe3aa43efab36179fac19d79b8e2c99512b94312171b737f38e1c968429dd8995134e7daeb04a1edc9232884f434cc4c1fd797362a5200c04c9e930752027e503a8510ea25cb5257b6fa29629a3a0df4b467fd7bd6c3d16a82aee1ab66d1c616783b5c4ec9be30a07d5c76f3c8df8b32079ae8037ae5f4c27264e12fba2813d510ed3dd2de6ec080311df054fe5c3e356abd96de784cfac558c6b9b3547f5d17075caefb8e14b1d3ed6738602aa069e4f65f0a551e345c2d9272ef8bb3f6022c6b02f8f1cbcc02741dee96850cf09543a51e934502c0f3fdcdc357b61e4db2a279fa329fe708417c76e452a74e90a802f9181fc25a61f87a3a6d5d5bf49436f9045e884a29d9d0a0cda05bdbb88f4f10ad3c6141acdb82234624c6fe32e829e6d5b3877c061c60561f5c65055898a07bf00c71c7b86979b1c852725cdeb2bed3acb3bf3a51e5914f659346a2369a48697e58567fb65efcb7b35c2c53a8aff45f685f01671b6bd069d5d8c37e5219a2bfa88549693b0a2ce149a05423ca548c0fde4d18754a87a2ef4129038070351fbb496d47f0373e00177c117e1553eaed26e6a91f669795b0dbc0bc20697632cda6d3aa62497bc3b2b87378a7d6da71337586586676126c50a0af8221bcc5a24b21bb28788399eb50888cc48699fe7a2eb212a82efb552072dc6e2ed532b4ed115cc22ac05282530594b9b5036a0665a6f51114ae3b9a8310ab0c7f8ef62dd67260a2f00b203ebaa1c10308e231eb01581bc45c139e47a321ae6121cde0cb0c30924c27bc39387f19486e96076a703749e3bf4774eb4199419874514ea4fb276831fbe497a282d0d76677d71569e7fe121fd20ac16c1b42c25d3475a987e038f4f0714fc92150f56e40639ad88b4a5de092749854e5a5dbb28c633425d0d0886eb0ac24dacd849c5bd7be6a3e456d57a39ba07e8933234792708a29f3317dd2527f0c4ef68b60d78510d57eb2ea8bd8f9d8fc8eac8ce5de6",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x1538dc88156cbdf280326f52e33192924ff311be4abc0dede43a14fbfb160a55",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0xfd910670a8da6aaaf2431ce7345a605dc15dc41298b9410065d2f7bb1ba99fea",
|
||||
"parentAggregationFinalShnarf": "0x47452a1b9ebadfe02bdd02f580fa1eba17680d57eec968a591644d05d78ee84f",
|
||||
"aggregatedProof": "0x1bf64c1edf68a488be4029c17e6237e73300a294e09230f0d91265f00645526c2a1c08eaa28e37ac60621b21a3b592a7c65fd9809ef8ddec93050b384c78a03b253f40adaf8ec9ea0993ffbdb305ca570117c90f5b77b810f9f2fc46613dd7010ca7906b191f1658bcc6de9f22867053f26cc13dc34861a7a3934bcd328c97380c785972db98482eaf11c2f48acbb2e5e4291e77c81fe880a1eae39aa7e9b3640c3671c11caf5a72acefbd4455c8a329c7960149a9f87f71a9277a086820dd21074cca6872707e321a20dc2d9e4cca74e7e3be89035b131f8c8686510d369551120eab67ad7ab41337d4c497f7fa19f52ae643b5a5d5fe7bb4bd24f8721bbecc1d12fc89733af07f053d734e4224ed3e456eb4e3a77a0670521106792120c2451407b05a4a6848f0493e1d6e23042ca01eae8f8dfb8b2428482de113e6aa42901ce2a8417b812c67ece9a691e7cf663daa87f5453cd3dc2d738ec604fe6d7d5d0d71f96cb9df2cecd6b1cb0cc35bca85b464dac2c8f28580fe40399fa16488f00dfaacdf58ffc8e28d4a814a2ba70daad9f97c5d693a0e8bedbca897f3aa296907dfb6d1aa8b6803c5bf6d0feb7c2626719b752f0431961c5e16691a296da61a04d6253f5385c32144b0823c31b3fa6be1b6482b89941ceb5dc1ac128a36b7432cbd7de4f3acfb2aaf0e5621dd426882efbfb5b3552c079a0428fe0b0dd5b32e168db05568b22a25aa60b6f4601c918e76e7d508f32e88477f16dbff877acb6e13d99b4015b3b72255294f45b3b1d1ecad980ba0965e69ed99d5ae91d8284db00a387835b71a2afb1a3a9f0efec6c1e377229b1916a1a57b0f559bab41e7813113551b91607348eabfbfe6c4c465caad663e58b200cf8be71bdbb6f47571a94c2863bc18f4b1a7efa4f4be94400047414bf124d0f3a6c62bb329e28ee8c4bf2915b943a77934996c61a4bce84fd66ad709d30c6dfa32735bd502dad08cdf8ecd163615f6a5b1f1cbfe593aaed6dd393bcd9161ffdb8ee755035e033dc2b20d32043f12a37dd340e31d7caf70772766d83e643e3f28f0182180189911c2ba4c7f1184dfbc48d8a49f61b4447f07e3f3d7ebb35632c52de7c953a25d9643b560be02146a8064709ff90f5aee2e0cd9177442788f4548708817d3e6352078dd8a6f2fa628982fb431153c1a2b71f86627ab10026f46a35409bde3da57650eae74ae",
|
||||
"aggregatedProof": "0x183f7ee0db45f17d02d4684cd659ead8f6878db6bb04d65ac30afcf702e4bd90130bc3e0c5519918df18c17c53283c36527063f7c83f676aaed3c1f6810f324922ec77ca53cf3211859775c594b1b99475d500a9801216c255b8273943c862aa1610cbfd2e8fb97d09f2a2a6c4dcea0d8e79b03b1f71257fea10582fa0e5ba9b1fe9de72729b19d9af9964b69e6580dd8ede5276bf904af0b0ff5ebfeb55951f1c3ea4233a450dc55a32e78b847b9d640f2e488f9a75f1426a974ebe85d262511bab1d0a63cc55eae774c73ad242f87033601eb2ecbaaa7fd386c8fe6aaa6631065f352aa3bb3c83b0941f2334f82a2f26ab9e6e4b9f2ef2298ef33565b0a96d2c2d76f0fce111fdfbfde8b253b211bfb5c9a0bd86d8b4d4d0b601f0bf8a0d40212beb9449b029d1c0ae293e0eae2badaaea56b869702b6bdc675281ac6f1a642c194c8a60c26dbe3a47ea105e8b93ee1d7d06cb5cd1f7f3567d0317883f9162176101be8d18fb7f7967c0faaa3b73a0a553f381aa6285197cae19df5b1886b222a89a8d01ce300701b4612e74e78bf4c19ce826dc07e0722f9f637818867598172229da2d98a53f77b72059b44119f4b8a4325e8088c8113205f97d8a6c98bc08c0d61fd392a0898aa2ab17b0c5c97743d5a8dda58fb7fa4c2ca0dc0b6e29b00488b1fa2ee99db2d883390efc6253291571071c9872a7128442e1653b71e515013653f00a535949a2cbaf08054eb858fa07113c920a4d43d7df01a28798c02c06855f361ab0b5332cdb1ded52352a25bcb4132193157c8be961272f34e2ff3f228ff8b914befd57a205934c95a7dd2f51df3d6c5154e856e8909f7c7c66f03215fac0ac620dbb10b60c3c0309ac06fc1a6483b98d4fab851539d3e96ac2a1cf2e847951877939666df9b67667f49fbf84e75edbf64f8af62751b01b39da54e8160a3b7e7cc46c0aef5bc9c27b2dcababa958531c529d7259f3e96138653656416b8e4a4a04245e5597ea79a779dc184ee4a99854fe493305bfe95fb106d155600c1bd6457506789323204f13e27ef53433f1d33bc52e2a150b82dee2bdfbcbb129bfe038db976ec2e85b305f963fdca3fba87889728258290b1ac1de8b297411846a69fbba38bd7eea0b67ea02d4fc0f7a88f2a21796033fb26fd042d2c105b12c6df3cc02c14989b9936bf0f5232a2fa75dc761b404a0cbcd5b0aae736155e",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x02df9c4f607afe80ac52003978e4a9e197a7a0b61b6601d5e0788a6fdec1c08d",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0x42d7511a7a880ac5c3a61a0f480e95ec7b0e2cfff1aa106ea0256aa94bf2b865",
|
||||
"parentAggregationFinalShnarf": "0xfd910670a8da6aaaf2431ce7345a605dc15dc41298b9410065d2f7bb1ba99fea",
|
||||
"aggregatedProof": "0x004d079dc1a3b7ab15b4180dfb1248061c53baf123b0b01cb317dfc6a79ede6104ae63614c13729ff4e937991ca9484d493750ed188427fbf2f80666289623fc1ef6e53c9123bccb4c4a3cf72f62d1e45b01b9d90e5b860c683523c108eeaa1c0364e7a18f985c6db601f25830015918cb61d5bac4f167d9180497242cda9e7315067a4af58faffdc88c8dd1ea503fb97a37b83821bc5c2c5abf2335680468810f3d56de44a398f6b81afc44cb088cf146d03570fed3a3e2fcbdafe62a1febd2211f6c32e6ccf9aabac8dfd8a45be5826e5275ff5e1ff5ee48055fd7f0d050881db23c024fe39e1e774dc5cc697bbe8340f84a1fdbbd4ca898067b51a69f7737017f66c55bb7caef98d7074c6abe644b45ce4d6b9e409f8be2bc75c8d6aa85d110413355c49ca3dd62221d4a8f0719ec633d9a6dcdaafeb2a8ddd93443302b9914b94cce67a74fe652760599efc1791dee4d81aad1244a02dc532340f0a1b31f1be9ca611ee98ba83d730ebcc68547926ce95cf6f9cc26ef67492f97d6f98dd229b9d895c6fd268ffab58751b60a3cb48db3b76f985923fef11e1de0a635616724c69edd2854429298d41e9c46c9282dbb503e26463b19d28a1d05958247899408e549c63032890a253b4c0baa0e34d89c66333ec7dbbbb3aeee1e910fba34ec01b0e31aa1a8b825f794b7f7acb0b6cbbe881ee99aa24fa1bca50f59ab5f31e7259ff3c6b279b2bc1f86e1e5d04d67feee7a4fd338fa0c1d9e1911582347c76317696ecc2a8ae3bf70b666636eb9f1ba0a4422757104c991f6f60d3454bb5fad222e14b451d5d5a0b217582cfd72e3f60e5b748d7b3ba9038cdeffae11170c062dd588da6de561ef8173474a2ac39b73e47fec9968773dec18875754ed40e91021d40b19f9a97bb95ff5531f5addb0331b70e8550614b209a2667ada653a6a18189bff192b99c946dd54dabc4f6c836c28750770484d2dd84b28cad3b2e2dd5b2d8536e48921ad151cc05fe0b9412b95dbbe631cf7484ad7f114e2222339d4fe0555cf70048fc7e1658fbf306e8c4d58b9a8e70707588a7ac8e4b393f13dba5e25b2070532365c46ad698e16b979f96cab0026c5c47fd8cbc1b2365fa94857780c5f581a30150ee802fd84ec53cf6a74ba390746d42147eb0e7132a8a61408f9016202b8704661389696d88ff769f9eaf48e84b0e3988e541e8a9d687a0d3910",
|
||||
"aggregatedProof": "0x2a17576d9d695ec8bf824e897f07985be74e72a2a6f2c7d61d90fcdd100f301f120e42bcd2b39e1f12da4b006d2d67873c782edb54cb1abf79484c2541446db10dcc8684ca8b8d550ba27af2c718f48865b7358d5c8a49ecf8ac03dee69a0131242cf022404bee6441da3ae2ca740957379f897c77a8d23ffc4948371128af1305aa161d8721ea7ae2169f4e201a81e7dfdb0a768e13e3bd346b39061f15f2022dd77ee57331f7a9e0627a1148b76f1a2e691ed4a3d85129d813ad63471343bd03daad3c9866f4309d4deef03ddccc8edb93988f4d386943189440588b6dd066208b7b94ec3d5798758cf38d9a0ac9c835d736eb167b7616e572cc75ffbd287d287fb5a0ff50776148588014646b8bf0e34146c2db5567d9d0a72a7ed1f13714105a95cce24ad13141755c42bc24606e45d5b93da7b879cafdebbb5916aa0c0d22b193d5028703ec64043fbad6075c951c8a7faf68a99f707b347fc5741e1514141fd66bd2388c79de651091e5192440ab30eec03c8bb1ecc8c40f69eaf28e6d2fe183a379502565318a455e063468f7884795dd61267e045905e622fedb200f1d411a66637da04ec62bdaabb678b4af4e652b2cc58e68a0229f9ce457dc11372333ada4102a256fe38603955a12c033aec79c4f753c647a5bcf33e3e8d2d8140b09b157334aa51bb3e2ea074e082482d9bf4af75fbcf326445e5955b67c7d0b1b6d3119021fd0679ff81eef3916df35a0b782a0524efc860d44e4379a0d27811474ad4d645e6004c6f06deac43fbc5c815bf83171ee98066793e44b567b17fa1f1e0462073d07cd7e720ef2ab6cb97feaf5abaaefe4228bb643e79a46192c761ebf38d352855abd70b5ec007f5cd4dcc7b31c59ce05f3949d1515be529bf40301e9079fa20ba69e730693e28d9aa70eb6cd27f08d98ef9c3196e1219b6f2dd30f4d0ba156146d2d07a64d0cf0ac815ff23cdfb797116b8e6e91fb9904b827300281965dee3dfd20a1f666acd1da14c0e8fd8c5684e630f3f70e6b1fda8d145619af2d92c32f547e4a8cbc39b482dc507f4d039e241015e3f1fd1b92268e43f117fdb8a5c745b56b76f15b3e4d46a5522a183711f94c9b3cdafdc6baf5000d7624390c7d37b24373cfdf9e8501c2d89a0a6d4ce4b96f1d3d022ece0d91fbc5bf22a29b2f9f8ce2f7008c7c1cead9dee92fdfd935cd5076b788eb17b7444bb595",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x23151dfee9756b7eb4a018d5ef30730f20e05edfd3ce67a8f898c46cb2d79341",
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"finalShnarf": "0x4e584b910dc758442e58e56e0bb46c001addaffe770fb740ea0e1b90c0e2b056",
|
||||
"parentAggregationFinalShnarf": "0x47452a1b9ebadfe02bdd02f580fa1eba17680d57eec968a591644d05d78ee84f",
|
||||
"aggregatedProof": "0x22d33dbcffa57ac78ac3b3b3a2ff52d9304eecb1073c3675fcf8225048b47aa1123499604ff2c96d334772b6d94e661c7a1fbf7e99b3b4fa1f0b8a3febca98762a5734908afa886b37351314dd68ba2f7ceaf08bef33f52d463d64a23f8523572505e5aedf7e24f132e5f21c1e0577b19081113824788bc47e3fe90d5b3da24a0f9270bd3bcac9309b715f64336c1d124a177fee676d52ef87a76bcf71d3f6a8043d5203fd92a92f2a9590e93cdf904228ebf5589c2afe45014398f5035a07c4076050fab21846b77729fdfef13d0903a4baac5a30abf986f08e11d00fa64fd420247c7ae09b7cecca8e8ca928c8ce80689a8c90d86cc3c1494d98fdf37436000c9e5d3389ac4961e8b8e9ffe1059eb34c74d61d94e23c492f24b2199f18bd180f985d8108884282fec6aeee6d59821d2186978bda855f85cd265c56903a814a2975c552578b532a84e41d71cf78cbecbef72dc374862bc692d5959b84f595612b4d55bd40e8d7261eade62c2a1bba2af2c7ba507abda5cc5f09c625ff4746d92b4588f864863a1f7806aebebc5b09bbd845d200f6a1811fb82867c8ada8656422a312841a269a6a4e628ab52eb5b0cf7329c7f876116b178ff28c4c6f0768871eea9236e28a1142df986b01fbce5c7aedd0ccd27a87a4321321c9bf1bf28f7e1365c364a0e2b4806926a18df6ca43f69b967c0473b55d74a1866bb33bc292a4006487ecb843bd209697f55dcc96ee8e15199c988f9abea42d4ddf00204627891f56f82954d1021bf869508fc3c7d0459dc9ab3bbe8b7e0a8e02675bd59a583c234417b8ac05872b5015ef665da3fca0f966d40d6988777c5def1dd834b94da10d95547edf4d56dccbbaf06f0d24ffb20799e3679a06d4748b16c5dafe7c9ba300ed0e4d01ea54fa447318721bf1e3931b9c6e059bee4bbad9976f28f531a420244395e60823940a36bd202d82578420bce7e97b2edc3021e9951c54953a4f2119d6c8912675f81fcd4a3e679f6c88e4be02cfa91f7d311e140736b8b26ceb500c7e6439c1220d645711e9017027f5a078bfffb612a9bce540229148411804d621af256389ef537ace447641bf21b5ea16d0ccf290f6979d2cdd1b26d2f8c20b047cd1d430cd6a77512006fa547193400a34561883693dda58980cbd770af4a22b132ea5302357e3ad0daf767c7b7c4106ff9e33463ccf4feff85933c87faac0",
|
||||
"aggregatedProof": "0x0b8bf5b2f5f68976b8fe683f68760defd695d2d10174a1e60fb11fb4a899bba327b6a0c38c9aca130f081a9dbaca2a4d374cff4e90663e2a717548e4fd417b02022017d0c46140df4d71941e70e32c77f2658a56a7d0c19f2754a6a12c7e159b14a578ea8487e9a500d21a596b6a848f5f1b4c5c86bed63e24341909e4f5af2c08cae0ed5c77c07a8d12e8c8db26ab1c859ba3f81be0c76fedb168c5ef6d2f670c0ba48016685b8b819c390de0027b9a052fc2618de7db4fb91c49ce4fd4944a1807307baf4c6c9df6db41c131971b2fd7f20447519a98185e0a9ee36b3b24d12ebd28942e577ac2a291b99b5276c5ef90b7b87cf2c0345f9d1f1a208718fbe52b4531348aa7684c1f87decbd82891b42b94b4a929fe064ddbebf1e9d0f7e9c62c96dad0f7a01a04efe951a08b3e3f01d73ca50f5e99b630f6d43a7521af04f313c5b5d64b38a40c1c2f790d6c2ae6693b248dc0751b00dae32fe636f06a82702852ac98790c94892251d4d57e2fc920bd8ce814fa05a7245fd2ddd775f679720d649052e70cb93a922ecbdfc42f3a24440f79045232d2726754f22c840e551d0e17b0290f34fdb4914f65e3a94bd8c98ae6f46ed848c3a7c3287644e5ba1a9116e5c0c6c3db9bf0c49fcdc46be713064ab2aad6397336b38ded36a60354a34a291c86708f79ecdd2d6a0ce0c1570ca6521bb6f3c8d2f11e68fe5dbb5f5a9092191a47f88f88ba0aa1bb9ca8b0addbab07a611bfb3ebf0b5e17e4b29a59472172523c8da1da79e75c42e8900b5322c7d8d988061e9b5bd67541cd76984f3130a0796fa53a7fc1aba307034a35305256e8fd70d4bc940d54b2e7f3f29f5712e6f146ccf06f05565401075657e6151059097c2d131ab799b6dc53384fc84c938e90add4a680d396da5ed790ba89068e04b600340d2c830b923bd53c808722d396c1fedaa9940d698a442caac2ad53d290adf26132928be8e876b7a1779b3a6910224119aab5da0a20b2eb1bd8195a4b99007d4a2b76bff16b38844cfcf2b9a8ffb26b39457e600db2ef22817d530603dcb78728a50d8a6996737b85092ac741fab05cdc5f5d781705c984765274fb7592087b18056fba9bb64403710ea35abe18406cb4ed9d94a62f435a425b9973d20f41f9d03867c1cf9b0f2c3ca5734e6040c009d2d968c55e42543ddd08b6956852bb69bd9b0a5d0cdd080d7d5e59bbe9c29",
|
||||
"aggregatedProverVersion": "test",
|
||||
"aggregatedVerifierIndex": 1,
|
||||
"aggregatedProofPublicInput": "0x0c16c609b50fbc6f660b3fe38c5989ce059ea171048c99c0dad306cea570df61",
|
||||
|
||||
@@ -4,7 +4,7 @@ import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/backend/ethereum"
|
||||
"github.com/consensys/linea-monorepo/prover/backend/execution"
|
||||
@@ -30,7 +30,7 @@ type RandGen struct {
|
||||
// Create a generator from the CLI
|
||||
func MakeGeneratorFromCLI() (res RandGen) {
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
res = RandGen{Rand: *rand.New(rand.NewSource(Seed()))}
|
||||
res = RandGen{Rand: *rand.New(utils.NewRandSource(Seed()))}
|
||||
res.Params.SupTxPerBlock = MaxTxPerBlock() + 1
|
||||
res.Params.SupL2L1LogsPerBlock = MaxL2L1LogsPerBlock() + 1
|
||||
res.Params.SupMsgReceiptPerBlock = MaxL1L2ReceiptPerBlock() + 1
|
||||
@@ -39,7 +39,7 @@ func MakeGeneratorFromCLI() (res RandGen) {
|
||||
|
||||
// Returns an non-zero integer in the range
|
||||
func (g *RandGen) PositiveInt(sup int) int {
|
||||
return utils.Max(1, g.Intn(sup))
|
||||
return utils.Max(1, g.IntN(sup))
|
||||
}
|
||||
|
||||
// Returns a random hex string representing n bytes
|
||||
@@ -70,7 +70,7 @@ func (g *RandGen) TxRlp(numTxs int) ([]string, []uint16) {
|
||||
var receptionPos []uint16
|
||||
|
||||
// overwrite one of the tx with a receipt confirmation one
|
||||
txPos := g.Intn(numTxs)
|
||||
txPos := g.IntN(numTxs)
|
||||
rlpTxs[txPos] = g.MsgReceiptConfirmationTx()
|
||||
receptionPos = append(receptionPos, utils.ToUint16(txPos))
|
||||
|
||||
@@ -136,13 +136,13 @@ func (g *RandGen) PopulateBlockData(
|
||||
|
||||
func (g *RandGen) Bytes(nb int) []byte {
|
||||
res := make([]byte, nb)
|
||||
g.Read(res)
|
||||
utils.ReadPseudoRand(&g.Rand, res)
|
||||
return res
|
||||
}
|
||||
|
||||
// Generates a tx of any type
|
||||
func (g *RandGen) AnyTypeTxRlp() (res string) {
|
||||
switch g.Intn(3) {
|
||||
switch g.IntN(3) {
|
||||
case 0:
|
||||
res = g.LegacyTxRLP()
|
||||
case 1:
|
||||
@@ -256,7 +256,7 @@ func (g *RandGen) MsgReceiptConfirmationTx() string {
|
||||
|
||||
// Craft the transaction, randomly from any of
|
||||
var tx ethtypes.TxData
|
||||
switch g.Intn(3) {
|
||||
switch g.IntN(3) {
|
||||
case 0:
|
||||
tx = ðtypes.LegacyTx{
|
||||
Nonce: g.Nonce(),
|
||||
@@ -338,7 +338,7 @@ func (g *RandGen) Nonce() uint64 {
|
||||
|
||||
// Generates a random tx value
|
||||
func (g *RandGen) Value() *big.Int {
|
||||
return big.NewInt(g.Int63n(1_000_000))
|
||||
return big.NewInt(g.Int64N(1_000_000))
|
||||
}
|
||||
|
||||
// Generate a random tx gas limit
|
||||
@@ -348,13 +348,13 @@ func (g *RandGen) Gas() uint64 {
|
||||
|
||||
// Generate a random big int
|
||||
func (g *RandGen) BigInt(n int64) *big.Int {
|
||||
return big.NewInt(g.Int63n(n))
|
||||
return big.NewInt(g.Int64N(n))
|
||||
}
|
||||
|
||||
// Generates a list of L2 msg logs
|
||||
func (g *RandGen) L2L1MsgHashes() (hashes []types.FullBytes32) {
|
||||
hashes = []types.FullBytes32{}
|
||||
n := g.Intn(g.Params.SupL2L1LogsPerBlock)
|
||||
n := g.IntN(g.Params.SupL2L1LogsPerBlock)
|
||||
for i := 0; i < n; i++ {
|
||||
hashes = append(hashes, types.FullBytes32FromHex(g.HexStringForNBytes(32)))
|
||||
}
|
||||
|
||||
@@ -28,7 +28,7 @@ func checkPublicInputs(
|
||||
// functional input (the txnrlp is incorrect). It should be converted into
|
||||
// an [api.AssertIsEqual] once this is resolved.
|
||||
//
|
||||
shouldBeEqual(api, execDataHash, gnarkFuncInp.DataChecksum)
|
||||
api.AssertIsEqual(execDataHash, gnarkFuncInp.DataChecksum)
|
||||
|
||||
api.AssertIsEqual(
|
||||
wvc.GetPublicInput(api, publicInput.L2MessageHash),
|
||||
@@ -154,10 +154,3 @@ func execDataHash(
|
||||
|
||||
return hsh.Sum()
|
||||
}
|
||||
|
||||
// shouldBeEqual is a placeholder dummy function that generate fake constraints
|
||||
// as a replacement for what should be an api.AssertIsEqual. If we just commented
|
||||
// out the api.AssertIsEqual we might have an unconstrained variable.
|
||||
func shouldBeEqual(api frontend.API, a, b frontend.Variable) {
|
||||
_ = api.Sub(a, b)
|
||||
}
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
package keccak_test
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/crypto/keccak"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
@@ -12,14 +13,14 @@ func TestTraces(t *testing.T) {
|
||||
|
||||
numCases := 100
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rng := rand.New(rand.NewSource(0))
|
||||
rng := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
maxSize := 1024
|
||||
|
||||
for i := 0; i < numCases; i++ {
|
||||
|
||||
// Populate a random string
|
||||
data := make([]byte, rng.Intn(maxSize))
|
||||
rng.Read(data)
|
||||
data := make([]byte, rng.IntN(maxSize))
|
||||
utils.ReadPseudoRand(rng, data)
|
||||
|
||||
// Initialize an empty trace
|
||||
traces := keccak.PermTraces{}
|
||||
|
||||
@@ -2,10 +2,11 @@ package keccak_test
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/crypto/keccak"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/stretchr/testify/require"
|
||||
"golang.org/x/crypto/sha3"
|
||||
)
|
||||
@@ -18,7 +19,7 @@ func TestFullHashAgainstRef(t *testing.T) {
|
||||
|
||||
// Create a deterministic random number generator for reproducibility.
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rng := rand.New(rand.NewSource(0))
|
||||
rng := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
refHasher := sha3.NewLegacyKeccak256()
|
||||
numCases := 50
|
||||
|
||||
@@ -30,7 +31,7 @@ func TestFullHashAgainstRef(t *testing.T) {
|
||||
for _n := 0; _n < numCases; _n++ {
|
||||
// Populate the sample with random values
|
||||
inp := make([]byte, s)
|
||||
_, err := rng.Read(inp)
|
||||
_, err := utils.ReadPseudoRand(rng, inp)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Hash the input stream using the reference hasher
|
||||
@@ -56,15 +57,15 @@ func TestFullHashAgainstRefFullRand(t *testing.T) {
|
||||
|
||||
// Create a deterministic random number generator for reproducibility.
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rng := rand.New(rand.NewSource(0))
|
||||
rng := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
refHasher := sha3.NewLegacyKeccak256()
|
||||
numCases := 500
|
||||
maxSize := 1024
|
||||
|
||||
for _n := 0; _n < numCases; _n++ {
|
||||
// Populate the sample with random values
|
||||
inp := make([]byte, rng.Intn(maxSize))
|
||||
_, err := rng.Read(inp)
|
||||
inp := make([]byte, rng.IntN(maxSize))
|
||||
_, err := utils.ReadPseudoRand(rng, inp)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Hash the input stream using the reference hasher
|
||||
|
||||
@@ -4,7 +4,7 @@ package ringsis_32_8
|
||||
|
||||
import (
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
@@ -15,14 +15,14 @@ func TestLimbDecompose(t *testing.T) {
|
||||
|
||||
var (
|
||||
limbs = make([]int64, 32)
|
||||
rng = rand.New(rand.NewSource(98790))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
inputs = make([]field.Element, 1)
|
||||
obtainedLimbs = make([]field.Element, 32)
|
||||
)
|
||||
|
||||
for i := range limbs {
|
||||
if i%32 > 31 {
|
||||
limbs[i] = int64(rng.Intn(1 << 8))
|
||||
limbs[i] = int64(rng.IntN(1 << 8))
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ package ringsis_32_8_test
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr/fft"
|
||||
@@ -31,7 +31,7 @@ func randomRegularRow(rng *rand.Rand, size int) smartvectors.SmartVector {
|
||||
func fullyRandomTestVector(rng *rand.Rand, numRow, numCols int) []smartvectors.SmartVector {
|
||||
list := make([]smartvectors.SmartVector, numRow)
|
||||
for i := range list {
|
||||
coin := rng.Intn(2)
|
||||
coin := rng.IntN(2)
|
||||
switch {
|
||||
case coin == 0:
|
||||
list[i] = randomConstRow(rng, numCols)
|
||||
@@ -63,7 +63,7 @@ func TestSmartVectorTransversalSisHash(t *testing.T) {
|
||||
var (
|
||||
numReps = 64
|
||||
numCols = 16
|
||||
rng = rand.New(rand.NewSource(786868))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
domain = fft.NewDomain(32, fft.WithShift(wfft.GetOmega(32*2)))
|
||||
twiddles = ringsis_32_8.PrecomputeTwiddlesCoset(domain.Generator, domain.FrMultiplicativeGen)
|
||||
params = ringsis.Params{LogTwoBound: 8, LogTwoDegree: 5}
|
||||
|
||||
@@ -4,7 +4,7 @@ package ringsis_64_16
|
||||
|
||||
import (
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
@@ -15,14 +15,14 @@ func TestLimbDecompose(t *testing.T) {
|
||||
|
||||
var (
|
||||
limbs = make([]int64, 64)
|
||||
rng = rand.New(rand.NewSource(98790))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
inputs = make([]field.Element, 4)
|
||||
obtainedLimbs = make([]field.Element, 64)
|
||||
)
|
||||
|
||||
for i := range limbs {
|
||||
if i%16 > 15 {
|
||||
limbs[i] = int64(rng.Intn(1 << 16))
|
||||
limbs[i] = int64(rng.IntN(1 << 16))
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@ package ringsis_64_16_test
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr/fft"
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/smartvectors"
|
||||
wfft "github.com/consensys/linea-monorepo/prover/maths/fft"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
)
|
||||
|
||||
func BenchmarkTransversalHash(b *testing.B) {
|
||||
@@ -18,7 +19,7 @@ func BenchmarkTransversalHash(b *testing.B) {
|
||||
var (
|
||||
numRow = 1024
|
||||
numCols = 1024
|
||||
rng = rand.New(rand.NewSource(786868)) // nolint
|
||||
rng = rand.New(utils.NewRandSource(786868)) // nolint
|
||||
domain = fft.NewDomain(64, fft.WithShift(wfft.GetOmega(64*2)))
|
||||
twiddles = ringsis_64_16.PrecomputeTwiddlesCoset(domain.Generator, domain.FrMultiplicativeGen)
|
||||
params = ringsis.Params{LogTwoBound: 16, LogTwoDegree: 6}
|
||||
|
||||
@@ -4,7 +4,7 @@ package ringsis_64_16_test
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr/fft"
|
||||
@@ -31,7 +31,7 @@ func randomRegularRow(rng *rand.Rand, size int) smartvectors.SmartVector {
|
||||
func fullyRandomTestVector(rng *rand.Rand, numRow, numCols int) []smartvectors.SmartVector {
|
||||
list := make([]smartvectors.SmartVector, numRow)
|
||||
for i := range list {
|
||||
coin := rng.Intn(2)
|
||||
coin := rng.IntN(2)
|
||||
switch {
|
||||
case coin == 0:
|
||||
list[i] = randomConstRow(rng, numCols)
|
||||
@@ -63,7 +63,7 @@ func TestSmartVectorTransversalSisHash(t *testing.T) {
|
||||
var (
|
||||
numReps = 64
|
||||
numCols = 16
|
||||
rng = rand.New(rand.NewSource(786868))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
domain = fft.NewDomain(64, fft.WithShift(wfft.GetOmega(64*2)))
|
||||
twiddles = ringsis_64_16.PrecomputeTwiddlesCoset(domain.Generator, domain.FrMultiplicativeGen)
|
||||
params = ringsis.Params{LogTwoBound: 16, LogTwoDegree: 6}
|
||||
|
||||
@@ -4,7 +4,7 @@ package ringsis_64_8
|
||||
|
||||
import (
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
@@ -15,14 +15,14 @@ func TestLimbDecompose(t *testing.T) {
|
||||
|
||||
var (
|
||||
limbs = make([]int64, 64)
|
||||
rng = rand.New(rand.NewSource(98790))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
inputs = make([]field.Element, 2)
|
||||
obtainedLimbs = make([]field.Element, 64)
|
||||
)
|
||||
|
||||
for i := range limbs {
|
||||
if i%32 > 31 {
|
||||
limbs[i] = int64(rng.Intn(1 << 8))
|
||||
limbs[i] = int64(rng.IntN(1 << 8))
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -4,7 +4,7 @@ package ringsis_64_8_test
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr/fft"
|
||||
@@ -31,7 +31,7 @@ func randomRegularRow(rng *rand.Rand, size int) smartvectors.SmartVector {
|
||||
func fullyRandomTestVector(rng *rand.Rand, numRow, numCols int) []smartvectors.SmartVector {
|
||||
list := make([]smartvectors.SmartVector, numRow)
|
||||
for i := range list {
|
||||
coin := rng.Intn(2)
|
||||
coin := rng.IntN(2)
|
||||
switch {
|
||||
case coin == 0:
|
||||
list[i] = randomConstRow(rng, numCols)
|
||||
@@ -63,7 +63,7 @@ func TestSmartVectorTransversalSisHash(t *testing.T) {
|
||||
var (
|
||||
numReps = 64
|
||||
numCols = 16
|
||||
rng = rand.New(rand.NewSource(786868))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
domain = fft.NewDomain(64, fft.WithShift(wfft.GetOmega(64*2)))
|
||||
twiddles = ringsis_64_8.PrecomputeTwiddlesCoset(domain.Generator, domain.FrMultiplicativeGen)
|
||||
params = ringsis.Params{LogTwoBound: 8, LogTwoDegree: 6}
|
||||
|
||||
@@ -2,7 +2,7 @@ package ringsis_{{.ModulusDegree}}_{{.LogTwoBound}}
|
||||
|
||||
import (
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
@@ -18,14 +18,14 @@ func TestLimbDecompose(t *testing.T) {
|
||||
|
||||
var (
|
||||
limbs = make([]int64, {{.ModulusDegree}})
|
||||
rng = rand.New(rand.NewSource(98790))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
inputs = make([]field.Element, {{$fieldPerPoly}})
|
||||
obtainedLimbs = make([]field.Element, {{.ModulusDegree}})
|
||||
)
|
||||
|
||||
for i := range limbs {
|
||||
if i%{{$limbPerField}} > {{sub $limbPerField 1}} {
|
||||
limbs[i] = int64(rng.Intn(1 << {{.LogTwoBound}}))
|
||||
limbs[i] = int64(rng.IntN(1 << {{.LogTwoBound}}))
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@ package ringsis_{{.ModulusDegree}}_{{.LogTwoBound}}_test
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr/fft"
|
||||
@@ -33,7 +33,7 @@ func randomRegularRow(rng *rand.Rand, size int) smartvectors.SmartVector {
|
||||
func fullyRandomTestVector(rng *rand.Rand, numRow, numCols int) []smartvectors.SmartVector {
|
||||
list := make([]smartvectors.SmartVector, numRow)
|
||||
for i := range list {
|
||||
coin := rng.Intn(2)
|
||||
coin := rng.IntN(2)
|
||||
switch {
|
||||
case coin == 0:
|
||||
list[i] = randomConstRow(rng, numCols)
|
||||
@@ -65,7 +65,7 @@ func TestSmartVectorTransversalSisHash(t *testing.T) {
|
||||
var (
|
||||
numReps = 64
|
||||
numCols = 16
|
||||
rng = rand.New(rand.NewSource(786868))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
domain = fft.NewDomain({{.ModulusDegree}}, fft.WithShift(wfft.GetOmega({{.ModulusDegree}}*2)))
|
||||
twiddles = ringsis_{{.ModulusDegree}}_{{.LogTwoBound}}.PrecomputeTwiddlesCoset(domain.Generator, domain.FrMultiplicativeGen)
|
||||
params = ringsis.Params{LogTwoBound: {{.LogTwoBound}}, LogTwoDegree: {{log2 .ModulusDegree}}}
|
||||
|
||||
@@ -2,9 +2,10 @@ package sha2
|
||||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
@@ -18,7 +19,7 @@ func TestHash(t *testing.T) {
|
||||
var (
|
||||
maxSizeByte = 1000
|
||||
// #nosec G404 -- we don't need a cryptographic PRNG for testing purposes
|
||||
rng = rand.New(rand.NewSource(212678))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
)
|
||||
|
||||
for sizeByte := 0; sizeByte < maxSizeByte; sizeByte++ {
|
||||
@@ -37,7 +38,7 @@ func TestHash(t *testing.T) {
|
||||
func genTestCase(rng *rand.Rand, sizeByte int) testCase {
|
||||
|
||||
stream := make([]byte, sizeByte)
|
||||
rng.Read(stream)
|
||||
utils.ReadPseudoRand(rng, stream)
|
||||
|
||||
return testCase{
|
||||
Stream: stream,
|
||||
|
||||
@@ -8,16 +8,17 @@ import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"github.com/consensys/linea-monorepo/prover/lib/compressor/blob/dictionary"
|
||||
encodeTesting "github.com/consensys/linea-monorepo/prover/lib/compressor/blob/encode/test_utils"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"io"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"os"
|
||||
"slices"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/lib/compressor/blob/dictionary"
|
||||
encodeTesting "github.com/consensys/linea-monorepo/prover/lib/compressor/blob/encode/test_utils"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/lib/compressor/blob/v0/compress/lzss"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/backend/ethereum"
|
||||
@@ -194,7 +195,7 @@ func TestCanWrite(t *testing.T) {
|
||||
cptBlock := 0
|
||||
for i, block := range testBlocks {
|
||||
// get a random from 1 to 5
|
||||
bSize := rand.Intn(3) + 1 // #nosec G404 -- false positive
|
||||
bSize := rand.IntN(3) + 1 // #nosec G404 -- false positive
|
||||
|
||||
if cptBlock > bSize && i%3 == 0 {
|
||||
nbBlocksPerBatch = append(nbBlocksPerBatch, uint16(cptBlock))
|
||||
@@ -279,7 +280,7 @@ func TestCompressorWithBatches(t *testing.T) {
|
||||
for i, block := range testBlocks {
|
||||
t.Logf("processing block %d over %d", i, len(testBlocks))
|
||||
// get a random from 1 to 5
|
||||
bSize := rand.Intn(5) + 1 // #nosec G404 -- false positive
|
||||
bSize := rand.IntN(5) + 1 // #nosec G404 -- false positive
|
||||
|
||||
if cptBlock > bSize && i%3 == 0 {
|
||||
nbBlocksPerBatch = append(nbBlocksPerBatch, uint16(cptBlock))
|
||||
@@ -726,17 +727,18 @@ func craftExpandingInput(dict []byte, size int) []byte {
|
||||
func TestPack(t *testing.T) {
|
||||
assert := require.New(t)
|
||||
var buf bytes.Buffer
|
||||
var rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
|
||||
for i := 0; i < 100; i++ {
|
||||
// create 2 random slices
|
||||
n1 := rand.Intn(100) + 1 // #nosec G404 -- false positive
|
||||
n2 := rand.Intn(100) + 1 // #nosec G404 -- false positive
|
||||
n1 := rng.IntN(100) + 1 // #nosec G404 -- false positive
|
||||
n2 := rng.IntN(100) + 1 // #nosec G404 -- false positive
|
||||
|
||||
s1 := make([]byte, n1)
|
||||
s2 := make([]byte, n2)
|
||||
|
||||
rand.Read(s1)
|
||||
rand.Read(s2)
|
||||
utils.ReadPseudoRand(rng, s1)
|
||||
utils.ReadPseudoRand(rng, s2)
|
||||
|
||||
// pack them
|
||||
buf.Reset()
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package compress
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
@@ -11,8 +11,8 @@ func TestMarshalRoundTrip(t *testing.T) {
|
||||
d := make([]int, 1000)
|
||||
for i := 0; i < 1000; i++ {
|
||||
var s Stream
|
||||
s.D = d[:rand.Intn(len(d))+1] //#nosec G404 weak rng is fine here
|
||||
s.NbSymbs = rand.Intn(510) + 2 //#nosec G404 weak rng is fine here
|
||||
s.D = d[:rand.IntN(len(d))+1] //#nosec G404 weak rng is fine here
|
||||
s.NbSymbs = rand.IntN(510) + 2 //#nosec G404 weak rng is fine here
|
||||
|
||||
testMarshal(t, s)
|
||||
}
|
||||
@@ -28,6 +28,6 @@ func testMarshal(t *testing.T, s Stream) {
|
||||
|
||||
func fillRandom(s Stream) {
|
||||
for i := range s.D {
|
||||
s.D[i] = rand.Intn(s.NbSymbs) //#nosec G404 weak rng is fine here
|
||||
s.D[i] = rand.IntN(s.NbSymbs) //#nosec G404 weak rng is fine here
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@ import (
|
||||
"encoding/binary"
|
||||
"encoding/hex"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"testing"
|
||||
@@ -151,7 +151,7 @@ func TestCanWrite(t *testing.T) {
|
||||
cptBlock := 0
|
||||
for i, block := range testBlocks {
|
||||
// get a random from 1 to 5
|
||||
bSize := rand.Intn(3) + 1 // #nosec G404 -- false positive
|
||||
bSize := rand.IntN(3) + 1 // #nosec G404 -- false positive
|
||||
|
||||
if cptBlock > bSize && i%3 == 0 {
|
||||
nbBlocksPerBatch = append(nbBlocksPerBatch, uint16(cptBlock))
|
||||
@@ -236,7 +236,7 @@ func TestCompressorWithBatches(t *testing.T) {
|
||||
for i, block := range testBlocks {
|
||||
t.Logf("processing block %d over %d", i, len(testBlocks))
|
||||
// get a random from 1 to 5
|
||||
bSize := rand.Intn(5) + 1 // #nosec G404 -- false positive
|
||||
bSize := rand.IntN(5) + 1 // #nosec G404 -- false positive
|
||||
|
||||
if cptBlock > bSize && i%3 == 0 {
|
||||
nbBlocksPerBatch = append(nbBlocksPerBatch, uint16(cptBlock))
|
||||
@@ -624,8 +624,8 @@ func TestPack(t *testing.T) {
|
||||
|
||||
for i := 0; i < 100; i++ {
|
||||
// create 2 random slices
|
||||
n1 := rand.Intn(100) + 1 // #nosec G404 -- false positive
|
||||
n2 := rand.Intn(100) + 1 // #nosec G404 -- false positive
|
||||
n1 := rand.IntN(100) + 1 // #nosec G404 -- false positive
|
||||
n2 := rand.IntN(100) + 1 // #nosec G404 -- false positive
|
||||
|
||||
s1 := make([]byte, n1)
|
||||
s2 := make([]byte, n2)
|
||||
|
||||
@@ -27,12 +27,12 @@ func TestFFTFuzzyDIFDIT(t *testing.T) {
|
||||
v := tcase.svecs[0]
|
||||
|
||||
// Test the consistency of the FFT
|
||||
oncoset := builder.gen.Intn(2) == 0
|
||||
oncoset := builder.gen.IntN(2) == 0
|
||||
|
||||
ratio, cosetID := 0, 0
|
||||
if oncoset {
|
||||
ratio = 1 << builder.gen.Intn(4)
|
||||
cosetID = builder.gen.Intn(ratio)
|
||||
ratio = 1 << builder.gen.IntN(4)
|
||||
cosetID = builder.gen.IntN(ratio)
|
||||
}
|
||||
|
||||
t.Logf("Parameters are (vec %v - ratio %v - cosetID %v", v.Pretty(), ratio, cosetID)
|
||||
@@ -66,12 +66,12 @@ func TestFFTFuzzyDITDIF(t *testing.T) {
|
||||
v := tcase.svecs[0]
|
||||
|
||||
// Test the consistency of the FFT
|
||||
oncoset := builder.gen.Intn(2) == 0
|
||||
oncoset := builder.gen.IntN(2) == 0
|
||||
|
||||
ratio, cosetID := 0, 0
|
||||
if oncoset {
|
||||
ratio = 1 << builder.gen.Intn(4)
|
||||
cosetID = builder.gen.Intn(ratio)
|
||||
ratio = 1 << builder.gen.IntN(4)
|
||||
cosetID = builder.gen.IntN(ratio)
|
||||
}
|
||||
|
||||
t.Logf("Parameters are (vec %v - ratio %v - cosetID %v", v.Pretty(), ratio, cosetID)
|
||||
@@ -105,12 +105,12 @@ func TestFFTFuzzyDIFDITBitReverse(t *testing.T) {
|
||||
v := tcase.svecs[0]
|
||||
|
||||
// Test the consistency of the FFT
|
||||
oncoset := builder.gen.Intn(2) == 0
|
||||
oncoset := builder.gen.IntN(2) == 0
|
||||
|
||||
ratio, cosetID := 0, 0
|
||||
if oncoset {
|
||||
ratio = 1 << builder.gen.Intn(4)
|
||||
cosetID = builder.gen.Intn(ratio)
|
||||
ratio = 1 << builder.gen.IntN(4)
|
||||
cosetID = builder.gen.IntN(ratio)
|
||||
}
|
||||
|
||||
t.Logf("Parameters are (vec %v - ratio %v - cosetID %v", v.Pretty(), ratio, cosetID)
|
||||
@@ -144,12 +144,12 @@ func TestFFTFuzzyDITDIFBitReverse(t *testing.T) {
|
||||
v := tcase.svecs[0]
|
||||
|
||||
// Test the consistency of the FFT
|
||||
oncoset := builder.gen.Intn(2) == 0
|
||||
oncoset := builder.gen.IntN(2) == 0
|
||||
|
||||
ratio, cosetID := 0, 0
|
||||
if oncoset {
|
||||
ratio = 1 << builder.gen.Intn(4)
|
||||
cosetID = builder.gen.Intn(ratio)
|
||||
ratio = 1 << builder.gen.IntN(4)
|
||||
cosetID = builder.gen.IntN(ratio)
|
||||
}
|
||||
|
||||
t.Logf("Parameters are (vec %v - ratio %v - cosetID %v", v.Pretty(), ratio, cosetID)
|
||||
@@ -183,19 +183,19 @@ func TestFFTFuzzyEvaluation(t *testing.T) {
|
||||
coeffs := tcase.svecs[0]
|
||||
|
||||
// Test the consistency of the FFT
|
||||
oncoset := builder.gen.Intn(2) == 0
|
||||
oncoset := builder.gen.IntN(2) == 0
|
||||
|
||||
ratio, cosetID := 0, 0
|
||||
if oncoset {
|
||||
ratio = 1 << builder.gen.Intn(4)
|
||||
cosetID = builder.gen.Intn(ratio)
|
||||
ratio = 1 << builder.gen.IntN(4)
|
||||
cosetID = builder.gen.IntN(ratio)
|
||||
}
|
||||
|
||||
// ====== With bit reverse ======
|
||||
|
||||
// FFT DIT and IFFT DIF should be the identity
|
||||
evals := FFT(coeffs, fft.DIT, true, ratio, cosetID, nil)
|
||||
i := builder.gen.Intn(coeffs.Len())
|
||||
i := builder.gen.IntN(coeffs.Len())
|
||||
t.Logf("Parameters are (vec %v - ratio %v - cosetID %v - evalAt %v", coeffs.Pretty(), ratio, cosetID, i)
|
||||
|
||||
x := fft.GetOmega(evals.Len())
|
||||
@@ -235,19 +235,19 @@ func TestFFTFuzzyConsistWithInterpolation(t *testing.T) {
|
||||
coeffs := tcase.svecs[0]
|
||||
|
||||
// Test the consistency of the FFT
|
||||
oncoset := builder.gen.Intn(2) == 0
|
||||
oncoset := builder.gen.IntN(2) == 0
|
||||
|
||||
ratio, cosetID := 0, 0
|
||||
if oncoset {
|
||||
ratio = 1 << builder.gen.Intn(4)
|
||||
cosetID = builder.gen.Intn(ratio)
|
||||
ratio = 1 << builder.gen.IntN(4)
|
||||
cosetID = builder.gen.IntN(ratio)
|
||||
}
|
||||
|
||||
// ====== With bit reverse ======
|
||||
|
||||
// FFT DIT and IFFT DIF should be the identity
|
||||
evals := FFT(coeffs, fft.DIT, true, ratio, cosetID, nil)
|
||||
i := builder.gen.Intn(coeffs.Len())
|
||||
i := builder.gen.IntN(coeffs.Len())
|
||||
t.Logf("Parameters are (vec %v - ratio %v - cosetID %v - evalAt %v", coeffs.Pretty(), ratio, cosetID, i)
|
||||
|
||||
var xCoeff field.Element
|
||||
|
||||
@@ -3,7 +3,7 @@ package smartvectors
|
||||
import (
|
||||
"fmt"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/poly"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/vector"
|
||||
@@ -61,24 +61,24 @@ func newTestBuilder(seed int) *testCaseGen {
|
||||
// Use a deterministic randomness source
|
||||
res := &testCaseGen{seed: seed}
|
||||
// #nosec G404 --we don't need a cryptographic RNG for fuzzing purpose
|
||||
res.gen = rand.New(rand.NewSource(int64(seed)))
|
||||
res.gen = rand.New(utils.NewRandSource(int64(seed)))
|
||||
|
||||
// We should have some quarantee that the length is not too small
|
||||
// for the test generation
|
||||
res.fullLen = 1 << (res.gen.Intn(5) + 3)
|
||||
res.numVec = res.gen.Intn(8) + 1
|
||||
res.fullLen = 1 << (res.gen.IntN(5) + 3)
|
||||
res.numVec = res.gen.IntN(8) + 1
|
||||
|
||||
// In the test, we may restrict the inputs vectors to have a certain type
|
||||
allowedTypes := append([]smartVecType{}, smartVecTypeList...)
|
||||
res.gen.Shuffle(len(allowedTypes), func(i, j int) {
|
||||
allowedTypes[i], allowedTypes[j] = allowedTypes[j], allowedTypes[i]
|
||||
})
|
||||
res.allowedTypes = allowedTypes[:res.gen.Intn(len(allowedTypes)-1)+1]
|
||||
res.allowedTypes = allowedTypes[:res.gen.IntN(len(allowedTypes)-1)+1]
|
||||
|
||||
// Generating the window : it should be roughly half of the total length
|
||||
// this aims at maximizing the coverage.
|
||||
res.windowWithLen = res.gen.Intn(res.fullLen-4)/2 + 2
|
||||
res.windowMustStartAfter = res.gen.Intn(res.fullLen)
|
||||
res.windowWithLen = res.gen.IntN(res.fullLen-4)/2 + 2
|
||||
res.windowMustStartAfter = res.gen.IntN(res.fullLen)
|
||||
return res
|
||||
}
|
||||
|
||||
@@ -104,8 +104,8 @@ func (gen *testCaseGen) NewTestCaseForProd() (tcase testCase) {
|
||||
for i := 0; i < gen.numVec; i++ {
|
||||
// Generate one by one the different vectors
|
||||
val := gen.genValue()
|
||||
tcase.coeffs[i] = gen.gen.Intn(5)
|
||||
chosenType := gen.allowedTypes[gen.gen.Intn(len(gen.allowedTypes))]
|
||||
tcase.coeffs[i] = gen.gen.IntN(5)
|
||||
chosenType := gen.allowedTypes[gen.gen.IntN(len(gen.allowedTypes))]
|
||||
maxType = utils.Max(maxType, chosenType)
|
||||
|
||||
// Update the expected res value
|
||||
@@ -184,8 +184,8 @@ func (gen *testCaseGen) NewTestCaseForLinComb() (tcase testCase) {
|
||||
for i := 0; i < gen.numVec; i++ {
|
||||
// Generate one by one the different vectors
|
||||
val := gen.genValue()
|
||||
tcase.coeffs[i] = gen.gen.Intn(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.Intn(len(gen.allowedTypes))]
|
||||
tcase.coeffs[i] = gen.gen.IntN(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.IntN(len(gen.allowedTypes))]
|
||||
maxType = utils.Max(maxType, chosenType)
|
||||
|
||||
// Update the expected res value
|
||||
@@ -258,8 +258,8 @@ func (gen *testCaseGen) NewTestCaseForPolyEval() (tcase testCase) {
|
||||
// Generate one by one the different vectors
|
||||
val := gen.genValue()
|
||||
vals = append(vals, val)
|
||||
tcase.coeffs[i] = gen.gen.Intn(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.Intn(len(gen.allowedTypes))]
|
||||
tcase.coeffs[i] = gen.gen.IntN(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.IntN(len(gen.allowedTypes))]
|
||||
maxType = utils.Max(maxType, chosenType)
|
||||
|
||||
switch chosenType {
|
||||
@@ -304,7 +304,7 @@ func (gen *testCaseGen) NewTestCaseForPolyEval() (tcase testCase) {
|
||||
func (gen *testCaseGen) genValue() field.Element {
|
||||
// May increase the ceil of the generator to increase the probability to pick
|
||||
// an actually random value.
|
||||
switch gen.gen.Intn(4) {
|
||||
switch gen.gen.IntN(4) {
|
||||
case 0:
|
||||
return field.Zero()
|
||||
case 1:
|
||||
@@ -316,9 +316,9 @@ func (gen *testCaseGen) genValue() field.Element {
|
||||
}
|
||||
|
||||
func (gen *testCaseGen) genWindow(val, paddingVal field.Element) *PaddedCircularWindow {
|
||||
start := gen.windowMustStartAfter + gen.gen.Intn(gen.windowWithLen)/2
|
||||
start := gen.windowMustStartAfter + gen.gen.IntN(gen.windowWithLen)/2
|
||||
maxStop := gen.windowWithLen + gen.windowMustStartAfter
|
||||
winLen := gen.gen.Intn(maxStop - start)
|
||||
winLen := gen.gen.IntN(maxStop - start)
|
||||
if winLen == 0 {
|
||||
winLen = 1
|
||||
}
|
||||
@@ -330,6 +330,6 @@ func (gen *testCaseGen) genRegular(val field.Element) *Regular {
|
||||
}
|
||||
|
||||
func (gen *testCaseGen) genRotated(val field.Element) *Rotated {
|
||||
offset := gen.gen.Intn(gen.fullLen)
|
||||
offset := gen.gen.IntN(gen.fullLen)
|
||||
return NewRotated(*gen.genRegular(val), offset)
|
||||
}
|
||||
|
||||
@@ -32,7 +32,7 @@ func TestWriteInSlice(t *testing.T) {
|
||||
}
|
||||
|
||||
// write in a random place of the slice
|
||||
randPos := builder.gen.Intn(v.Len())
|
||||
randPos := builder.gen.IntN(v.Len())
|
||||
slice[randPos].SetRandom()
|
||||
x := v.Get(randPos)
|
||||
require.NotEqual(t, x.String(), randPos, "forbidden shallow copy")
|
||||
@@ -55,7 +55,7 @@ func TestShiftingTest(t *testing.T) {
|
||||
func(t *testing.T) {
|
||||
v := tcase.svecs[0]
|
||||
|
||||
offset := builder.gen.Intn(v.Len())
|
||||
offset := builder.gen.IntN(v.Len())
|
||||
|
||||
shifted := v.RotateRight(offset)
|
||||
revShifted := v.RotateRight(-offset)
|
||||
@@ -91,8 +91,8 @@ func TestSubvectorFuzzy(t *testing.T) {
|
||||
v := tcase.svecs[0]
|
||||
length := v.Len()
|
||||
// generate the subvector window
|
||||
stop := 1 + builder.gen.Intn(length-1)
|
||||
start := builder.gen.Intn(stop)
|
||||
stop := 1 + builder.gen.IntN(length-1)
|
||||
start := builder.gen.IntN(stop)
|
||||
|
||||
sub := v.SubVector(start, stop)
|
||||
|
||||
|
||||
@@ -2,8 +2,9 @@ package smartvectors
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field/fext"
|
||||
"math/rand"
|
||||
|
||||
"github.com/consensys/gnark/frontend"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/vector"
|
||||
|
||||
@@ -4,8 +4,9 @@ package vectorext
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field/fext"
|
||||
"math/rand"
|
||||
|
||||
"github.com/consensys/gnark/frontend"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
|
||||
@@ -2,12 +2,13 @@ package smartvectorsext
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/big"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/polyext"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/smartvectors"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/smartvectors/vectorext"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field/fext"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
)
|
||||
@@ -62,24 +63,24 @@ func newTestBuilder(seed int) *testCaseGen {
|
||||
// Use a deterministic randomness source
|
||||
res := &testCaseGen{seed: seed}
|
||||
// #nosec G404 --we don't need a cryptographic RNG for fuzzing purpose
|
||||
res.gen = rand.New(rand.NewSource(int64(seed)))
|
||||
res.gen = rand.New(utils.NewRandSource(int64(seed)))
|
||||
|
||||
// We should have some quarantee that the length is not too small
|
||||
// for the test generation
|
||||
res.fullLen = 1 << (res.gen.Intn(5) + 3)
|
||||
res.numVec = res.gen.Intn(8) + 1
|
||||
res.fullLen = 1 << (res.gen.IntN(5) + 3)
|
||||
res.numVec = res.gen.IntN(8) + 1
|
||||
|
||||
// In the test, we may restrict the inputs vectors to have a certain type
|
||||
allowedTypes := append([]smartVecType{}, smartVecTypeList...)
|
||||
res.gen.Shuffle(len(allowedTypes), func(i, j int) {
|
||||
allowedTypes[i], allowedTypes[j] = allowedTypes[j], allowedTypes[i]
|
||||
})
|
||||
res.allowedTypes = allowedTypes[:res.gen.Intn(len(allowedTypes)-1)+1]
|
||||
res.allowedTypes = allowedTypes[:res.gen.IntN(len(allowedTypes)-1)+1]
|
||||
|
||||
// Generating the window : it should be roughly half of the total length
|
||||
// this aims at maximizing the coverage.
|
||||
res.windowWithLen = res.gen.Intn(res.fullLen-4)/2 + 2
|
||||
res.windowMustStartAfter = res.gen.Intn(res.fullLen)
|
||||
res.windowWithLen = res.gen.IntN(res.fullLen-4)/2 + 2
|
||||
res.windowMustStartAfter = res.gen.IntN(res.fullLen)
|
||||
return res
|
||||
}
|
||||
|
||||
@@ -105,8 +106,8 @@ func (gen *testCaseGen) NewTestCaseForProd() (tcase testCase) {
|
||||
for i := 0; i < gen.numVec; i++ {
|
||||
// Generate one by one the different vectors
|
||||
val := gen.genValue()
|
||||
tcase.coeffs[i] = gen.gen.Intn(5)
|
||||
chosenType := gen.allowedTypes[gen.gen.Intn(len(gen.allowedTypes))]
|
||||
tcase.coeffs[i] = gen.gen.IntN(5)
|
||||
chosenType := gen.allowedTypes[gen.gen.IntN(len(gen.allowedTypes))]
|
||||
maxType = utils.Max(maxType, chosenType)
|
||||
|
||||
// Update the expected res value
|
||||
@@ -185,8 +186,8 @@ func (gen *testCaseGen) NewTestCaseForLinComb() (tcase testCase) {
|
||||
for i := 0; i < gen.numVec; i++ {
|
||||
// Generate one by one the different vectors
|
||||
val := gen.genValue()
|
||||
tcase.coeffs[i] = gen.gen.Intn(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.Intn(len(gen.allowedTypes))]
|
||||
tcase.coeffs[i] = gen.gen.IntN(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.IntN(len(gen.allowedTypes))]
|
||||
maxType = utils.Max(maxType, chosenType)
|
||||
|
||||
// Update the expected res value
|
||||
@@ -259,8 +260,8 @@ func (gen *testCaseGen) NewTestCaseForPolyEval() (tcase testCase) {
|
||||
// Generate one by one the different vectors
|
||||
val := gen.genValue()
|
||||
vals = append(vals, val)
|
||||
tcase.coeffs[i] = gen.gen.Intn(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.Intn(len(gen.allowedTypes))]
|
||||
tcase.coeffs[i] = gen.gen.IntN(10) - 5
|
||||
chosenType := gen.allowedTypes[gen.gen.IntN(len(gen.allowedTypes))]
|
||||
maxType = utils.Max(maxType, chosenType)
|
||||
|
||||
switch chosenType {
|
||||
@@ -304,7 +305,7 @@ func (gen *testCaseGen) NewTestCaseForPolyEval() (tcase testCase) {
|
||||
func (gen *testCaseGen) genValue() fext.Element {
|
||||
// May increase the ceil of the generator to increase the probability to pick
|
||||
// an actually random value.
|
||||
switch gen.gen.Intn(4) {
|
||||
switch gen.gen.IntN(4) {
|
||||
case 0:
|
||||
return fext.Zero()
|
||||
case 1:
|
||||
@@ -316,9 +317,9 @@ func (gen *testCaseGen) genValue() fext.Element {
|
||||
}
|
||||
|
||||
func (gen *testCaseGen) genWindow(val, paddingVal fext.Element) *PaddedCircularWindowExt {
|
||||
start := gen.windowMustStartAfter + gen.gen.Intn(gen.windowWithLen)/2
|
||||
start := gen.windowMustStartAfter + gen.gen.IntN(gen.windowWithLen)/2
|
||||
maxStop := gen.windowWithLen + gen.windowMustStartAfter
|
||||
winLen := gen.gen.Intn(maxStop - start)
|
||||
winLen := gen.gen.IntN(maxStop - start)
|
||||
if winLen == 0 {
|
||||
winLen = 1
|
||||
}
|
||||
@@ -330,6 +331,6 @@ func (gen *testCaseGen) genRegularExt(val fext.Element) *RegularExt {
|
||||
}
|
||||
|
||||
func (gen *testCaseGen) genRotatedExt(val fext.Element) *RotatedExt {
|
||||
offset := gen.gen.Intn(gen.fullLen)
|
||||
offset := gen.gen.IntN(gen.fullLen)
|
||||
return NewRotatedExt(*gen.genRegularExt(val), offset)
|
||||
}
|
||||
|
||||
@@ -4,7 +4,7 @@ package vector
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr"
|
||||
"github.com/consensys/gnark/frontend"
|
||||
|
||||
@@ -2,11 +2,13 @@ package field
|
||||
|
||||
import (
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"unsafe"
|
||||
|
||||
"math/bits"
|
||||
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"math/bits"
|
||||
)
|
||||
|
||||
// Element aliases [fr.Element] and represents a field element in the scalar
|
||||
@@ -113,15 +115,36 @@ func ExpToInt(z *Element, x Element, k int) *Element {
|
||||
return z
|
||||
}
|
||||
|
||||
// PseudoRandom generates a field using a pseudo-random number generator
|
||||
// PseudoRand generates a field using a pseudo-random number generator
|
||||
func PseudoRand(rng *rand.Rand) Element {
|
||||
|
||||
var (
|
||||
slice = make([]byte, Bytes)
|
||||
bigInt = &big.Int{}
|
||||
res = Element{}
|
||||
bigInt = &big.Int{}
|
||||
res = Element{}
|
||||
bareU64 = [4]uint64{rng.Uint64(), rng.Uint64(), rng.Uint64(), rng.Uint64()}
|
||||
bareBytes = *(*[32]byte)(unsafe.Pointer(&bareU64))
|
||||
)
|
||||
rng.Read(slice)
|
||||
bigInt.SetBytes(slice).Mod(bigInt, Modulus())
|
||||
|
||||
bigInt.SetBytes(bareBytes[:]).Mod(bigInt, Modulus())
|
||||
res.SetBigInt(bigInt)
|
||||
return res
|
||||
}
|
||||
|
||||
// PseudoRandTruncated generates a field using a pseudo-random number generator
|
||||
func PseudoRandTruncated(rng *rand.Rand, sizeByte int) Element {
|
||||
|
||||
if sizeByte > 32 {
|
||||
utils.Panic("supplied a byteSize larger than 32 (%v), this must be a mistake. Please check that the supplied value is not instead a BIT-size.", sizeByte)
|
||||
}
|
||||
|
||||
var (
|
||||
bigInt = &big.Int{}
|
||||
res = Element{}
|
||||
bareU64 = [4]uint64{rng.Uint64(), rng.Uint64(), rng.Uint64(), rng.Uint64()}
|
||||
bareBytes = *(*[32]byte)(unsafe.Pointer(&bareU64))
|
||||
)
|
||||
|
||||
bigInt.SetBytes(bareBytes[:sizeByte]).Mod(bigInt, Modulus())
|
||||
res.SetBigInt(bigInt)
|
||||
return res
|
||||
}
|
||||
|
||||
@@ -21,7 +21,7 @@ import (
|
||||
"github.com/consensys/gnark-crypto/ecc/bls12-377/fr"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
)
|
||||
|
||||
const noQNR = 11
|
||||
|
||||
@@ -2,7 +2,7 @@ package lookup
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/smartvectors"
|
||||
@@ -58,7 +58,7 @@ func TestExhaustive(t *testing.T) {
|
||||
|
||||
var (
|
||||
// #nosec G404 -- we don't need a cryptographic PRNG for testing purposes
|
||||
rng = rand.New(rand.NewSource(43))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
smallNumbers = smartvectors.ForTest(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
|
||||
xorTable = [3]smartvectors.SmartVector{
|
||||
smartvectors.ForTest(0, 1, 2, 3, 0, 1, 2, 3, 0, 1, 2, 3, 0, 1, 2, 3),
|
||||
@@ -114,7 +114,7 @@ func TestExhaustive(t *testing.T) {
|
||||
for i := range cols {
|
||||
vec := make([]int, size)
|
||||
for j := range vec {
|
||||
vec[j] = rng.Intn(2)
|
||||
vec[j] = rng.IntN(2)
|
||||
}
|
||||
run.AssignColumn(cols[i].GetColID(), smartvectors.ForTest(vec...))
|
||||
}
|
||||
@@ -126,7 +126,7 @@ func TestExhaustive(t *testing.T) {
|
||||
for i := range cols {
|
||||
vec := make([]int, size)
|
||||
for j := range vec {
|
||||
vec[j] = rng.Intn(4)
|
||||
vec[j] = rng.IntN(4)
|
||||
}
|
||||
run.AssignColumn(cols[i].GetColID(), smartvectors.ForTest(vec...))
|
||||
}
|
||||
@@ -140,7 +140,7 @@ func TestExhaustive(t *testing.T) {
|
||||
size := cols[0].Size()
|
||||
vecs := [3][]int{}
|
||||
for j := 0; j < size; j++ {
|
||||
x, y := rng.Intn(4), rng.Intn(4)
|
||||
x, y := rng.IntN(4), rng.IntN(4)
|
||||
z := x ^ y
|
||||
vecs[0] = append(vecs[0], x)
|
||||
vecs[1] = append(vecs[1], y)
|
||||
|
||||
@@ -116,16 +116,7 @@ func FmtCsv(w io.Writer, run *wizard.ProverRuntime, cols []ifaces.Column, option
|
||||
allZeroes = false
|
||||
}
|
||||
|
||||
if assignment[c][r].IsUint64() {
|
||||
if cfg.inHex {
|
||||
fmtVals = append(fmtVals, "0x"+assignment[c][r].Text(16))
|
||||
} else {
|
||||
fmtVals = append(fmtVals, assignment[c][r].String())
|
||||
}
|
||||
continue
|
||||
}
|
||||
|
||||
fmtVals = append(fmtVals, "0x"+assignment[c][r].Text(16))
|
||||
fmtVals = append(fmtVals, fmtFieldElement(cfg.inHex, assignment[c][r]))
|
||||
}
|
||||
|
||||
if !allZeroes {
|
||||
@@ -261,3 +252,31 @@ func (c *CsvTrace) Len() int {
|
||||
func (c *CsvTrace) LenPadded() int {
|
||||
return utils.NextPowerOfTwo(c.nbRows)
|
||||
}
|
||||
|
||||
// WritesExplicit format value-provided columns into a csv file. Unlike [FmtCsv]
|
||||
// it does not need the columns to be registered as the assignmet of a wizard.
|
||||
// It is suitable for test-case generation.
|
||||
func WriteExplicit(w io.Writer, names []string, cols [][]field.Element, inHex bool) {
|
||||
|
||||
fmt.Fprintf(w, "%v\n", strings.Join(names, ","))
|
||||
|
||||
for i := range cols[0] {
|
||||
|
||||
row := []string{}
|
||||
for j := range cols {
|
||||
row = append(row, fmtFieldElement(inHex, cols[j][i]))
|
||||
}
|
||||
|
||||
fmt.Fprintf(w, "%v\n", strings.Join(row, ","))
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func fmtFieldElement(inHex bool, x field.Element) string {
|
||||
|
||||
if inHex || (x.IsUint64() && x.Uint64() < 1<<10) {
|
||||
return x.String()
|
||||
}
|
||||
|
||||
return "0x" + x.Text(16)
|
||||
}
|
||||
|
||||
35
prover/utils/rand.go
Normal file
35
prover/utils/rand.go
Normal file
@@ -0,0 +1,35 @@
|
||||
package utils
|
||||
|
||||
import (
|
||||
"math/rand/v2"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
// NewRandSource returns a [rand.ChaCha8] initialized with an integer seed. The
|
||||
// function is meant to sugar-coat the numerous testcases of the repo.
|
||||
func NewRandSource(seed int64) *rand.ChaCha8 {
|
||||
|
||||
if seed < 0 {
|
||||
seed = -seed
|
||||
}
|
||||
|
||||
var (
|
||||
seedU64 = uint64(seed)
|
||||
seed8Bytes = *(*[8]byte)(unsafe.Pointer(&seedU64))
|
||||
seed32Bytes = [32]byte{}
|
||||
)
|
||||
|
||||
copy(seed32Bytes[:], seed8Bytes[:])
|
||||
return rand.NewChaCha8(seed32Bytes)
|
||||
}
|
||||
|
||||
// ReadPseudoRand populate slices with bytes generated from rand. It returns the
|
||||
// number of bytes read and an error to match with [io.Read]. This function is
|
||||
// intended as a drop-in replacement for [math/rand.Read]. `n` is always the
|
||||
// len(slice) and err is always `nil`.
|
||||
func ReadPseudoRand(rng *rand.Rand, slice []byte) (n int, err error) {
|
||||
for i := range slice {
|
||||
slice[i] = byte(rng.Uint32() & 0xff)
|
||||
}
|
||||
return len(slice), nil
|
||||
}
|
||||
@@ -4,7 +4,7 @@ import (
|
||||
"bytes"
|
||||
"encoding/hex"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/utils/types"
|
||||
@@ -64,10 +64,10 @@ func TestReadWriteInt64(t *testing.T) {
|
||||
const nIterations = 100
|
||||
|
||||
// #nosec G404 -- no need for a cryptographically strong PRNG for testing purposes
|
||||
rng := rand.New(rand.NewSource(0))
|
||||
rng := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
|
||||
for _i := 0; _i < nIterations; _i++ {
|
||||
n := rng.Int63()
|
||||
n := rng.Int64()
|
||||
buffer := &bytes.Buffer{}
|
||||
types.WriteInt64On32Bytes(buffer, n)
|
||||
n2, _, err := types.ReadInt64On32Bytes(buffer)
|
||||
@@ -81,10 +81,10 @@ func TestReadWriteBigInt(t *testing.T) {
|
||||
const nIterations = 100
|
||||
|
||||
// #nosec G404 -- no need for a cryptographically strong PRNG for testing purposes
|
||||
rng := rand.New(rand.NewSource(0))
|
||||
rng := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
|
||||
for _i := 0; _i < nIterations; _i++ {
|
||||
n := big.NewInt(rng.Int63())
|
||||
n := big.NewInt(rng.Int64())
|
||||
buffer := &bytes.Buffer{}
|
||||
types.WriteBigIntOn32Bytes(buffer, n)
|
||||
n2, err := types.ReadBigIntOn32Bytes(buffer)
|
||||
|
||||
67
prover/zkevm/prover/common/hilo.go
Normal file
67
prover/zkevm/prover/common/hilo.go
Normal file
@@ -0,0 +1,67 @@
|
||||
package common
|
||||
|
||||
import (
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/ifaces"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/utils/types"
|
||||
)
|
||||
|
||||
// HiLoColumns represents a pair of column representing a sequence of bytes32
|
||||
// element that do not fit in a single field element. The Hi columns stores the
|
||||
// first 16 bytes of the column. And the Lo columns stores the last 16 bytes.
|
||||
type HiLoColumns struct {
|
||||
Hi, Lo ifaces.Column
|
||||
}
|
||||
|
||||
// NewHiLoColumns returns a new HiLoColumns with initialized and unconstrained
|
||||
// columns.
|
||||
func NewHiLoColumns(comp *wizard.CompiledIOP, size int, name string) HiLoColumns {
|
||||
return HiLoColumns{
|
||||
Hi: comp.InsertCommit(
|
||||
0,
|
||||
ifaces.ColIDf("STATE_SUMMARY_%v_HI", name),
|
||||
size,
|
||||
),
|
||||
Lo: comp.InsertCommit(
|
||||
0,
|
||||
ifaces.ColIDf("STATE_SUMMARY_%v_LO", name),
|
||||
size,
|
||||
),
|
||||
}
|
||||
}
|
||||
|
||||
// HiLoAssignmentBuilder is a convenience structure storing the column builders
|
||||
// relating to an HiLoColumns.
|
||||
type HiLoAssignmentBuilder struct {
|
||||
Hi, Lo *VectorBuilder
|
||||
}
|
||||
|
||||
// NewHiLoAssignmentBuilder returns a fresh [hiLoAssignmentBuilder]
|
||||
func NewHiLoAssignmentBuilder(hiLo HiLoColumns) HiLoAssignmentBuilder {
|
||||
return HiLoAssignmentBuilder{
|
||||
Hi: NewVectorBuilder(hiLo.Hi),
|
||||
Lo: NewVectorBuilder(hiLo.Lo),
|
||||
}
|
||||
}
|
||||
|
||||
// Push pushes a row representing `fb` onto `hl`
|
||||
func (hl *HiLoAssignmentBuilder) Push(fb types.FullBytes32) {
|
||||
hl.Hi.PushHi(fb)
|
||||
hl.Lo.PushLo(fb)
|
||||
}
|
||||
|
||||
// PushZeroes pushes a row representing 0 onto `hl`
|
||||
func (hl *HiLoAssignmentBuilder) PushZeroes() {
|
||||
hl.Hi.PushZero()
|
||||
hl.Lo.PushZero()
|
||||
}
|
||||
|
||||
// PadAssign pads `hl` with `fb` and assigns the resulting columns into `run`.
|
||||
func (hl *HiLoAssignmentBuilder) PadAssign(run *wizard.ProverRuntime, fb types.FullBytes32) {
|
||||
var f field.Element
|
||||
f.SetBytes(fb[:16])
|
||||
hl.Hi.PadAndAssign(run, f)
|
||||
f.SetBytes(fb[16:])
|
||||
hl.Lo.PadAndAssign(run, f)
|
||||
}
|
||||
@@ -2,12 +2,13 @@ package testdata
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/backend/files"
|
||||
"github.com/consensys/linea-monorepo/prover/crypto/keccak"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/common"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/hash/generic"
|
||||
)
|
||||
@@ -23,7 +24,7 @@ func GenerateAndAssignGenDataModule(run *wizard.ProverRuntime, gdm *generic.GenD
|
||||
toHash = make([]field.Element, size)
|
||||
index = make([]field.Element, size)
|
||||
hashNum = make([]field.Element, size)
|
||||
rng = rand.New(rand.NewSource(68768))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
|
||||
nByteCol = common.NewVectorBuilder(gdm.NBytes)
|
||||
limbCol = common.NewVectorBuilder(gdm.Limb)
|
||||
@@ -95,7 +96,7 @@ func randNBytes(rng *rand.Rand) (int, field.Element) {
|
||||
|
||||
// nBytesInt must be in 1..=16
|
||||
var (
|
||||
nBytesInt = rng.Int31n(16) + 1
|
||||
nBytesInt = rng.Int32N(16) + 1
|
||||
nBytesF = field.NewElement(uint64(nBytesInt))
|
||||
)
|
||||
|
||||
@@ -106,7 +107,7 @@ func randLimbs(rng *rand.Rand, nBytes int) field.Element {
|
||||
|
||||
var (
|
||||
resBytes = make([]byte, 16)
|
||||
_, _ = rng.Read(resBytes[:nBytes])
|
||||
_, _ = utils.ReadPseudoRand(rng, resBytes[:nBytes])
|
||||
res = new(field.Element).SetBytes(resBytes)
|
||||
)
|
||||
|
||||
|
||||
@@ -2,10 +2,11 @@ package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/backend/files"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
)
|
||||
|
||||
func main() {
|
||||
@@ -16,7 +17,7 @@ func main() {
|
||||
toHash = make([]field.Element, 32)
|
||||
index = make([]field.Element, 32)
|
||||
hashNum = make([]field.Element, 32)
|
||||
rng = rand.New(rand.NewSource(68768))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
hashNums = []int{0, 0, 0, 0, 1, 1, 1, 2, 2, 2, 2, 2, 2, 2, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 0, 0, 0, 0, 0, 0, 0}
|
||||
toHashInt = []int{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0}
|
||||
oF = files.MustOverwrite("./testdata/input.csv")
|
||||
@@ -71,7 +72,7 @@ func randLimbs(rng *rand.Rand, nBytes int) field.Element {
|
||||
|
||||
var (
|
||||
resBytes = make([]byte, 16)
|
||||
_, _ = rng.Read(resBytes[:nBytes])
|
||||
_, _ = utils.ReadPseudoRand(rng, resBytes[:nBytes])
|
||||
res = new(field.Element).SetBytes(resBytes)
|
||||
)
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package base_conversion
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
@@ -53,6 +53,7 @@ func makeTestCaseBaseConversionOutput() (
|
||||
}
|
||||
return define, prover
|
||||
}
|
||||
|
||||
func TestBaseConversionOutput(t *testing.T) {
|
||||
define, prover := makeTestCaseBaseConversionOutput()
|
||||
comp := wizard.Compile(define, dummy.Compile)
|
||||
@@ -73,18 +74,15 @@ func (b *hashBaseConversion) assignInputs(run *wizard.ProverRuntime) {
|
||||
sliceLoB[j] = common.NewVectorBuilder(b.Inputs.LimbsLoB[j])
|
||||
}
|
||||
|
||||
// #nosec G404 -- we don't need a cryptographic PRNG for testing purposes
|
||||
rng := rand.New(utils.NewRandSource(678988))
|
||||
|
||||
max := keccakf.BaseBPow4
|
||||
for j := range sliceHiB {
|
||||
for row := 0; row < size; row++ {
|
||||
// generate a random value in baseB
|
||||
// #nosec G404 -- we don't need a cryptographic PRNG for testing purposes
|
||||
rng := rand.New(rand.NewSource(int64(row * j)))
|
||||
// #nosec G404 -- we don't need a cryptographic PRNG for testing purposes
|
||||
rngm := rand.New(rand.NewSource(int64((row + 3) * j)))
|
||||
n := rng.Intn(max) + 1
|
||||
m := rngm.Intn(max) + 1
|
||||
sliceHiB[j].PushInt(n)
|
||||
sliceLoB[j].PushInt(m)
|
||||
sliceHiB[j].PushInt(rng.IntN(max))
|
||||
sliceLoB[j].PushInt(rng.IntN(max))
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,13 +1,14 @@
|
||||
package base_conversion
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/compiler/dummy"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/ifaces"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/common"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
@@ -16,6 +17,8 @@ func makeTestCaseDecomposeBE() (
|
||||
define wizard.DefineFunc,
|
||||
prover wizard.ProverStep,
|
||||
) {
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rand := rand.New(utils.NewRandSource(0))
|
||||
size := 16
|
||||
d := &decompositionCtx{}
|
||||
define = func(build *wizard.Builder) {
|
||||
@@ -35,7 +38,7 @@ func makeTestCaseDecomposeBE() (
|
||||
)
|
||||
for row := 0; row < size; row++ {
|
||||
b := make([]byte, 8)
|
||||
rand.Read(b) //nolint
|
||||
utils.ReadPseudoRand(rand, b)
|
||||
f := *new(field.Element).SetBytes(b)
|
||||
col.PushField(f)
|
||||
}
|
||||
|
||||
@@ -1,13 +1,14 @@
|
||||
package keccakf
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/crypto/keccak"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/compiler/dummy"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/ifaces"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
@@ -40,7 +41,7 @@ func MakeTestCaseInputOutputModule(maxNumKeccakF int) (
|
||||
|
||||
func TestInputOutputModule(t *testing.T) {
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rng := rand.New(rand.NewSource(0))
|
||||
rng := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
numCases := 2
|
||||
maxNumKeccakf := 64
|
||||
// The -1 is here to prevent the generation of a padding block
|
||||
@@ -51,9 +52,9 @@ func TestInputOutputModule(t *testing.T) {
|
||||
|
||||
for i := 0; i < numCases; i++ {
|
||||
// Generate a random piece of data
|
||||
dataSize := rng.Intn(maxInputSize + 1)
|
||||
dataSize := rng.IntN(maxInputSize + 1)
|
||||
data := make([]byte, dataSize)
|
||||
rng.Read(data)
|
||||
utils.ReadPseudoRand(rng, data)
|
||||
|
||||
// Generate permutation traces for the data
|
||||
traces := keccak.PermTraces{}
|
||||
|
||||
@@ -4,7 +4,7 @@ package keccakf
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"sync"
|
||||
"testing"
|
||||
|
||||
@@ -15,6 +15,7 @@ import (
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/compiler/permutation"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/compiler/specialqueries"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
@@ -72,7 +73,7 @@ func keccakfTestingModule(
|
||||
func TestKeccakf(t *testing.T) {
|
||||
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rng := rand.New(rand.NewSource(0))
|
||||
rng := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
numCases := 15
|
||||
maxNumKeccakf := 5
|
||||
// The -1 is here to prevent the generation of a padding block
|
||||
@@ -83,9 +84,9 @@ func TestKeccakf(t *testing.T) {
|
||||
|
||||
for i := 0; i < numCases; i++ {
|
||||
// Generate a random piece of data
|
||||
dataSize := rng.Intn(maxInputSize + 1)
|
||||
dataSize := rng.IntN(maxInputSize + 1)
|
||||
data := make([]byte, dataSize)
|
||||
rng.Read(data)
|
||||
utils.ReadPseudoRand(rng, data)
|
||||
|
||||
// Generate permutation traces for the data
|
||||
traces := keccak.PermTraces{}
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
package keccakf
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/crypto/keccak"
|
||||
@@ -141,7 +141,7 @@ func TestPiChiIota(t *testing.T) {
|
||||
maxKeccaf := 10
|
||||
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rnd := rand.New(rand.NewSource(0))
|
||||
rnd := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
|
||||
// Every time the prover function is called, the traces will be updated.
|
||||
// Likewise, run will be set by the prover.
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
package keccakf
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/crypto/keccak"
|
||||
@@ -145,7 +145,7 @@ func TestRho(t *testing.T) {
|
||||
maxKeccaf := 10
|
||||
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rnd := rand.New(rand.NewSource(0))
|
||||
rnd := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
|
||||
// Every time the prover function is called, the traces will be updated.
|
||||
// Likewise, run will be set by the prover.
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
package keccakf
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/crypto/keccak"
|
||||
@@ -90,9 +90,9 @@ func testInputProvider(rnd *rand.Rand, maxNumKeccakf int) InputWitnessProvider {
|
||||
|
||||
for len(res.Blocks) < effNumKeccak {
|
||||
// Each hash is for a random string taking at most 3 permutations
|
||||
streamLen := rnd.Intn(3*keccak.Rate-1) + 1
|
||||
streamLen := rnd.IntN(3*keccak.Rate-1) + 1
|
||||
stream := make([]byte, streamLen)
|
||||
rnd.Read(stream)
|
||||
utils.ReadPseudoRand(rnd, stream)
|
||||
|
||||
for i := 0; i < effNumKeccak; i++ {
|
||||
keccak.Hash(stream, &res)
|
||||
@@ -119,7 +119,7 @@ func TestTheta(t *testing.T) {
|
||||
maxKeccaf := 10
|
||||
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rnd := rand.New(rand.NewSource(0))
|
||||
rnd := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
|
||||
// Every time the prover function is called, the traces will be updated.
|
||||
// Likewise, run will be set by the prover.
|
||||
|
||||
@@ -3,7 +3,7 @@
|
||||
package keccakf
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
@@ -15,7 +15,7 @@ func TestU64FromToBase(t *testing.T) {
|
||||
const numCases int = 100
|
||||
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rnd := rand.New(rand.NewSource(0))
|
||||
rnd := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
base1 := field.NewElement(uint64(BaseA))
|
||||
base2 := field.NewElement(uint64(BaseB))
|
||||
|
||||
@@ -61,7 +61,7 @@ func TestBaseDecomposeRecompose(t *testing.T) {
|
||||
const numCases int = 100
|
||||
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rnd := rand.New(rand.NewSource(0))
|
||||
rnd := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
base1 := field.NewElement(uint64(BaseA))
|
||||
base2 := field.NewElement(uint64(BaseB))
|
||||
|
||||
@@ -93,7 +93,7 @@ func TestDecomposeInSlice(t *testing.T) {
|
||||
const numCases int = 100
|
||||
|
||||
// #nosec G404 --we don't need a cryptographic RNG for testing purpose
|
||||
rnd := rand.New(rand.NewSource(0))
|
||||
rnd := rand.New(rand.NewChaCha8([32]byte{}))
|
||||
base1 := field.NewElement(uint64(BaseA))
|
||||
base2 := field.NewElement(uint64(BaseB))
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package packing
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/smartvectors"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/vector"
|
||||
@@ -27,6 +27,7 @@ func table(t *dataTraceImported, numHash, blockSize, size int) [][]byte {
|
||||
limbs = make([][][]byte, numHash)
|
||||
nByte = make([][]int, numHash)
|
||||
isNewHash = make([][]int, numHash)
|
||||
rand = rand.New(utils.NewRandSource(0)) // nolint
|
||||
)
|
||||
|
||||
// build the stream for each hash.
|
||||
@@ -39,17 +40,17 @@ func table(t *dataTraceImported, numHash, blockSize, size int) [][]byte {
|
||||
m := size / (numHash * 15)
|
||||
// number of limbs for the current hash
|
||||
// added +1 to prevent edge-cases
|
||||
nlimb := rand.Intn(m) + 1 //nolint
|
||||
nlimb := rand.IntN(m) + 1 //nolint
|
||||
|
||||
s[i] = 0
|
||||
for j := 0; j < nlimb; j++ {
|
||||
// generate random bytes
|
||||
// choose a random length for the slice
|
||||
length := rand.Intn(MAXNBYTE) + 1 //nolint
|
||||
length := rand.IntN(MAXNBYTE) + 1 //nolint
|
||||
|
||||
// generate random bytes
|
||||
slice := make([]byte, length)
|
||||
_, err := rand.Read(slice) //nolint
|
||||
_, err := utils.ReadPseudoRand(rand, slice)
|
||||
if err != nil {
|
||||
logrus.Fatalf("error while generating random bytes: %s", err)
|
||||
}
|
||||
@@ -77,7 +78,7 @@ func table(t *dataTraceImported, numHash, blockSize, size int) [][]byte {
|
||||
for n > MAXNBYTE {
|
||||
// generate random bytes
|
||||
slice := make([]byte, MAXNBYTE)
|
||||
_, err := rand.Read(slice) //nolint
|
||||
_, err := utils.ReadPseudoRand(rand, slice)
|
||||
if err != nil {
|
||||
logrus.Fatalf("error while generating random bytes: %s", err)
|
||||
}
|
||||
@@ -93,7 +94,7 @@ func table(t *dataTraceImported, numHash, blockSize, size int) [][]byte {
|
||||
}
|
||||
// generate random bytes
|
||||
slice := make([]byte, n)
|
||||
_, err := rand.Read(slice) //nolint
|
||||
_, err := utils.ReadPseudoRand(rand, slice)
|
||||
if err != nil {
|
||||
logrus.Fatalf("error while generating random bytes: %s", err)
|
||||
}
|
||||
|
||||
6
prover/zkevm/prover/modexp/testdata/main.go
vendored
6
prover/zkevm/prover/modexp/testdata/main.go
vendored
@@ -4,7 +4,7 @@ import (
|
||||
"fmt"
|
||||
"io"
|
||||
"math/big"
|
||||
"math/rand"
|
||||
"math/rand/v2"
|
||||
|
||||
"github.com/consensys/gnark/std/math/emulated/emparams"
|
||||
"github.com/consensys/linea-monorepo/prover/backend/files"
|
||||
@@ -29,7 +29,7 @@ var testCases = []struct {
|
||||
|
||||
var (
|
||||
tab = make([][]*big.Int, 5)
|
||||
rng = rand.New(rand.NewSource(87987559))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
inst = createRandomModexp(rng, false)
|
||||
)
|
||||
|
||||
@@ -43,7 +43,7 @@ var testCases = []struct {
|
||||
|
||||
var (
|
||||
tab = make([][]*big.Int, 5)
|
||||
rng = rand.New(rand.NewSource(324480342))
|
||||
rng = rand.New(rand.NewChaCha8([32]byte{}))
|
||||
inst = createRandomModexp(rng, true)
|
||||
)
|
||||
|
||||
|
||||
198
prover/zkevm/prover/statemanager/codehashconsistency/assign.go
Normal file
198
prover/zkevm/prover/statemanager/codehashconsistency/assign.go
Normal file
@@ -0,0 +1,198 @@
|
||||
package codehashconsistency
|
||||
|
||||
import (
|
||||
"slices"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/smartvectors"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/common"
|
||||
)
|
||||
|
||||
// Assign assigns the columns internally defined in `mod` into `run`.
|
||||
func (mod Module) Assign(run *wizard.ProverRuntime) {
|
||||
|
||||
var (
|
||||
ssInput = mod.StateSummaryInput
|
||||
mchInput = mod.MimcCodeHashInput
|
||||
)
|
||||
|
||||
externalSs := struct {
|
||||
IsActive smartvectors.SmartVector
|
||||
IsStorage smartvectors.SmartVector
|
||||
InitMiMC smartvectors.SmartVector
|
||||
InitKeccakLo smartvectors.SmartVector
|
||||
InitKeccakHi smartvectors.SmartVector
|
||||
FinalMiMC smartvectors.SmartVector
|
||||
FinalKeccakLo smartvectors.SmartVector
|
||||
FinalKeccakHi smartvectors.SmartVector
|
||||
}{
|
||||
IsActive: ssInput.IsActive.GetColAssignment(run),
|
||||
IsStorage: ssInput.IsStorage.GetColAssignment(run),
|
||||
InitMiMC: ssInput.Account.Initial.MiMCCodeHash.GetColAssignment(run),
|
||||
InitKeccakHi: ssInput.Account.Initial.KeccakCodeHash.Hi.GetColAssignment(run),
|
||||
InitKeccakLo: ssInput.Account.Initial.KeccakCodeHash.Lo.GetColAssignment(run),
|
||||
FinalMiMC: ssInput.Account.Final.MiMCCodeHash.GetColAssignment(run),
|
||||
FinalKeccakHi: ssInput.Account.Final.KeccakCodeHash.Hi.GetColAssignment(run),
|
||||
FinalKeccakLo: ssInput.Account.Final.KeccakCodeHash.Lo.GetColAssignment(run),
|
||||
}
|
||||
|
||||
externalRom := struct {
|
||||
IsActive smartvectors.SmartVector
|
||||
IsHashEnd smartvectors.SmartVector
|
||||
NewState smartvectors.SmartVector
|
||||
CodeHashHi smartvectors.SmartVector
|
||||
CodeHashLo smartvectors.SmartVector
|
||||
}{
|
||||
IsActive: mchInput.IsActive.GetColAssignment(run),
|
||||
IsHashEnd: mchInput.IsHashEnd.GetColAssignment(run),
|
||||
NewState: mchInput.NewState.GetColAssignment(run),
|
||||
CodeHashHi: mchInput.CodeHashHi.GetColAssignment(run),
|
||||
CodeHashLo: mchInput.CodeHashLo.GetColAssignment(run),
|
||||
}
|
||||
|
||||
var (
|
||||
ssData = make([][3]field.Element, 0, 2*externalSs.InitMiMC.Len())
|
||||
romData = make([][3]field.Element, 0, externalRom.IsHashEnd.Len())
|
||||
)
|
||||
|
||||
for i := 0; i < externalSs.InitMiMC.Len(); i++ {
|
||||
|
||||
if isActive := externalSs.IsActive.Get(i); isActive.IsZero() {
|
||||
break
|
||||
}
|
||||
|
||||
if isStorage := externalSs.IsStorage.Get(i); isStorage.IsOne() {
|
||||
continue
|
||||
}
|
||||
|
||||
ssData = append(ssData,
|
||||
[3]field.Element{
|
||||
externalSs.InitMiMC.Get(i),
|
||||
externalSs.InitKeccakHi.Get(i),
|
||||
externalSs.InitKeccakLo.Get(i),
|
||||
},
|
||||
[3]field.Element{
|
||||
externalSs.FinalMiMC.Get(i),
|
||||
externalSs.FinalKeccakHi.Get(i),
|
||||
externalSs.FinalKeccakLo.Get(i),
|
||||
},
|
||||
)
|
||||
}
|
||||
|
||||
for i := 0; i < externalRom.NewState.Len(); i++ {
|
||||
|
||||
if isActive := externalRom.IsActive.Get(i); isActive.IsZero() {
|
||||
break
|
||||
}
|
||||
|
||||
if isHashEnd := externalRom.IsHashEnd.Get(i); isHashEnd.IsZero() {
|
||||
continue
|
||||
}
|
||||
|
||||
romData = append(romData,
|
||||
[3]field.Element{
|
||||
externalRom.NewState.Get(i),
|
||||
externalRom.CodeHashHi.Get(i),
|
||||
externalRom.CodeHashLo.Get(i),
|
||||
},
|
||||
)
|
||||
}
|
||||
|
||||
cmp := func(a, b [3]field.Element) int {
|
||||
if res := a[1].Cmp(&b[1]); res != 0 {
|
||||
return res
|
||||
}
|
||||
return a[2].Cmp(&b[2])
|
||||
}
|
||||
|
||||
slices.SortFunc(ssData, cmp)
|
||||
slices.SortFunc(romData, cmp)
|
||||
ssData = slices.Compact(ssData)
|
||||
romData = slices.Compact(romData)
|
||||
ssData = slices.Clip(ssData)
|
||||
romData = slices.Clip(romData)
|
||||
|
||||
assignment := struct {
|
||||
IsActive *common.VectorBuilder
|
||||
StateSumKeccak common.HiLoAssignmentBuilder
|
||||
StateSumMiMC *common.VectorBuilder
|
||||
RomKeccak common.HiLoAssignmentBuilder
|
||||
RomMiMC *common.VectorBuilder
|
||||
RomOngoing *common.VectorBuilder
|
||||
StateSumOngoing *common.VectorBuilder
|
||||
}{
|
||||
IsActive: common.NewVectorBuilder(mod.IsActive),
|
||||
StateSumKeccak: common.NewHiLoAssignmentBuilder(mod.StateSumKeccak),
|
||||
RomKeccak: common.NewHiLoAssignmentBuilder(mod.RomKeccak),
|
||||
StateSumMiMC: common.NewVectorBuilder(mod.StateSumMiMC),
|
||||
RomMiMC: common.NewVectorBuilder(mod.RomMiMC),
|
||||
RomOngoing: common.NewVectorBuilder(mod.RomOngoing),
|
||||
StateSumOngoing: common.NewVectorBuilder(mod.StateSumOngoing),
|
||||
}
|
||||
|
||||
var (
|
||||
cRom int = 0
|
||||
cSS int = 0
|
||||
nbRowMax = len(romData) + len(ssData)
|
||||
)
|
||||
|
||||
assign_loop:
|
||||
for i := 0; i < nbRowMax; i++ {
|
||||
|
||||
var (
|
||||
romRow = romData[cRom]
|
||||
ssRow = ssData[cSS]
|
||||
romCmpSs = cmp(romRow, ssRow)
|
||||
)
|
||||
|
||||
assignment.IsActive.PushOne()
|
||||
assignment.RomMiMC.PushField(romRow[0])
|
||||
assignment.RomKeccak.Hi.PushField(romRow[1])
|
||||
assignment.RomKeccak.Lo.PushField(romRow[2])
|
||||
assignment.RomOngoing.PushBoolean(cRom < len(romData)-1)
|
||||
assignment.StateSumMiMC.PushField(ssRow[0])
|
||||
assignment.StateSumKeccak.Hi.PushField(ssRow[1])
|
||||
assignment.StateSumKeccak.Lo.PushField(ssRow[2])
|
||||
assignment.StateSumOngoing.PushBoolean(cSS < len(ssData)-1)
|
||||
|
||||
var (
|
||||
isLastSS = cSS >= len(ssData)-1
|
||||
isLastRom = cRom >= len(romData)-1
|
||||
)
|
||||
|
||||
switch {
|
||||
case isLastSS && isLastRom:
|
||||
break assign_loop
|
||||
case !isLastSS && isLastRom:
|
||||
cSS++
|
||||
case isLastSS && !isLastRom:
|
||||
cRom++
|
||||
case romCmpSs < 0:
|
||||
cRom++
|
||||
case romCmpSs == 0:
|
||||
cRom++
|
||||
cSS++
|
||||
case romCmpSs > 0:
|
||||
cSS++
|
||||
}
|
||||
}
|
||||
|
||||
assignment.IsActive.PadAndAssign(run, field.Zero())
|
||||
assignment.RomMiMC.PadAndAssign(run, field.Zero())
|
||||
assignment.RomKeccak.Hi.PadAndAssign(run, field.Zero())
|
||||
assignment.RomKeccak.Lo.PadAndAssign(run, field.Zero())
|
||||
assignment.RomOngoing.PadAndAssign(run, field.Zero())
|
||||
assignment.StateSumMiMC.PadAndAssign(run, field.Zero())
|
||||
assignment.StateSumKeccak.Hi.PadAndAssign(run, field.Zero())
|
||||
assignment.StateSumKeccak.Lo.PadAndAssign(run, field.Zero())
|
||||
assignment.StateSumOngoing.PadAndAssign(run, field.Zero())
|
||||
|
||||
mod.CptStateSumKeccakLimbsHi.Run(run)
|
||||
mod.CptStateSumKeccakLimbsLo.Run(run)
|
||||
mod.CptRomKeccakLimbsHi.Run(run)
|
||||
mod.CptRomKeccakLimbsLo.Run(run)
|
||||
mod.CmpStateSumLimbs.Run(run)
|
||||
mod.CmpRomLimbs.Run(run)
|
||||
mod.CmpRomVsStateSumLimbs.Run(run)
|
||||
}
|
||||
@@ -0,0 +1,307 @@
|
||||
// codehashconsistency implements the necessary constraints to enforce consistency
|
||||
// between the mimccodehash module and the statesummary module. The constraints
|
||||
// generated in this package essentially aim at ensuring that
|
||||
package codehashconsistency
|
||||
|
||||
import (
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/column"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/dedicated/byte32cmp"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/ifaces"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
sym "github.com/consensys/linea-monorepo/prover/symbolic"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/common"
|
||||
commonconstraints "github.com/consensys/linea-monorepo/prover/zkevm/prover/common/common_constraints"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/mimccodehash"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/statesummary"
|
||||
)
|
||||
|
||||
// Module stores the column expressing the consistency between the
|
||||
// [mimccodehash.Module] (computing the MiMCCodeHash from the code in the ROM
|
||||
// module and exposing the corresponding codehash) and the [statesummary.Module]
|
||||
// (recording the access to the state, thus holding the KeccakCodeHash and the
|
||||
// MiMCCode hash of the registered contracts). The consistency check is achieved
|
||||
// by ensuring that if a Keccak is present in both the MiMCCodeHash and the
|
||||
// StateSummary, then the corresponding KeccakCodeHash must be equal. This
|
||||
// ensures that code exposed in the ROM module is the same as what is in the
|
||||
// state.
|
||||
type Module struct {
|
||||
StateSummaryInput *statesummary.Module
|
||||
MimcCodeHashInput *mimccodehash.Module
|
||||
|
||||
IsActive ifaces.Column
|
||||
StateSumKeccak common.HiLoColumns
|
||||
StateSumMiMC ifaces.Column
|
||||
StateSumOngoing ifaces.Column
|
||||
RomKeccak common.HiLoColumns
|
||||
RomMiMC ifaces.Column
|
||||
RomOngoing ifaces.Column
|
||||
|
||||
StateSumKeccakLimbs byte32cmp.LimbColumns
|
||||
RomKeccakLimbs byte32cmp.LimbColumns
|
||||
|
||||
CptStateSumKeccakLimbsHi wizard.ProverAction
|
||||
CptStateSumKeccakLimbsLo wizard.ProverAction
|
||||
CptRomKeccakLimbsHi wizard.ProverAction
|
||||
CptRomKeccakLimbsLo wizard.ProverAction
|
||||
CmpStateSumLimbs wizard.ProverAction
|
||||
CmpRomLimbs wizard.ProverAction
|
||||
CmpRomVsStateSumLimbs wizard.ProverAction
|
||||
|
||||
StateSumIsGtRom, StateSumIsEqRom, StateSumIsLtRom ifaces.Column
|
||||
StateSumIsConst, StateSumIncreased ifaces.Column
|
||||
RomIsConst, RomIncreased ifaces.Column
|
||||
}
|
||||
|
||||
// NewModule returns a constrained [Module] connecting `ss` with `mch`. `name`
|
||||
// is used as a prefix for the name of all the generated columns and constraints.
|
||||
func NewModule(comp *wizard.CompiledIOP, name string, ss *statesummary.Module, mch *mimccodehash.Module) Module {
|
||||
|
||||
name = name + "_CODEHASH_CONSISTENCY"
|
||||
size := ss.IsActive.Size() + mch.IsActive.Size()
|
||||
|
||||
ch := Module{
|
||||
StateSummaryInput: ss,
|
||||
MimcCodeHashInput: mch,
|
||||
IsActive: comp.InsertCommit(0, ifaces.ColIDf(name+"_IS_ACTIVE"), size),
|
||||
StateSumKeccak: common.NewHiLoColumns(comp, size, name+"_STATE_SUMMARY_KECCAK"),
|
||||
RomKeccak: common.NewHiLoColumns(comp, size, name+"_ROM_KECCAK"),
|
||||
StateSumMiMC: comp.InsertCommit(0, ifaces.ColID(name+"_STATE_SUMMARY_MIMC"), size),
|
||||
RomMiMC: comp.InsertCommit(0, ifaces.ColID(name+"_ROM_MIMC"), size),
|
||||
RomOngoing: comp.InsertCommit(0, ifaces.ColID(name+"_ROM_ONGOING"), size),
|
||||
StateSumOngoing: comp.InsertCommit(0, ifaces.ColID(name+"_STATE_SUM_ONGOING"), size),
|
||||
}
|
||||
|
||||
commonconstraints.MustBeActivationColumns(comp, ch.IsActive)
|
||||
commonconstraints.MustBeActivationColumns(comp, ch.RomOngoing)
|
||||
commonconstraints.MustBeActivationColumns(comp, ch.StateSumOngoing)
|
||||
|
||||
commonconstraints.MustZeroWhenInactive(comp, ch.IsActive,
|
||||
ch.StateSumKeccak.Hi,
|
||||
ch.StateSumKeccak.Lo,
|
||||
ch.StateSumMiMC,
|
||||
ch.StateSumOngoing,
|
||||
ch.RomKeccak.Hi,
|
||||
ch.RomKeccak.Lo,
|
||||
ch.RomMiMC,
|
||||
ch.RomOngoing,
|
||||
)
|
||||
|
||||
var (
|
||||
romDecreased ifaces.Column
|
||||
stateSumDecreased ifaces.Column
|
||||
romLimbsHi, romLimbsLo byte32cmp.LimbColumns
|
||||
stateSumLimbsHi, stateSumLimbsLo byte32cmp.LimbColumns
|
||||
)
|
||||
|
||||
romLimbsHi, ch.CptRomKeccakLimbsHi = byte32cmp.Decompose(comp, ch.RomKeccak.Hi, 8, 16)
|
||||
romLimbsLo, ch.CptRomKeccakLimbsLo = byte32cmp.Decompose(comp, ch.RomKeccak.Lo, 8, 16)
|
||||
stateSumLimbsHi, ch.CptStateSumKeccakLimbsHi = byte32cmp.Decompose(comp, ch.StateSumKeccak.Hi, 8, 16)
|
||||
stateSumLimbsLo, ch.CptStateSumKeccakLimbsLo = byte32cmp.Decompose(comp, ch.StateSumKeccak.Lo, 8, 16)
|
||||
ch.RomKeccakLimbs = byte32cmp.FuseLimbs(romLimbsLo, romLimbsHi)
|
||||
ch.StateSumKeccakLimbs = byte32cmp.FuseLimbs(stateSumLimbsLo, stateSumLimbsHi)
|
||||
|
||||
ch.RomIncreased, ch.RomIsConst, romDecreased, ch.CmpRomLimbs = byte32cmp.CmpMultiLimbs(
|
||||
comp,
|
||||
ch.RomKeccakLimbs,
|
||||
ch.RomKeccakLimbs.Shift(-1),
|
||||
)
|
||||
|
||||
ch.StateSumIncreased, ch.StateSumIsConst, stateSumDecreased, ch.CmpStateSumLimbs = byte32cmp.CmpMultiLimbs(
|
||||
comp,
|
||||
ch.StateSumKeccakLimbs,
|
||||
ch.StateSumKeccakLimbs.Shift(-1),
|
||||
)
|
||||
|
||||
ch.StateSumIsGtRom, ch.StateSumIsEqRom, ch.StateSumIsLtRom, ch.CmpRomVsStateSumLimbs = byte32cmp.CmpMultiLimbs(
|
||||
comp,
|
||||
ch.StateSumKeccakLimbs,
|
||||
ch.RomKeccakLimbs,
|
||||
)
|
||||
|
||||
comp.InsertGlobal(
|
||||
0,
|
||||
ifaces.QueryID(name+"_ROM_IS_SORTED"),
|
||||
sym.Mul(ch.IsActive, romDecreased),
|
||||
)
|
||||
|
||||
comp.InsertGlobal(
|
||||
0,
|
||||
ifaces.QueryID(name+"_STATE_SUMMARY_IS_SORTED"),
|
||||
sym.Mul(ch.IsActive, stateSumDecreased),
|
||||
)
|
||||
|
||||
// This constraint ensures that the state summary cursor. Is correctly
|
||||
// updated. It follows the following rules:
|
||||
//
|
||||
// NB: Since we have sorting constraints. We know that ROM and SS may
|
||||
// only increase or stay constant. Therefore, enforcing the constant
|
||||
//
|
||||
// switch {
|
||||
// case IsActive == 0:
|
||||
// // No constraints applied
|
||||
// case IsSSOngoing == 0:
|
||||
// assert ssMustBeConstant == 1
|
||||
// case ss > rom:
|
||||
// assert ssMustBeConstant == 1
|
||||
// else:
|
||||
// assert ssMustBeConstant == 0
|
||||
// }
|
||||
//
|
||||
// The reciproqual constraint is enforced over the ROM module.
|
||||
comp.InsertGlobal(
|
||||
0,
|
||||
ifaces.QueryID(name+"_STATE_SUM_STAY_SAME"),
|
||||
sym.Mul(
|
||||
ch.IsActive,
|
||||
sym.Sub(
|
||||
column.Shift(ch.StateSumIsConst, 1),
|
||||
sym.Mul(
|
||||
ch.RomOngoing,
|
||||
sym.Add(
|
||||
sym.Sub(1, ch.StateSumOngoing),
|
||||
sym.Mul(
|
||||
ch.StateSumOngoing,
|
||||
ch.StateSumIsGtRom,
|
||||
),
|
||||
),
|
||||
),
|
||||
),
|
||||
),
|
||||
)
|
||||
|
||||
comp.InsertGlobal(
|
||||
0,
|
||||
ifaces.QueryID(name+"_ROM_STAY_SAME"),
|
||||
sym.Mul(
|
||||
ch.IsActive,
|
||||
sym.Sub(
|
||||
ch.RomIsConst,
|
||||
sym.Mul(
|
||||
column.Shift(ch.StateSumOngoing, -1),
|
||||
sym.Add(
|
||||
sym.Sub(1, column.Shift(ch.RomOngoing, -1)),
|
||||
sym.Mul(
|
||||
column.Shift(ch.RomOngoing, -1),
|
||||
column.Shift(ch.StateSumIsLtRom, -1),
|
||||
),
|
||||
),
|
||||
),
|
||||
),
|
||||
),
|
||||
)
|
||||
|
||||
comp.InsertGlobal(
|
||||
0,
|
||||
ifaces.QueryID(name+"_KECCAK_CONSISTENCY_HI"),
|
||||
sym.Mul(
|
||||
ch.StateSumIsEqRom,
|
||||
sym.Sub(ch.RomKeccak.Hi, ch.StateSumKeccak.Hi),
|
||||
),
|
||||
)
|
||||
|
||||
comp.InsertGlobal(
|
||||
0,
|
||||
ifaces.QueryID(name+"_KECCAK_CONSISTENCY_LO"),
|
||||
sym.Mul(
|
||||
ch.StateSumIsEqRom,
|
||||
sym.Sub(ch.RomKeccak.Lo, ch.StateSumKeccak.Lo),
|
||||
),
|
||||
)
|
||||
|
||||
comp.GenericFragmentedConditionalInclusion(
|
||||
0,
|
||||
ifaces.QueryID(name+"_IMPORT_STATE_SUMMARY_BACK"),
|
||||
[][]ifaces.Column{
|
||||
{
|
||||
ss.Account.Initial.MiMCCodeHash,
|
||||
ss.Account.Initial.KeccakCodeHash.Hi,
|
||||
ss.Account.Initial.KeccakCodeHash.Lo,
|
||||
},
|
||||
{
|
||||
ss.Account.Final.MiMCCodeHash,
|
||||
ss.Account.Final.KeccakCodeHash.Hi,
|
||||
ss.Account.Final.KeccakCodeHash.Lo,
|
||||
},
|
||||
},
|
||||
[]ifaces.Column{
|
||||
ch.StateSumMiMC,
|
||||
ch.StateSumKeccak.Hi,
|
||||
ch.StateSumKeccak.Lo,
|
||||
},
|
||||
[]ifaces.Column{
|
||||
ss.IsActive,
|
||||
ss.IsActive,
|
||||
},
|
||||
ch.IsActive,
|
||||
)
|
||||
|
||||
comp.InsertInclusionDoubleConditional(
|
||||
0,
|
||||
ifaces.QueryIDf(name+"_IMPORT_STATE_SUMMARY_FORTH_INITIAL"),
|
||||
[]ifaces.Column{
|
||||
ch.StateSumMiMC,
|
||||
ch.StateSumKeccak.Hi,
|
||||
ch.StateSumKeccak.Lo,
|
||||
},
|
||||
[]ifaces.Column{
|
||||
ss.Account.Initial.MiMCCodeHash,
|
||||
ss.Account.Initial.KeccakCodeHash.Hi,
|
||||
ss.Account.Initial.KeccakCodeHash.Lo,
|
||||
},
|
||||
ch.IsActive,
|
||||
ss.IsActive,
|
||||
)
|
||||
|
||||
comp.InsertInclusionDoubleConditional(
|
||||
0,
|
||||
ifaces.QueryIDf(name+"_IMPORT_STATE_SUMMARY_FORTH_FINAL"),
|
||||
[]ifaces.Column{
|
||||
ch.StateSumMiMC,
|
||||
ch.StateSumKeccak.Hi,
|
||||
ch.StateSumKeccak.Lo,
|
||||
},
|
||||
[]ifaces.Column{
|
||||
ss.Account.Final.MiMCCodeHash,
|
||||
ss.Account.Final.KeccakCodeHash.Hi,
|
||||
ss.Account.Final.KeccakCodeHash.Lo,
|
||||
},
|
||||
ch.IsActive,
|
||||
ss.IsActive,
|
||||
)
|
||||
|
||||
comp.InsertInclusionDoubleConditional(
|
||||
0,
|
||||
ifaces.QueryIDf(name+"_IMPORT_MIMC_CODE_HASH_FORTH"),
|
||||
[]ifaces.Column{
|
||||
ch.RomMiMC,
|
||||
ch.RomKeccak.Hi,
|
||||
ch.RomKeccak.Lo,
|
||||
},
|
||||
[]ifaces.Column{
|
||||
mch.NewState,
|
||||
mch.CodeHashHi,
|
||||
mch.CodeHashLo,
|
||||
},
|
||||
ch.IsActive,
|
||||
mch.IsHashEnd,
|
||||
)
|
||||
|
||||
comp.InsertInclusionDoubleConditional(
|
||||
0,
|
||||
ifaces.QueryIDf(name+"_IMPORT_MIMC_CODE_HASH_BACK"),
|
||||
[]ifaces.Column{
|
||||
mch.NewState,
|
||||
mch.CodeHashHi,
|
||||
mch.CodeHashLo,
|
||||
},
|
||||
[]ifaces.Column{
|
||||
ch.RomMiMC,
|
||||
ch.RomKeccak.Hi,
|
||||
ch.RomKeccak.Lo,
|
||||
},
|
||||
mch.IsHashEnd,
|
||||
ch.IsActive,
|
||||
)
|
||||
|
||||
return ch
|
||||
}
|
||||
@@ -0,0 +1,240 @@
|
||||
package codehashconsistency
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand/v2"
|
||||
"slices"
|
||||
"testing"
|
||||
|
||||
"github.com/consensys/linea-monorepo/prover/backend/files"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/common/smartvectors"
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/compiler/dummy"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/consensys/linea-monorepo/prover/utils/csvtraces"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/common"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/mimccodehash"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/statesummary"
|
||||
)
|
||||
|
||||
func TestConsistency(t *testing.T) {
|
||||
|
||||
var (
|
||||
stateSummary *statesummary.Module
|
||||
mimcCodeHash *mimccodehash.Module
|
||||
consistency Module
|
||||
sizeStateSummary = 128
|
||||
sizeMimcCodeHash = 128
|
||||
)
|
||||
|
||||
define := func(b *wizard.Builder) {
|
||||
|
||||
stateSummary = &statesummary.Module{
|
||||
IsActive: b.InsertCommit(0, "SS_IS_ACTIVE", sizeStateSummary),
|
||||
IsStorage: b.InsertCommit(0, "SS_IS_STORAGE", sizeStateSummary),
|
||||
Account: statesummary.AccountPeek{
|
||||
Initial: statesummary.Account{
|
||||
KeccakCodeHash: common.NewHiLoColumns(b.CompiledIOP, sizeStateSummary, "SS_INITIAL_KECCAK"),
|
||||
MiMCCodeHash: b.InsertCommit(0, "SS_INITIAL_MIMC", sizeStateSummary),
|
||||
},
|
||||
Final: statesummary.Account{
|
||||
KeccakCodeHash: common.NewHiLoColumns(b.CompiledIOP, sizeStateSummary, "SS_FINAL_KECCAK"),
|
||||
MiMCCodeHash: b.InsertCommit(0, "SS_FINAL_MIMC", sizeStateSummary),
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
mimcCodeHash = &mimccodehash.Module{
|
||||
IsActive: b.InsertCommit(0, "MCH_IS_ACTIVE", sizeMimcCodeHash),
|
||||
IsHashEnd: b.InsertCommit(0, "MCH_IS_HASH_END", sizeMimcCodeHash),
|
||||
NewState: b.InsertCommit(0, "MCH_NEW_STATE", sizeMimcCodeHash),
|
||||
CodeHashHi: b.InsertCommit(0, "MCH_KECCAK_HI", sizeMimcCodeHash),
|
||||
CodeHashLo: b.InsertCommit(0, "MCH_KECCAK_LO", sizeMimcCodeHash),
|
||||
}
|
||||
|
||||
consistency = NewModule(b.CompiledIOP, "CONSISTENCY", stateSummary, mimcCodeHash)
|
||||
}
|
||||
|
||||
prover := func(run *wizard.ProverRuntime) {
|
||||
|
||||
mchCt := csvtraces.MustOpenCsvFile("testdata/mimc-codehash.csv")
|
||||
ssCt := csvtraces.MustOpenCsvFile("testdata/state-summary.csv")
|
||||
|
||||
run.AssignColumn(mimcCodeHash.IsActive.GetColID(), smartvectors.RightZeroPadded(mchCt.Get("IS_ACTIVE"), sizeMimcCodeHash))
|
||||
run.AssignColumn(mimcCodeHash.IsHashEnd.GetColID(), smartvectors.RightZeroPadded(mchCt.Get("IS_HASH_END"), sizeMimcCodeHash))
|
||||
run.AssignColumn(mimcCodeHash.NewState.GetColID(), smartvectors.RightZeroPadded(mchCt.Get("NEW_STATE"), sizeMimcCodeHash))
|
||||
run.AssignColumn(mimcCodeHash.CodeHashHi.GetColID(), smartvectors.RightZeroPadded(mchCt.Get("KECCAK_HI"), sizeMimcCodeHash))
|
||||
run.AssignColumn(mimcCodeHash.CodeHashLo.GetColID(), smartvectors.RightZeroPadded(mchCt.Get("KECCAK_LO"), sizeMimcCodeHash))
|
||||
|
||||
run.AssignColumn(stateSummary.IsActive.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("IS_ACTIVE"), sizeStateSummary))
|
||||
run.AssignColumn(stateSummary.IsStorage.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("IS_STORAGE"), sizeStateSummary))
|
||||
run.AssignColumn(stateSummary.Account.Initial.MiMCCodeHash.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("INITIAL_MIMC"), sizeStateSummary))
|
||||
run.AssignColumn(stateSummary.Account.Final.MiMCCodeHash.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("FINAL_MIMC"), sizeStateSummary))
|
||||
run.AssignColumn(stateSummary.Account.Initial.KeccakCodeHash.Hi.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("INITIAL_KECCAK_HI"), sizeStateSummary))
|
||||
run.AssignColumn(stateSummary.Account.Final.KeccakCodeHash.Hi.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("FINAL_KECCAK_HI"), sizeStateSummary))
|
||||
run.AssignColumn(stateSummary.Account.Initial.KeccakCodeHash.Lo.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("INITIAL_KECCAK_LO"), sizeStateSummary))
|
||||
run.AssignColumn(stateSummary.Account.Final.KeccakCodeHash.Lo.GetColID(), smartvectors.RightZeroPadded(ssCt.Get("FINAL_KECCAK_LO"), sizeStateSummary))
|
||||
|
||||
consistency.Assign(run)
|
||||
}
|
||||
|
||||
comp := wizard.Compile(define, dummy.CompileAtProverLvl)
|
||||
_ = wizard.Prove(comp, prover)
|
||||
|
||||
}
|
||||
|
||||
// TestCaseGeneration generates testdata csv and does not test anything per se.
|
||||
// To re-generate the testcases, you need to unskip it.
|
||||
func TestCaseGeneration(t *testing.T) {
|
||||
|
||||
t.Skip()
|
||||
|
||||
var (
|
||||
rng = rand.New(utils.NewRandSource(67569)) // nolint
|
||||
shared = [][3]field.Element{}
|
||||
numSharedRow = 1
|
||||
numStateSummaryRow = 128
|
||||
numCodeHashRow = 128
|
||||
)
|
||||
|
||||
randRow := func() [3]field.Element {
|
||||
row := [3]field.Element{}
|
||||
row[0] = field.PseudoRand(rng)
|
||||
row[1] = field.PseudoRandTruncated(rng, 16)
|
||||
row[2] = field.PseudoRandTruncated(rng, 16)
|
||||
return row
|
||||
}
|
||||
|
||||
for i := 0; i < numSharedRow; i++ {
|
||||
shared = append(shared, randRow())
|
||||
}
|
||||
|
||||
var (
|
||||
ssIsActive = make([]field.Element, 0)
|
||||
ssIsStorage = make([]field.Element, 0)
|
||||
ssInitMimc = make([]field.Element, 0)
|
||||
ssInitKeccakHi = make([]field.Element, 0)
|
||||
ssInitKeccakLo = make([]field.Element, 0)
|
||||
ssFinalMimc = make([]field.Element, 0)
|
||||
ssFinalKeccakHi = make([]field.Element, 0)
|
||||
ssFinalKeccakLo = make([]field.Element, 0)
|
||||
)
|
||||
|
||||
for i := 0; i < numStateSummaryRow; i++ {
|
||||
|
||||
c := rng.IntN(4)
|
||||
|
||||
if i == 0 {
|
||||
c = 0
|
||||
}
|
||||
|
||||
switch {
|
||||
|
||||
default:
|
||||
|
||||
ssIsActive = append(ssIsActive, field.One())
|
||||
ssIsStorage = append(ssIsStorage, field.One())
|
||||
ssInitMimc = append(ssInitMimc, ssInitMimc[i-1])
|
||||
ssInitKeccakHi = append(ssInitKeccakHi, ssInitKeccakHi[i-1])
|
||||
ssInitKeccakLo = append(ssInitKeccakLo, ssInitKeccakLo[i-1])
|
||||
ssFinalMimc = append(ssFinalMimc, ssFinalMimc[i-1])
|
||||
ssFinalKeccakHi = append(ssFinalKeccakHi, ssFinalKeccakHi[i-1])
|
||||
ssFinalKeccakLo = append(ssFinalKeccakLo, ssFinalKeccakLo[i-1])
|
||||
|
||||
case c == 0 || c == 1:
|
||||
|
||||
var newInit, newFinal [3]field.Element
|
||||
|
||||
if c == 0 {
|
||||
newInit = randRow()
|
||||
newFinal = randRow()
|
||||
}
|
||||
|
||||
if c == 1 {
|
||||
fmt.Printf("row %v of state summary is shared\n", i)
|
||||
newInit = randChoose(rng, shared)
|
||||
newFinal = randChoose(rng, shared)
|
||||
}
|
||||
|
||||
ssIsActive = append(ssIsActive, field.One())
|
||||
ssIsStorage = append(ssIsStorage, field.Zero())
|
||||
ssInitMimc = append(ssInitMimc, newInit[0])
|
||||
ssInitKeccakHi = append(ssInitKeccakHi, newInit[1])
|
||||
ssInitKeccakLo = append(ssInitKeccakLo, newInit[2])
|
||||
ssFinalMimc = append(ssFinalMimc, newFinal[0])
|
||||
ssFinalKeccakHi = append(ssFinalKeccakHi, newFinal[1])
|
||||
ssFinalKeccakLo = append(ssFinalKeccakLo, newFinal[2])
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
csvtraces.WriteExplicit(
|
||||
files.MustOverwrite("./testdata/state-summary.csv"),
|
||||
[]string{"IS_ACTIVE", "IS_STORAGE", "INITIAL_MIMC", "INITIAL_KECCAK_HI", "INITIAL_KECCAK_LO", "FINAL_MIMC", "FINAL_KECCAK_HI", "FINAL_KECCAK_LO"},
|
||||
[][]field.Element{ssIsActive, ssIsStorage, ssInitMimc, ssInitKeccakHi, ssInitKeccakLo, ssFinalMimc, ssFinalKeccakHi, ssFinalKeccakLo},
|
||||
false,
|
||||
)
|
||||
|
||||
/*
|
||||
For the codehash module, the rows are generated in reverse order and
|
||||
then reverted.
|
||||
*/
|
||||
|
||||
var (
|
||||
romIsActive = make([]field.Element, 0)
|
||||
romIsHashEnd = make([]field.Element, 0)
|
||||
romNewState = make([]field.Element, 0)
|
||||
romKeccakHi = make([]field.Element, 0)
|
||||
romKeccakLo = make([]field.Element, 0)
|
||||
)
|
||||
|
||||
for i := 0; i < numCodeHashRow; i++ {
|
||||
|
||||
c0 := rng.Int64N(4)
|
||||
|
||||
switch {
|
||||
|
||||
case c0 == 0 || c0 == 1 || i == 0:
|
||||
|
||||
row := randRow()
|
||||
|
||||
if c0 == 0 {
|
||||
fmt.Printf("row %v of rom is shared\n", i)
|
||||
row = randChoose(rng, shared)
|
||||
}
|
||||
|
||||
romIsActive = append(romIsActive, field.One())
|
||||
romIsHashEnd = append(romIsHashEnd, field.One())
|
||||
romNewState = append(romNewState, row[0])
|
||||
romKeccakHi = append(romKeccakHi, row[1])
|
||||
romKeccakLo = append(romKeccakLo, row[2])
|
||||
|
||||
default:
|
||||
|
||||
romIsActive = append(romIsActive, field.One())
|
||||
romIsHashEnd = append(romIsHashEnd, field.Zero())
|
||||
romNewState = append(romNewState, field.PseudoRand(rng))
|
||||
romKeccakHi = append(romKeccakHi, romKeccakHi[i-1])
|
||||
romKeccakLo = append(romKeccakLo, romKeccakLo[i-1])
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
slices.Reverse(romIsActive)
|
||||
slices.Reverse(romIsHashEnd)
|
||||
slices.Reverse(romNewState)
|
||||
slices.Reverse(romKeccakHi)
|
||||
slices.Reverse(romKeccakLo)
|
||||
|
||||
csvtraces.WriteExplicit(
|
||||
files.MustOverwrite("./testdata/mimc-codehash.csv"),
|
||||
[]string{"IS_ACTIVE", "IS_HASH_END", "NEW_STATE", "KECCAK_HI", "KECCAK_LO"},
|
||||
[][]field.Element{romIsActive, romIsHashEnd, romNewState, romKeccakHi, romKeccakLo},
|
||||
false,
|
||||
)
|
||||
}
|
||||
|
||||
func randChoose[T any](rand *rand.Rand, slice []T) T {
|
||||
return slice[rand.IntN(len(slice))]
|
||||
}
|
||||
129
prover/zkevm/prover/statemanager/codehashconsistency/testdata/mimc-codehash.csv
vendored
Normal file
129
prover/zkevm/prover/statemanager/codehashconsistency/testdata/mimc-codehash.csv
vendored
Normal file
@@ -0,0 +1,129 @@
|
||||
IS_ACTIVE,IS_HASH_END,NEW_STATE,KECCAK_HI,KECCAK_LO
|
||||
1,1,0x2832c4ca6424810b7f8962bc82b269b30ba0ef55d7af69bf1b477ab403738c2,0x14aea944ed77b7b1fe8683f5bceacf51,0xd781f7985b442e59127381e5e1c05ade
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x2d349ff43a8c9e143fb581eb8525fae26eb4698c2227dcf0934b4daa8c011c7,0x79714203be4ed636b9108ae8d2374bf0,0x9550a055dc182cc874974f93de508583
|
||||
1,0,0x9cea234e3013dfff332601b7a571d594e2fe104822879fc503287528b9fc229,0x79714203be4ed636b9108ae8d2374bf0,0x9550a055dc182cc874974f93de508583
|
||||
1,1,0x2e84cb4461e289664e59e3d9689d1ab5a64224aee8929d13df4b726a594cfa1,0x79714203be4ed636b9108ae8d2374bf0,0x9550a055dc182cc874974f93de508583
|
||||
1,1,0x83610901e4d6e423b977de6696ae0f49d777231edb2444e9f5fd85e2b8ea60e,0x62024c1946f6ef2cca948fff887bf5e6,0x265d12d57cae301508760a4347fd49e0
|
||||
1,1,0x4ab59828ffb92e9f4f98b451e5e21bc24ef98aa84e0727dd95a9546f8c3d304,0xf254e78911585001cb46af647d7622c8,0x7415588aae25591d2596e6dca43a7ddf
|
||||
1,0,0x95cabdc9867300211ab7dbe40ba6558a34373fc43e3a8afff2aa7edf84d53fd,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x86d360f854e36ef6aa79ecb4d254ecc393b7295b3d8b642abb002067aa35c9,0xff3b4bbf1228d0c66480ca570c0e2836,0xc489dc71db537c73d66b87d03bdbadc8
|
||||
1,1,0x5b3e9eca9a53197f90ddee92b9b14f8f6b910df230d2815a256406d0cdd8cc6,0xff3b4bbf1228d0c66480ca570c0e2836,0xc489dc71db537c73d66b87d03bdbadc8
|
||||
1,1,0xc0fd1538796df9e10ece1c3f56ed3786b2bd0a88b2213cb34e1e2c60940b8a4,0x9c61c6bd7f2a04447c79a8fc9b0c2542,0x8adf86a6f00a42efe3c59de42cb52954
|
||||
1,1,0xb659e67c989e3042f5dcde437847ca8fb3c8d61a3ece108ffa6f30f1d85ce91,0xe979e4e4fa4dcdfe83b9a7e45ff551f5,0x84f1e54c209cf5cee0ecec07201fbef5
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x9f6797210b6ad51600bea6b7c84f6a8edf91528ecc39f2a64e76d1f653d92c4,0x66d12a9ed27c6badbdd47d6f9f694f56,0xa4e060f3be117d1aaddd96ee3cb14b2d
|
||||
1,1,0x8b1bd6f6d708525938bb8a0f7bbe7ef1be37360cb77eb5eac04fa4948bd8878,0x66d12a9ed27c6badbdd47d6f9f694f56,0xa4e060f3be117d1aaddd96ee3cb14b2d
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xeb866994597936bcb901c618e2a33b2dc0124e176405a5d264da72940cc2bb0,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x3a43057017bfbe3358f142dd414030e7c0bfe7565317a69c6883720c28a8f3a,0xd8d36d61114978569cfb0199ee1d7f89,0x79370627678d3ce3d0336b5d09979af2
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xc49ebe8cc964ee24639ff4e52c053e2406265248c2f6e80dc9b094546c21c29,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xdc33289e546f939ce305d269f858d8da8764c5ef76831e2cb256115a65d4223,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x4c5a10ed4d4b1b04e2de461cf74c2b44d8a5f0d3463b1c1d7af87a1ca586f61,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xba751799d1bf7693ed86043ed16cec019bc1b5417f30fb81064347b8627dba9,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x43b9a75a4215934287b0ea6d936e1744d66af5eef2eec8eaa5c66a2b271757f,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xe91925d8b82ef3c5c634087e397067b68b37db97863c1f5f7ac9462fb9a0b7d,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xf855e8e20a4867d003c3ad42629898ad85bc647adc3051ae64da9f3b8f32889,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0xfd076eea08f46488cd6ae79d08e6fefd9d82b2045971a5a52c2b0e5698bb460,0xafe9d65cfc166cfd7bf46af3ff89bbd9,0xa996ba5b978e216f47c131e3da674bfd
|
||||
1,0,0x1e4527158c19df59e9c4c108043e5524dd230d3919e83cc319285064e39a74,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x651f9296bb93ebc637cd3c26379038cd54f07953f233aebddb79e5503fdb356,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xf1446709c16ae1525f9660abd09488d2b47179c36be377a29a90fa99196c35c,0x1855a6982578165d87740597f9b5b35d,0x6d23598e46804cd51ffdd3d0feb3932b
|
||||
1,0,0x12a77a3afbf21a1e416da88d9de3d75626cde62980c668699fd6d4f09351306b,0x1855a6982578165d87740597f9b5b35d,0x6d23598e46804cd51ffdd3d0feb3932b
|
||||
1,1,0x30138b2bae643aaaab03506a166acff657d24dfe95c0a67f9723b2e6ed23767,0x1855a6982578165d87740597f9b5b35d,0x6d23598e46804cd51ffdd3d0feb3932b
|
||||
1,0,0x8d0bca599168c0b59da7079fca9b61ccc5d21b83c99dc82a0bd8092eedb4445,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0xe252ff12f3524c3745525008b71ae2092eba2f4b4bf6d0b8ab3889403d3cd1a,0xda6e402480a0e50b12c65f6cc8031e1d,0xa2c277adb351c991bcf6439af30e4f12
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x71dafcf5ec63b13644306bb71c4ac57d8e470342e9bcd552c326c5a17ceff37,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x58ebd1e380fe9eda18409805958f386cb28cb422bf89af79e0721cbf4f79d5a,0xcfaa71df93a51358961acd94eade8647,0xccaaf1c0ace15f2125c4e5cda0b0d7b8
|
||||
1,0,0xf7744edaa8ace0b289f7e9751e18fafc3913d5a4b06eb4a06c28d6eae237499,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xe1d6cfb1b4787f2d032eb859ecc832bc3d0e3c5aff68652dabbc4571f6ee860,0x52c3503b81f0862b427f462e5826de1d,0x4111819ba5d8cb87a26d03d9b824cd11
|
||||
1,1,0xf5613c070ed5380836be1c4c23564fd5cfe5f8a153b64fd540c7b8a005a85f3,0x52c3503b81f0862b427f462e5826de1d,0x4111819ba5d8cb87a26d03d9b824cd11
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x59dc511f08afcdd19fa81e7cbcdaab89a34ff15e7a8f8361819f091e03f066f,0x608dcc50caf131c863f66fb8803b946e,0x81ecbb30d1d80da792a099ce60d9f23d
|
||||
1,0,0xb8a7c39e258ac5156860e807482ac85380cc92e30bc5d30493337ed7e882085,0xbe9c605d31cc61d1a80abfba34c23f7d,0xe2222969e82cdebfc3606f0cd8fd3210
|
||||
1,0,0x4824ba59ac9dd9ef4ec514375da692dadfff09657152d62fc1e163d02ee8e62,0xbe9c605d31cc61d1a80abfba34c23f7d,0xe2222969e82cdebfc3606f0cd8fd3210
|
||||
1,0,0x12789c7d8d39b691ad989a220caa122bb6ad0cb758c3cfae3ae87f1079173340,0xbe9c605d31cc61d1a80abfba34c23f7d,0xe2222969e82cdebfc3606f0cd8fd3210
|
||||
1,0,0x24a2a8dcb04e3d9ccd7bb9163cf0a8ea48f52e10e40b7577468f50c1fb1d23b,0xbe9c605d31cc61d1a80abfba34c23f7d,0xe2222969e82cdebfc3606f0cd8fd3210
|
||||
1,0,0x594d891d759672cf94399400de941b2aca2f8c12893cb4fd9ce023bc24d5884,0xbe9c605d31cc61d1a80abfba34c23f7d,0xe2222969e82cdebfc3606f0cd8fd3210
|
||||
1,1,0x35d6dd9683da65772f1e94409da6f6d6153fc0149b221ee21c86fd2a62b7907,0xbe9c605d31cc61d1a80abfba34c23f7d,0xe2222969e82cdebfc3606f0cd8fd3210
|
||||
1,0,0xb265295621dfe78b8cd5baf103d03bd525f44a438041dc910724747045839ce,0xd184c3b234abf9c001aa33dc2da38984,0xe9590400e3371e7cc35ce26d137c8655
|
||||
1,1,0x86eb194f9fea4a90bfaf01b0f812f9c26e2ce828be66e212fd5cceed0d63dd3,0xd184c3b234abf9c001aa33dc2da38984,0xe9590400e3371e7cc35ce26d137c8655
|
||||
1,0,0x6b4c61b9fd915922206c893c488f5c773715b8d5f07273afc55d4bf56cd9b56,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x7c1b86150ee642073eb503a5416fc7b7ec037684d4386dc2c01fa823080a3d0,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x30fe890ea08bc033002c91aef5d7cc556a941fbe05be35beda3f2792b76e689,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xae4c7e0fbc1ca6e498e22367231f377539b60418424cd46f59d83b39c56a434,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x12629f3ce50315c2dd153299044e6c74dea3f414bde707d799f4a371786aae3a,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x7dc13a4d0d87827524316d2e28ee9351dc15b86911fa4bf9dbc74ec2d79648a,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x1007f4cd6fddb73047e02851a2fba9a25942480f8945aff4e8f4b0d73c3d8b48,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x8b97314bc36f5c77fa6e8a005116f1c264323ab93c100cfb3a1830c963d4e92,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x1037c9be0c5abfdb9ee38744b7b53864eecc01a04ed41c7b61d69a5f6c20402d,0x2800fbee4994e5e87413b6ac81b9ab33,0x19dd84f1d070a2db6ae6eb2f9eea3ae4
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x61e24f2334904bddfd66fe043b63adb4b2582fbe6acf5ddb84726dfa4b1071f,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x4c236e58bc754d17fb43941b01e5be3b4b52c1af40c8cf29ca9033c989dc9a,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x121ff96f89ed40a36ce111a38ffe904cfcddd7e7337f243541b34ea9aa8f114d,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xdb64780ef5a0c9ed256b6cc259a64e19c842b145a737901953df038123315cd,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xc40360e0769872ad1c2e6fd332de00fd88ee10422f6bf5dd7af31d3189d70e7,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0xd7b1393e1e10f8b6f7ae30e6edf0a29ff16bbf91f4ee62a117b5fc71d3c1762,0x895fd61778a1fb4ecb2eaa07e76b9048,0xfe50740d246929507c4701670384acd2
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xfa51ed33ff85797588f9db0733813388a2c87cf8f354ea7d0537dc39967a94c,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x9add699ee09c7b36455fb469e1f0e84c5df2604f497b47e4fec29fff6c0a908,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x688fa1ce962785323203f46b0bcf99b04ed43c65c4ccedb3887f81ba6acbf0e,0xa25a50884042ccead0659689eb4836d9,0xbf9ff925a22083ed7916037b9da66bee
|
||||
1,1,0x5ab9709a7210e8db93a6ace274ff2760d073ed6102614de4012901dcdd90563,0xa25a50884042ccead0659689eb4836d9,0xbf9ff925a22083ed7916037b9da66bee
|
||||
1,0,0x122aa98ee30bd3e306fe937f893f99185b64cfb07c35e08203ad9a51a1aed0ec,0xbe393e3c4c4bb3b10890a940dae5efe3,0x836c13ad4c6e5581ff3b2ef1fe19f685
|
||||
1,0,0x26dce12d58f59f8464459acfbb4040f5abd91a2b9d329f26524c51697b70058,0xbe393e3c4c4bb3b10890a940dae5efe3,0x836c13ad4c6e5581ff3b2ef1fe19f685
|
||||
1,1,0x124eb7f29335d8149a9e4e71194ffd5d7379191c42956374def956fce3a71833,0xbe393e3c4c4bb3b10890a940dae5efe3,0x836c13ad4c6e5581ff3b2ef1fe19f685
|
||||
1,0,0xf56f0485ab4e4ea657419840b5323b32f7d0d988cffbae8427f7afc13b1d024,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0xe1bb796d962bb290a645cde8ce683bfbfcaa56245aa5223dcc4c31894e098a4,0x12d63513c76806cdb4df3bb326575ccd,0x226178f429eec54cd1e4da4b37fd621b
|
||||
1,1,0xce9b88aa3c262a5295a454260226a95ea0a399b1a1b9b313300214d044d339,0x870492b3dba022a599dd29ca7688cb75,0x25bf2cf3bd683b15631ebbb2babf22cb
|
||||
1,1,0x28ae6bf753e791cba13ec56a48f13d0b11a0af096247bb06a1d0373ce20873,0xe7ed1ae880b7667448c35beeff2723e7,0x76f9e61f4ed0a432f60aa572e4d69903
|
||||
1,1,0x7d4fc138a20dec39e390409e7b0cae755d87ca94374170d10849478986ac60f,0x3024311e834a44d1e2fe9d46a5cc830a,0x766b8d0479e1ea7b8bc29da84082aef8
|
||||
1,0,0x10002fec9e939c164aa8a413624fe966f1eb5f31a68d7a2b0c663519b7662d8d,0x93941c0cab71d164faa91d2e3bb94c38,0xda9848e163c53204dab35252d3b52373
|
||||
1,0,0x10f2d45d2d7f035f8f5a8ac37af77afb43712598b2d598abf83c07b3f3b30d9,0x93941c0cab71d164faa91d2e3bb94c38,0xda9848e163c53204dab35252d3b52373
|
||||
1,0,0x1030809553bbc7c634d10ec575a5fde6c85c180e71802f1b9950327ff0f61a9e,0x93941c0cab71d164faa91d2e3bb94c38,0xda9848e163c53204dab35252d3b52373
|
||||
1,0,0x9deb075d4a655b278c11c69e23c9daa80c7f3c3eef51af9b519d53d01228e0,0x93941c0cab71d164faa91d2e3bb94c38,0xda9848e163c53204dab35252d3b52373
|
||||
1,0,0x4a9fd78a2ba6f48f1a7629320acd8772b3fbdcb8f48febd34434710513a50fa,0x93941c0cab71d164faa91d2e3bb94c38,0xda9848e163c53204dab35252d3b52373
|
||||
1,1,0x598b4ac7f2ccbe02940bd695f1156ac10a0f02add432be8119c98f60ec48c3c,0x93941c0cab71d164faa91d2e3bb94c38,0xda9848e163c53204dab35252d3b52373
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x414094feb06c95dfb5e0a54135627948184ea8a340f01910d873f2439f2a5cb,0x10b75bce54bfe41f2a00a9d265f320a1,0x46c1ded4ac951b6b38af3acde8d790f9
|
||||
1,0,0xfaf6558dced12d5503800ab05da53d90664f8399806d7cba504f45c76871817,0x891c6d0bb61e20dad44e37bc8e85ad8c,0xeff2652d4ebc6743ccd98fbb233eadd2
|
||||
1,1,0x93709de64583017b641980a46d2800db0bedcc92dca3f606160f653d0fb226c,0x891c6d0bb61e20dad44e37bc8e85ad8c,0xeff2652d4ebc6743ccd98fbb233eadd2
|
||||
1,0,0x1146d904e61299dc2def3be6874903c8de1bb2f0a5202d6fefab8ae10245fe4d,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xb4bd12340567230d6fd81f56b05559a67c5d3a3685ec316b4b7482fd8a1d57b,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x83b248f95f4e2ff4b5416e516448fdfd6bb332c9037f11c155f402f402fcaf2,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x21e2c254f6f4524b3d5b715033fcd7b80673f257030c774683d702f73499cb7,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xe91be4276dfcef9c93f11bbd80236d2f9a0f1c1ac59059e71c5ba9b2fa6f1d2,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x8f2e54463630382f8d99954382e04e14cc66c91f2ce2d5ecefd1ed4e3b8e71,0x7d2dd654c588edca159208df14d2026,0x4eca3a942d95b81d30c81254ed3ac29e
|
||||
1,1,0x133afb2a15866f07b49b94ec54890a4a3ed007fbd291c5dbc3b67d3d6f29e9c,0xb5e69ec4b627b34b6937443ae4d900b,0x6ee7ec06d37c2c28de50e3c98402ba08
|
||||
1,0,0x69502ff78daf1e979011b944d272eb7abf23743dc46786dbf7c455de3a52c28,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x12914cc25732698a08ef4ff1740332aa05812a190765c8ab783e4a1c86e9a7a7,0xaf13f09c633136ebdf27cb5dab11db05,0xc7fe7e16f4e5a51d079a248d3cd2df0e
|
||||
|
129
prover/zkevm/prover/statemanager/codehashconsistency/testdata/state-summary.csv
vendored
Normal file
129
prover/zkevm/prover/statemanager/codehashconsistency/testdata/state-summary.csv
vendored
Normal file
@@ -0,0 +1,129 @@
|
||||
IS_ACTIVE,IS_STORAGE,INITIAL_MIMC,INITIAL_KECCAK_HI,INITIAL_KECCAK_LO,FINAL_MIMC,FINAL_KECCAK_HI,FINAL_KECCAK_LO
|
||||
1,0,0xf35f15cf8427806f2171633219038109a5f43284b97203f6c20e732726ec472,0xf67d4416da001d26653dd55376e67fee,0xe2ce9b5328ce33d0182d1c75c8fc25a3,0x2db71270903377ab92fc264fb9dc5b99e1fe19ba86ac18e4a46a0c0a5a9c4c3,0x5495f91c99165c6995f8ffe1451683f7,0x372bb525661a23dc742314241b4655eb
|
||||
1,0,0x11a963f7c703bf098a29118e4d106429943393dd7a484487ba81dd928e314bd1,0x40e87503291ddfc9b2f71747668dc2b8,0xb476de901cb5ad656dbde606e9e7f28f,0x5d6f176a0bbd09237f1bda1639f17e936ba71ab877dd92ed53182dd0e0b74c0,0x3a43fa28fed192571758c03fb025ff34,0xcb2ac05bcdf8762915f005b05b7c84d7
|
||||
1,1,0x11a963f7c703bf098a29118e4d106429943393dd7a484487ba81dd928e314bd1,0x40e87503291ddfc9b2f71747668dc2b8,0xb476de901cb5ad656dbde606e9e7f28f,0x5d6f176a0bbd09237f1bda1639f17e936ba71ab877dd92ed53182dd0e0b74c0,0x3a43fa28fed192571758c03fb025ff34,0xcb2ac05bcdf8762915f005b05b7c84d7
|
||||
1,1,0x11a963f7c703bf098a29118e4d106429943393dd7a484487ba81dd928e314bd1,0x40e87503291ddfc9b2f71747668dc2b8,0xb476de901cb5ad656dbde606e9e7f28f,0x5d6f176a0bbd09237f1bda1639f17e936ba71ab877dd92ed53182dd0e0b74c0,0x3a43fa28fed192571758c03fb025ff34,0xcb2ac05bcdf8762915f005b05b7c84d7
|
||||
1,1,0x11a963f7c703bf098a29118e4d106429943393dd7a484487ba81dd928e314bd1,0x40e87503291ddfc9b2f71747668dc2b8,0xb476de901cb5ad656dbde606e9e7f28f,0x5d6f176a0bbd09237f1bda1639f17e936ba71ab877dd92ed53182dd0e0b74c0,0x3a43fa28fed192571758c03fb025ff34,0xcb2ac05bcdf8762915f005b05b7c84d7
|
||||
1,0,0x1d9d872e460e7c37df10661add2d6dbcc7a0db609ea345c9fe4fb679918ee6c,0x54df737ac005b708c1f320f8348b57c4,0x4f76a3e23b164eb958d985d00c464fce,0x104ccc9396a119a0bbe6c11033863e8c17819aaa4735190e2dcb4031fe748d8c,0x5e414bac8de6484b16c268906d21bfe6,0x64075d8db57307612ce42d52e4e13c74
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xc9ff2cb2ef8742d36f339e7034bda0c15daeefcb805548d9d9ce25aa2ffd4ef,0x7886f8ca4e034b7332123cee9d1777ea,0x566fa42788136176f7ae63016b12e2d8,0x1196860c768f1938d1da9c555b43352712bb4ddda46a4c840bfed2900341e55d,0x5c8257ad42351127abeb7228d64739bb,0x5b60fc5da377a2e2305d9d59b4cb8bb1
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xa0a821a3015df739289796a6dd9292052601bd4ded9d610329b60761d5153d,0x5eaccff3dd532e06b282e833ef119894,0xf6a3655bcb792dbc7acd191b76a8eb51,0xac2042d01900e17f4a2d1a25146b4442d4aaab042d81688369f14476e6923a8,0x8dd5dd3ac2363989d6e8567a4614ae5e,0x11a2f1dba2c693f34d45bc5ccd772a68
|
||||
1,0,0xfece0dc962f980f98a40191def18ed12f5dae99402b8aac05e233ab908863e2,0x8e99ef8b7a659d365cd2e719e538ffa7,0xf69a644e48c8cba797b25bb44188f288,0x35ac282e8a94049f433423418ae6351d914d7a75b012ae5b9ec67df4c9406fc,0xf92a4e441a309d3510bfc5d4eb306186,0x1693b964f6e528063804cc04422dc3df
|
||||
1,1,0xfece0dc962f980f98a40191def18ed12f5dae99402b8aac05e233ab908863e2,0x8e99ef8b7a659d365cd2e719e538ffa7,0xf69a644e48c8cba797b25bb44188f288,0x35ac282e8a94049f433423418ae6351d914d7a75b012ae5b9ec67df4c9406fc,0xf92a4e441a309d3510bfc5d4eb306186,0x1693b964f6e528063804cc04422dc3df
|
||||
1,0,0x119419c6075b4599366943f66ecfc8c0815d244ff6cf3e9c6116b39f7ec1a953,0x4225a554197ee72cc6bd8e093bb53d16,0xae97f0821c43cf8718bb82c5f674e7a,0xa8765f64bdb87e1ad5f03d3d7f3b01cdc6636df1bc2a69461c7fdc9e2045df,0xfd6875223bcb0ea15b6d0c35a6725347,0x59a83d5e3e0f5ebdec57a05e2ea6e740
|
||||
1,1,0x119419c6075b4599366943f66ecfc8c0815d244ff6cf3e9c6116b39f7ec1a953,0x4225a554197ee72cc6bd8e093bb53d16,0xae97f0821c43cf8718bb82c5f674e7a,0xa8765f64bdb87e1ad5f03d3d7f3b01cdc6636df1bc2a69461c7fdc9e2045df,0xfd6875223bcb0ea15b6d0c35a6725347,0x59a83d5e3e0f5ebdec57a05e2ea6e740
|
||||
1,1,0x119419c6075b4599366943f66ecfc8c0815d244ff6cf3e9c6116b39f7ec1a953,0x4225a554197ee72cc6bd8e093bb53d16,0xae97f0821c43cf8718bb82c5f674e7a,0xa8765f64bdb87e1ad5f03d3d7f3b01cdc6636df1bc2a69461c7fdc9e2045df,0xfd6875223bcb0ea15b6d0c35a6725347,0x59a83d5e3e0f5ebdec57a05e2ea6e740
|
||||
1,1,0x119419c6075b4599366943f66ecfc8c0815d244ff6cf3e9c6116b39f7ec1a953,0x4225a554197ee72cc6bd8e093bb53d16,0xae97f0821c43cf8718bb82c5f674e7a,0xa8765f64bdb87e1ad5f03d3d7f3b01cdc6636df1bc2a69461c7fdc9e2045df,0xfd6875223bcb0ea15b6d0c35a6725347,0x59a83d5e3e0f5ebdec57a05e2ea6e740
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x389b7c5e99d95d5bc81560caeab92f2871ab9357d4b75d8086ee85d25d13c61,0xa7fe20bbd3d3d8bf38bbba8bb767ddbc,0x69fa5906065ce2221ec867b3a8feaa20,0x48753db4c02bc3d7276488a335047033452c4e157bc7947337c1bdef49dbe29,0xde70496580bb8d949ceaa1eb86bb1b9b,0x90d49841377cb7e56ee771f68678299d
|
||||
1,0,0xd63f76d025aad66c2e4637ffee81facc45d14a98494c0a876039297c0a8fb92,0x7b48e49951fb6ad5611a60f42eff4088,0xf5bb6cf530e7f1c44ea0044a9e12fa59,0x10b6c895212308d986f73f5987c6ac81b1c002afdfe374958fb5a84162baca5d,0xffb53b21b460953150751c841b3644ef,0x613d1ac523717f3b11bc6c3f837ce54b
|
||||
1,0,0x10296e8da0aec25fee074b440964b2a1094056a0f31ba142e30089882155760e,0x95831128725c2b8e58eb85bb882d67e9,0x74a7d2db75ce50157cc057c2373581d7,0x22f2e52458e2f998998cf74206fe267cd3e79efefefcd17994285cee84e5a50,0x8902fc6c126f2045ce6c52618b5051bf,0xb2668ae6fd2462a8d96f71e51e8d164e
|
||||
1,0,0x10d8562b94171f2dc124d4f5f9e83bf59ae831889792a12ec64e526a60c0971f,0x68028375c1cc6f4760037a584069cdd6,0x184890773df97552959f05c995c318c5,0x6d30229fd84d07298c7286d5600102d9627652db2667b04835f4d93586203dd,0xb782c18785d08f2d49739dd829ecc8ff,0x5915e72b790cf4cc918d315d4825139b
|
||||
1,1,0x10d8562b94171f2dc124d4f5f9e83bf59ae831889792a12ec64e526a60c0971f,0x68028375c1cc6f4760037a584069cdd6,0x184890773df97552959f05c995c318c5,0x6d30229fd84d07298c7286d5600102d9627652db2667b04835f4d93586203dd,0xb782c18785d08f2d49739dd829ecc8ff,0x5915e72b790cf4cc918d315d4825139b
|
||||
1,0,0xae81ebef405850eecf8717d7faea3dbd6a37d35d063d0367064880086a7a300,0x20c80df7e34096a6c0d73232df167e1a,0x32820e71aa1363f92a402f075777a37b,0xcbf0ece3106425fa5b6ee414fcc0b36e25957de00b49112e2d613105c248d55,0x7cbf1978c6635b53ef61e85fc4a88414,0x9231fa09e75f1b16b23225161bd15fe9
|
||||
1,1,0xae81ebef405850eecf8717d7faea3dbd6a37d35d063d0367064880086a7a300,0x20c80df7e34096a6c0d73232df167e1a,0x32820e71aa1363f92a402f075777a37b,0xcbf0ece3106425fa5b6ee414fcc0b36e25957de00b49112e2d613105c248d55,0x7cbf1978c6635b53ef61e85fc4a88414,0x9231fa09e75f1b16b23225161bd15fe9
|
||||
1,1,0xae81ebef405850eecf8717d7faea3dbd6a37d35d063d0367064880086a7a300,0x20c80df7e34096a6c0d73232df167e1a,0x32820e71aa1363f92a402f075777a37b,0xcbf0ece3106425fa5b6ee414fcc0b36e25957de00b49112e2d613105c248d55,0x7cbf1978c6635b53ef61e85fc4a88414,0x9231fa09e75f1b16b23225161bd15fe9
|
||||
1,0,0xf3379db7f2f8d74284712d99bf6b643a1e66f6d7e524384981550cf41ea2bbb,0x1e9b3ea8bae6461f76bc37f85c6f132e,0x17892407267738f48a0ae6c9e0999b95,0xc100a2fdcc4ec6657590effb1548813ff5e05d554623e9f1852e275d3f3bfc,0x99f65bee59ffa8f01819f6f7e7ca86a3,0x56d14a8af29b2e5517ef2158285dc744
|
||||
1,1,0xf3379db7f2f8d74284712d99bf6b643a1e66f6d7e524384981550cf41ea2bbb,0x1e9b3ea8bae6461f76bc37f85c6f132e,0x17892407267738f48a0ae6c9e0999b95,0xc100a2fdcc4ec6657590effb1548813ff5e05d554623e9f1852e275d3f3bfc,0x99f65bee59ffa8f01819f6f7e7ca86a3,0x56d14a8af29b2e5517ef2158285dc744
|
||||
1,1,0xf3379db7f2f8d74284712d99bf6b643a1e66f6d7e524384981550cf41ea2bbb,0x1e9b3ea8bae6461f76bc37f85c6f132e,0x17892407267738f48a0ae6c9e0999b95,0xc100a2fdcc4ec6657590effb1548813ff5e05d554623e9f1852e275d3f3bfc,0x99f65bee59ffa8f01819f6f7e7ca86a3,0x56d14a8af29b2e5517ef2158285dc744
|
||||
1,1,0xf3379db7f2f8d74284712d99bf6b643a1e66f6d7e524384981550cf41ea2bbb,0x1e9b3ea8bae6461f76bc37f85c6f132e,0x17892407267738f48a0ae6c9e0999b95,0xc100a2fdcc4ec6657590effb1548813ff5e05d554623e9f1852e275d3f3bfc,0x99f65bee59ffa8f01819f6f7e7ca86a3,0x56d14a8af29b2e5517ef2158285dc744
|
||||
1,1,0xf3379db7f2f8d74284712d99bf6b643a1e66f6d7e524384981550cf41ea2bbb,0x1e9b3ea8bae6461f76bc37f85c6f132e,0x17892407267738f48a0ae6c9e0999b95,0xc100a2fdcc4ec6657590effb1548813ff5e05d554623e9f1852e275d3f3bfc,0x99f65bee59ffa8f01819f6f7e7ca86a3,0x56d14a8af29b2e5517ef2158285dc744
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xeba5a7f494bb2b134d0909f243adac86042f21fe7f5137180a52a331ccd14e3,0x3868c49f634d7e9e9848d1051ee638ca,0xeaf936be0f8de68b2df4389a6afa26ba,0x1f5ea3f47bf1bbc6ccd74fd280c92dc7148a823c104358e5a45e421baf4636f,0xda1ec13c405e5051bbb067d8abec1ed6,0xfa36e89d0255e89fc077770733552310
|
||||
1,1,0xeba5a7f494bb2b134d0909f243adac86042f21fe7f5137180a52a331ccd14e3,0x3868c49f634d7e9e9848d1051ee638ca,0xeaf936be0f8de68b2df4389a6afa26ba,0x1f5ea3f47bf1bbc6ccd74fd280c92dc7148a823c104358e5a45e421baf4636f,0xda1ec13c405e5051bbb067d8abec1ed6,0xfa36e89d0255e89fc077770733552310
|
||||
1,1,0xeba5a7f494bb2b134d0909f243adac86042f21fe7f5137180a52a331ccd14e3,0x3868c49f634d7e9e9848d1051ee638ca,0xeaf936be0f8de68b2df4389a6afa26ba,0x1f5ea3f47bf1bbc6ccd74fd280c92dc7148a823c104358e5a45e421baf4636f,0xda1ec13c405e5051bbb067d8abec1ed6,0xfa36e89d0255e89fc077770733552310
|
||||
1,1,0xeba5a7f494bb2b134d0909f243adac86042f21fe7f5137180a52a331ccd14e3,0x3868c49f634d7e9e9848d1051ee638ca,0xeaf936be0f8de68b2df4389a6afa26ba,0x1f5ea3f47bf1bbc6ccd74fd280c92dc7148a823c104358e5a45e421baf4636f,0xda1ec13c405e5051bbb067d8abec1ed6,0xfa36e89d0255e89fc077770733552310
|
||||
1,1,0xeba5a7f494bb2b134d0909f243adac86042f21fe7f5137180a52a331ccd14e3,0x3868c49f634d7e9e9848d1051ee638ca,0xeaf936be0f8de68b2df4389a6afa26ba,0x1f5ea3f47bf1bbc6ccd74fd280c92dc7148a823c104358e5a45e421baf4636f,0xda1ec13c405e5051bbb067d8abec1ed6,0xfa36e89d0255e89fc077770733552310
|
||||
1,1,0xeba5a7f494bb2b134d0909f243adac86042f21fe7f5137180a52a331ccd14e3,0x3868c49f634d7e9e9848d1051ee638ca,0xeaf936be0f8de68b2df4389a6afa26ba,0x1f5ea3f47bf1bbc6ccd74fd280c92dc7148a823c104358e5a45e421baf4636f,0xda1ec13c405e5051bbb067d8abec1ed6,0xfa36e89d0255e89fc077770733552310
|
||||
1,0,0x9497ed240a9c6e514c4dbd8e8164567504ace21dc6eb2b9f5f1ae2d5c1b0f22,0x2c20de668dcf93f6fd69f831358e3571,0x70f3d9a00b479d23014c16a17d3766de,0x26a96dc9d5dcab27131cea3781d9da59c033eee779c5ddae1714eb0dd4e5865,0x61e187a78b8461acc9e5af545bcb8852,0x59522414883bb2377e76680454c8acc3
|
||||
1,1,0x9497ed240a9c6e514c4dbd8e8164567504ace21dc6eb2b9f5f1ae2d5c1b0f22,0x2c20de668dcf93f6fd69f831358e3571,0x70f3d9a00b479d23014c16a17d3766de,0x26a96dc9d5dcab27131cea3781d9da59c033eee779c5ddae1714eb0dd4e5865,0x61e187a78b8461acc9e5af545bcb8852,0x59522414883bb2377e76680454c8acc3
|
||||
1,0,0x11dda97ffc1f7983ee52f7151c9303949b96de1c3ab8ba4d516122654e224647,0x68c466a3d0174b37b01a580a93d87fb2,0xe7d224676a2dffbbdd7f0e1e45cff7d5,0x40438172179d1952eb1ad99de5fe2c3763d17745b06a25793a9074380998114,0xb9117278fdeabb73206750b1996195ef,0x59dd2585b0b99f49609523ca09ce2f5e
|
||||
1,0,0xf7fd0ff4d444bccb25eadb72ef91461ed68c8b0532be9040027b66fe9aeffcc,0xc4b793be5461375947575c0e7597b3fb,0xa165463eedd4dfaeeea186bc18ff03fd,0xb274c198dc60bd5a0c51ebc7e31cb8e06268dd2c3bdd7ca102c9224be74a733,0x6f6ee35f78e9136da33fc53515fb6aa,0x5c70b7e2444c5494b2cc6b29acf386ac
|
||||
1,1,0xf7fd0ff4d444bccb25eadb72ef91461ed68c8b0532be9040027b66fe9aeffcc,0xc4b793be5461375947575c0e7597b3fb,0xa165463eedd4dfaeeea186bc18ff03fd,0xb274c198dc60bd5a0c51ebc7e31cb8e06268dd2c3bdd7ca102c9224be74a733,0x6f6ee35f78e9136da33fc53515fb6aa,0x5c70b7e2444c5494b2cc6b29acf386ac
|
||||
1,1,0xf7fd0ff4d444bccb25eadb72ef91461ed68c8b0532be9040027b66fe9aeffcc,0xc4b793be5461375947575c0e7597b3fb,0xa165463eedd4dfaeeea186bc18ff03fd,0xb274c198dc60bd5a0c51ebc7e31cb8e06268dd2c3bdd7ca102c9224be74a733,0x6f6ee35f78e9136da33fc53515fb6aa,0x5c70b7e2444c5494b2cc6b29acf386ac
|
||||
1,1,0xf7fd0ff4d444bccb25eadb72ef91461ed68c8b0532be9040027b66fe9aeffcc,0xc4b793be5461375947575c0e7597b3fb,0xa165463eedd4dfaeeea186bc18ff03fd,0xb274c198dc60bd5a0c51ebc7e31cb8e06268dd2c3bdd7ca102c9224be74a733,0x6f6ee35f78e9136da33fc53515fb6aa,0x5c70b7e2444c5494b2cc6b29acf386ac
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xeb96584feee735187fdfe6dca08405d0d5a5bcfd4e2be9da5dcae918289df88,0x67d154ee86baa855d8e1411e1b3a67e6,0xb736d099be0a74bbca098273ccdb94d0,0xda7a44e1ba86663370ef02b5e2a881e2888a05d4576b90fa6ff90fa50f9f2a4,0x1b4ac2371564eb5947b11bbcfa5365ec,0x2b2270e5bc144097708c79ade1db19b4
|
||||
1,0,0xf4d62210aacfc47e33ac92588c56b322f90a4799062ebe005f52ef53fc4895b,0xb8eb745804c277dc8191729edd21776b,0x34ff0cf91f5d648aab5bf04b0f188710,0x88251783290549e6a3699c01b7d32219645207463a3b039f70a47082dd670a1,0x6fc458a5fd0fd081b8a92d855b77df3d,0x1d4b7830391d7dbe32365b83723891eb
|
||||
1,1,0xf4d62210aacfc47e33ac92588c56b322f90a4799062ebe005f52ef53fc4895b,0xb8eb745804c277dc8191729edd21776b,0x34ff0cf91f5d648aab5bf04b0f188710,0x88251783290549e6a3699c01b7d32219645207463a3b039f70a47082dd670a1,0x6fc458a5fd0fd081b8a92d855b77df3d,0x1d4b7830391d7dbe32365b83723891eb
|
||||
1,0,0x71443b42281d3358b22b9351b1fa56fc127b292f6dbdb913abb347ca497b28e,0x996677f0735322cf140c1981e51b67c7,0xefad2dffd7c676bdfb330b3a7e81f4f8,0xbfd86dee7d8d5a4eadf820d382b714f9b44d7f803b837f366cab8a984c40843,0xab60ad87028de4629952162c92cbe4b0,0xbae39935070b91b395c012c10e89e4ce
|
||||
1,1,0x71443b42281d3358b22b9351b1fa56fc127b292f6dbdb913abb347ca497b28e,0x996677f0735322cf140c1981e51b67c7,0xefad2dffd7c676bdfb330b3a7e81f4f8,0xbfd86dee7d8d5a4eadf820d382b714f9b44d7f803b837f366cab8a984c40843,0xab60ad87028de4629952162c92cbe4b0,0xbae39935070b91b395c012c10e89e4ce
|
||||
1,1,0x71443b42281d3358b22b9351b1fa56fc127b292f6dbdb913abb347ca497b28e,0x996677f0735322cf140c1981e51b67c7,0xefad2dffd7c676bdfb330b3a7e81f4f8,0xbfd86dee7d8d5a4eadf820d382b714f9b44d7f803b837f366cab8a984c40843,0xab60ad87028de4629952162c92cbe4b0,0xbae39935070b91b395c012c10e89e4ce
|
||||
1,0,0xb06d8370b09f3ff606cbb032910e052a6e4c26e10c17d1fb4b9359cd7fbe24f,0x97f5fcd4008138508bf9038464cd9c99,0x408c6dd51203a28c0c6bd70a92b9cdeb,0x399d9f32081d01c83dddff43f46ba0b25e0686d3d81e219f37bdfc88de99c4c,0x176d53e8613d4f918eed1da5daf1ae3c,0xc22b82581a5c4dc3eb803bcfede92b4c
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xe65b3f3cb539f3ca72c26a5596475fbbbe8d6f582711383643a23220127d24d,0xaaf4faa1ae7c5ebf57efe71bcfb60e4f,0x4bdf2d4302bd5ab2ee330e6dfdae2ba0,0x67dee9731332c7fb1d32ef8009f8451b90acff8ca4e0a70950c1f6887cb115e,0x10f15d0c2d8e18c83cf98c35286a904,0x3b0702c068c3dce99a14dbf35878fa56
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x7f7975790e2cb0878d7eb8254173635b9cae59655d237539a1c9974a0581379,0x253528e4920284996a8925cefeeb0e6a,0x458606fd053a274064093569604f8e6e,0x27fe459b2bd85ef08ba7284be6a1b4fa9b4a545e59d261287ac028e35f6e82b,0x893a596ec6b203bf83584d8f2f4f02be,0xad76cab1a21ca92e17dd2ae037626842
|
||||
1,1,0x7f7975790e2cb0878d7eb8254173635b9cae59655d237539a1c9974a0581379,0x253528e4920284996a8925cefeeb0e6a,0x458606fd053a274064093569604f8e6e,0x27fe459b2bd85ef08ba7284be6a1b4fa9b4a545e59d261287ac028e35f6e82b,0x893a596ec6b203bf83584d8f2f4f02be,0xad76cab1a21ca92e17dd2ae037626842
|
||||
1,1,0x7f7975790e2cb0878d7eb8254173635b9cae59655d237539a1c9974a0581379,0x253528e4920284996a8925cefeeb0e6a,0x458606fd053a274064093569604f8e6e,0x27fe459b2bd85ef08ba7284be6a1b4fa9b4a545e59d261287ac028e35f6e82b,0x893a596ec6b203bf83584d8f2f4f02be,0xad76cab1a21ca92e17dd2ae037626842
|
||||
1,0,0xd99a7da9e56fb98b4ea6eed3c97850cb421c0c9677b1ea3b63e0c01c4b483ce,0x34fa32e467be6484e68a4161ac4c5e4a,0x2719eea179e0b75a5d46f518e9351695,0xaf8e105eaad4d16fca08d01c00fd61aaf123407d64915027112b3c60cfd8831,0x93e25146b19d25035c45442b7f816564,0xfdd7f4f78ecf1751db322e4f433ebddb
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x5bea17a563b11a2269eb0f03ad5640c66575c8bae12198b49231d8f31ecd0b2,0x1ff3ae2c5fc2d6ad2ff3dc351037ac48,0xf3554d4be537e7149f0270673d57603e,0x26837f96bf42dfb9a3d712aec8a78efede1c2338dc39b0242de37fea474921b,0x4e9372bf2252d05c0db52ea436e3041c,0x5a713dec54f94b5f7dc61cdb72b1d4e4
|
||||
1,0,0xa1cc247b921723ca53a59d813f2adb7ca47f8eff00ba49e55550e1f1e544241,0x213aecda3ce19fb0b492f2d261020584,0x1ac635fdda33542e83a1fe01fd6b31d0,0xa3c2340721f49260c1bfe6f137f4b47931e5e10a3783b38d6217452c5e3631b,0x6e9d2bbb52f7afa4b0f564fd8caab588,0x221b66157dade849dedb61e4320e84aa
|
||||
1,1,0xa1cc247b921723ca53a59d813f2adb7ca47f8eff00ba49e55550e1f1e544241,0x213aecda3ce19fb0b492f2d261020584,0x1ac635fdda33542e83a1fe01fd6b31d0,0xa3c2340721f49260c1bfe6f137f4b47931e5e10a3783b38d6217452c5e3631b,0x6e9d2bbb52f7afa4b0f564fd8caab588,0x221b66157dade849dedb61e4320e84aa
|
||||
1,0,0x796ae7f0e7768674a2636592ea0bca75714cb4d4c3f7136485959f676f7c5e7,0xec791d783bdfbfba883e15d0ee0dfda4,0x6e075d26559c95292b391dcd90bacae2,0xacd579a3134ccf1d08f14c0e5d4de343266be87db4912debc405af578b7dcee,0xcccb598ed1a6a22627830dabe31ad2d9,0x98c4bf81d0af2bd0bd53664239dc195a
|
||||
1,0,0x116239c90f29dea8eb2eb35ce5d58473547a3a9ed792e4d6290f835d6bb5784,0x822d955a6ed1f14ba562bd305aa42637,0x9f9958424fbb5350bf6f30b0613b2bfb,0x17b347f7033c75fd492236e39d09e5cc2c69efdae6769eb9f79f33b1bb115fb,0x87cbb16677016c9697796469e2147c37,0xbffa57a3216752a0ee51fa1db31f57c7
|
||||
1,1,0x116239c90f29dea8eb2eb35ce5d58473547a3a9ed792e4d6290f835d6bb5784,0x822d955a6ed1f14ba562bd305aa42637,0x9f9958424fbb5350bf6f30b0613b2bfb,0x17b347f7033c75fd492236e39d09e5cc2c69efdae6769eb9f79f33b1bb115fb,0x87cbb16677016c9697796469e2147c37,0xbffa57a3216752a0ee51fa1db31f57c7
|
||||
1,1,0x116239c90f29dea8eb2eb35ce5d58473547a3a9ed792e4d6290f835d6bb5784,0x822d955a6ed1f14ba562bd305aa42637,0x9f9958424fbb5350bf6f30b0613b2bfb,0x17b347f7033c75fd492236e39d09e5cc2c69efdae6769eb9f79f33b1bb115fb,0x87cbb16677016c9697796469e2147c37,0xbffa57a3216752a0ee51fa1db31f57c7
|
||||
1,1,0x116239c90f29dea8eb2eb35ce5d58473547a3a9ed792e4d6290f835d6bb5784,0x822d955a6ed1f14ba562bd305aa42637,0x9f9958424fbb5350bf6f30b0613b2bfb,0x17b347f7033c75fd492236e39d09e5cc2c69efdae6769eb9f79f33b1bb115fb,0x87cbb16677016c9697796469e2147c37,0xbffa57a3216752a0ee51fa1db31f57c7
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xd1d5e6d96a0e33007d3daebfa972d03b7bb67b8a4fba812376fafd30b814704,0x367de3aa93d6405aa1979452414d0cdc,0x6bf078a86cb81f1183a28736513743d,0x9cd2fb59f7dad863b6b37a8c3c9528f06ec271a54c93a71092721eec697ac27,0xbfe496d60e90db539af391782c0670fe,0xa4f0d1cab3eec2f400490037c5ba0169
|
||||
1,1,0xd1d5e6d96a0e33007d3daebfa972d03b7bb67b8a4fba812376fafd30b814704,0x367de3aa93d6405aa1979452414d0cdc,0x6bf078a86cb81f1183a28736513743d,0x9cd2fb59f7dad863b6b37a8c3c9528f06ec271a54c93a71092721eec697ac27,0xbfe496d60e90db539af391782c0670fe,0xa4f0d1cab3eec2f400490037c5ba0169
|
||||
1,1,0xd1d5e6d96a0e33007d3daebfa972d03b7bb67b8a4fba812376fafd30b814704,0x367de3aa93d6405aa1979452414d0cdc,0x6bf078a86cb81f1183a28736513743d,0x9cd2fb59f7dad863b6b37a8c3c9528f06ec271a54c93a71092721eec697ac27,0xbfe496d60e90db539af391782c0670fe,0xa4f0d1cab3eec2f400490037c5ba0169
|
||||
1,1,0xd1d5e6d96a0e33007d3daebfa972d03b7bb67b8a4fba812376fafd30b814704,0x367de3aa93d6405aa1979452414d0cdc,0x6bf078a86cb81f1183a28736513743d,0x9cd2fb59f7dad863b6b37a8c3c9528f06ec271a54c93a71092721eec697ac27,0xbfe496d60e90db539af391782c0670fe,0xa4f0d1cab3eec2f400490037c5ba0169
|
||||
1,1,0xd1d5e6d96a0e33007d3daebfa972d03b7bb67b8a4fba812376fafd30b814704,0x367de3aa93d6405aa1979452414d0cdc,0x6bf078a86cb81f1183a28736513743d,0x9cd2fb59f7dad863b6b37a8c3c9528f06ec271a54c93a71092721eec697ac27,0xbfe496d60e90db539af391782c0670fe,0xa4f0d1cab3eec2f400490037c5ba0169
|
||||
1,0,0x420d1987d554b6040ffba354fd3a6576573e7f3810ba3b3b2f736e2c00e9dda,0x45f250aaf0d881ad86fd62235b890968,0x161cfd2a0b591cdec5d674da238d44ec,0x81014394cb2b477fdf0397ba51717657ed1a993e7e63adec55566a48b8514e3,0xa42d146920d3d2b1c04e35e6d5e9ac35,0x538bcdb7739f910e8a0f6fe3debc5b63
|
||||
1,0,0xf145fbeb995facc396b62d73b9e1c297c83d119979e46ae16c4c0ba90e9e7f0,0xc18d0cb6b60e7b046159269197812020,0x58219a1662aaf165a8ab4347b2ebb7cb,0x793fd3a2d8d31c45f9a7a6061e30e86f155b66c957857d3d9730a89838e0005,0x1218bf4befbdf3e2ed280eee79c6244b,0xb87e7320bd4f43381dd6fab8225ee35b
|
||||
1,0,0xd6a6e52cbcaa5cae42454038466557a5cd4abb2f1f506c38058f99534656c2b,0x693ffec3234e977ec90a1621671fc139,0xab030541519cc12965b9a5cbf2c77a1e,0xddd15c05722d7a7dc6bdfd70148fb4e3c7def7827ee62ae03ef58254ff2606d,0x1890b5f936f617ac7113888c43869db5,0x7d23a9e21d81075a387f257cef69fe5c
|
||||
1,1,0xd6a6e52cbcaa5cae42454038466557a5cd4abb2f1f506c38058f99534656c2b,0x693ffec3234e977ec90a1621671fc139,0xab030541519cc12965b9a5cbf2c77a1e,0xddd15c05722d7a7dc6bdfd70148fb4e3c7def7827ee62ae03ef58254ff2606d,0x1890b5f936f617ac7113888c43869db5,0x7d23a9e21d81075a387f257cef69fe5c
|
||||
1,1,0xd6a6e52cbcaa5cae42454038466557a5cd4abb2f1f506c38058f99534656c2b,0x693ffec3234e977ec90a1621671fc139,0xab030541519cc12965b9a5cbf2c77a1e,0xddd15c05722d7a7dc6bdfd70148fb4e3c7def7827ee62ae03ef58254ff2606d,0x1890b5f936f617ac7113888c43869db5,0x7d23a9e21d81075a387f257cef69fe5c
|
||||
1,0,0x8f086a265ddaf5da1a35f983e62bbec4ec4dfdf413039443259f52fb23ea4eb,0xfd91aec846780f1852cd426d65d44855,0xe718a2a754d056208c69b68459c3b26f,0xc946b7b62e3bca7c3f058a6f859e049360260f986fc355cd1cbea6ac1fd8fb,0x99ab3b350754f7e6ce970feda3d868d1,0x25eaa8907d9362650dafa0ccf15a92ee
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x4e2c8d4fabfff1e591ab2acdd75674750c586ecc05f542cfb86233dc2ed5eaa,0x9e41a5832437ba0671ae6d781779d3d7,0x29f117b1828ab9c05f55d192b367e7be,0x69a4895fc7362c6c7798ad803b824c400b247fae0fbcfeda2b416fdec3c716f,0x969a1b2e513f1ddbb09b13ebb6b89bc6,0xbccff59d5aedff5844b8dcc41e9c0f1f
|
||||
1,1,0x4e2c8d4fabfff1e591ab2acdd75674750c586ecc05f542cfb86233dc2ed5eaa,0x9e41a5832437ba0671ae6d781779d3d7,0x29f117b1828ab9c05f55d192b367e7be,0x69a4895fc7362c6c7798ad803b824c400b247fae0fbcfeda2b416fdec3c716f,0x969a1b2e513f1ddbb09b13ebb6b89bc6,0xbccff59d5aedff5844b8dcc41e9c0f1f
|
||||
1,0,0x2862cfaf050a1d322c3f7d18d456beb01be8ba64ad1264470c30c17e7e1790e,0x261e5ce06c9c233678bd07d3e525811d,0x85b04ea749f468f87cc2a5b094573cd4,0x121121cf43252bc791c61474300d6f0b2e20c3b0a3f83abef1d3f2b624501aa3,0x4fec8a94b5955ef50c4bc2938adc5b43,0x51f54908c4ec3ff9edbe10f6eb2258a2
|
||||
1,0,0x5a5d5dec422a16c0c12c66b484e8fc60548e70be104d8ef619d41897ca2eebe,0xd0def8949c5f9ec76796b37b49fb50a1,0x367c115fbc0d7ccb87ef7ed68916a6c4,0x3fb628afd3f9b4f19d5d7796090d2ad6f54b1847f500f05c84e1ee7132738df,0xf2ced2092bce766fcbeeb41786388267,0x9ecfa5aa99914e46fde587c3e3297d92
|
||||
1,0,0x3070970d5198b56e2eecc42efee353fdf0e43695bf647d9f09ea2d1764409c8,0x812fe3c9b5d115fa99cd91af1e9d5845,0x9b3848d64d3c8886632807df3bef85ac,0x3427471c4b44e9a3b05d740e993b2fb2be6eae715b36d6f84424769c4d79566,0x2c3ba52aa2c409fcb2195d8cbf7f3a91,0x44d41978512d9944495774ad0de481c
|
||||
1,1,0x3070970d5198b56e2eecc42efee353fdf0e43695bf647d9f09ea2d1764409c8,0x812fe3c9b5d115fa99cd91af1e9d5845,0x9b3848d64d3c8886632807df3bef85ac,0x3427471c4b44e9a3b05d740e993b2fb2be6eae715b36d6f84424769c4d79566,0x2c3ba52aa2c409fcb2195d8cbf7f3a91,0x44d41978512d9944495774ad0de481c
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xe81a73fb7fc1d5f975a0de58e37a3b32e77aa8e1ebf824828010167b7d2e596,0x7c2d2cada376264dc0d4c2817d81c4cc,0xe4cb9b7db79b0d56d57cd4d431ac0dc4,0x371a1c7d8773ffc74132a9b5b4a29cc42426066f085347901ba75d2baf8e4a8,0x41e7bc4990bbfa88b2a2d2f5947c7b02,0x3cb483e4076d7dc2913f20ef5483ea80
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0xa9792e72211e53e07acc386714411841e3e18857851749e1db4a8534521ab3b,0xea43ba6d00ff5ff081c2a2f50871046a,0xa659b39355270b717571c1c037aa746b,0x5b8ed2eb2864e98cce0e9a02cabfd8602747c9a693f90dcd12dca32080729f9,0xa2a469704b2f6ea77e4261cca30328ce,0x51bc6a4e45ea73ead9a9707672edef88
|
||||
1,1,0xa9792e72211e53e07acc386714411841e3e18857851749e1db4a8534521ab3b,0xea43ba6d00ff5ff081c2a2f50871046a,0xa659b39355270b717571c1c037aa746b,0x5b8ed2eb2864e98cce0e9a02cabfd8602747c9a693f90dcd12dca32080729f9,0xa2a469704b2f6ea77e4261cca30328ce,0x51bc6a4e45ea73ead9a9707672edef88
|
||||
1,0,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,1,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee,0x11f4cf9cf92cbd4e55cb49097909d1eb7ef4e232efd287a7ce617ea2fdf5e218,0x7b58305eb2aa3ff8e9b49192b4822685,0x84e6417582b82df64c84659a39513fee
|
||||
1,0,0x71ba533388576c9a957c746457e4feb21de3260fa61c5230fb40c59f2534493,0x30a7c00888e0041fedddd38732d3af98,0xa287c298774bc224c4ec8aac432d3474,0x6e437929ba3096222cc08f6a10bfca20537ba78298548dc76126ee83960be74,0xdb637f3876071b109b6a9e4fbb961259,0xf841c2c1c3fa07ae3984fac6a8ad4ddb
|
||||
1,1,0x71ba533388576c9a957c746457e4feb21de3260fa61c5230fb40c59f2534493,0x30a7c00888e0041fedddd38732d3af98,0xa287c298774bc224c4ec8aac432d3474,0x6e437929ba3096222cc08f6a10bfca20537ba78298548dc76126ee83960be74,0xdb637f3876071b109b6a9e4fbb961259,0xf841c2c1c3fa07ae3984fac6a8ad4ddb
|
||||
1,1,0x71ba533388576c9a957c746457e4feb21de3260fa61c5230fb40c59f2534493,0x30a7c00888e0041fedddd38732d3af98,0xa287c298774bc224c4ec8aac432d3474,0x6e437929ba3096222cc08f6a10bfca20537ba78298548dc76126ee83960be74,0xdb637f3876071b109b6a9e4fbb961259,0xf841c2c1c3fa07ae3984fac6a8ad4ddb
|
||||
1,1,0x71ba533388576c9a957c746457e4feb21de3260fa61c5230fb40c59f2534493,0x30a7c00888e0041fedddd38732d3af98,0xa287c298774bc224c4ec8aac432d3474,0x6e437929ba3096222cc08f6a10bfca20537ba78298548dc76126ee83960be74,0xdb637f3876071b109b6a9e4fbb961259,0xf841c2c1c3fa07ae3984fac6a8ad4ddb
|
||||
1,0,0x9348320796205bdacdf734d12dd7d0add3ac27e87caddf99f1765bb89886a5a,0x3de923a685d5e3f2d634b891db64403d,0xe8460a5be4c18d2f5fc5ca8c6e0ef209,0x249cb31042b5b8b0f19a18a04239ae5691442c48b329e488680be2897b4f839,0x66f127bb16fe5c6d85fe3fe55c1adadb,0x87b6a3c85d0b22d5ffaad98f65515163
|
||||
|
@@ -1,36 +0,0 @@
|
||||
package statemanager
|
||||
|
||||
import (
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/ifaces"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
mimcCodeHash "github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/mimccodehash"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/statesummary"
|
||||
)
|
||||
|
||||
// lookupStateSummaryCodeHash adds the lookup constraints to ensure the MiMC
|
||||
// CodeHash module and the StateSummary module contains consistent consistent
|
||||
// pairs of (MiMCCodeHash, KeccakCodeHash)
|
||||
func lookupStateSummaryCodeHash(comp *wizard.CompiledIOP,
|
||||
accountPeek *statesummary.AccountPeek,
|
||||
codeHash *mimcCodeHash.Module) {
|
||||
// All the state manager operations are performed in round zero
|
||||
round := 0
|
||||
|
||||
// Lookup between code hashes (Keccak and MiMC) between state summary initial account and MiMC code hash module
|
||||
comp.InsertInclusionDoubleConditional(round,
|
||||
ifaces.QueryID("LOOKUP_MIMC_CODEHASH_INITIAL_ACCOUNT_INTO_STATE_SUMMARY"),
|
||||
[]ifaces.Column{accountPeek.Initial.KeccakCodeHash.Hi, accountPeek.Initial.KeccakCodeHash.Lo, accountPeek.Initial.MiMCCodeHash, accountPeek.Initial.CodeSize},
|
||||
[]ifaces.Column{codeHash.CodeHashHi, codeHash.CodeHashLo, codeHash.NewState, codeHash.CodeSize},
|
||||
accountPeek.Initial.ExistsAndHasNonEmptyCodeHash,
|
||||
codeHash.IsHashEnd,
|
||||
)
|
||||
|
||||
// Lookup between code hashes (Keccak and MiMC) between state summary final account and MiMC code hash module
|
||||
comp.InsertInclusionDoubleConditional(round,
|
||||
ifaces.QueryIDf("LOOKUP_MIMC_CODEHASH_FINAL_ACCOUNT_INTO_STATE_SUMMARY"),
|
||||
[]ifaces.Column{accountPeek.Final.KeccakCodeHash.Hi, accountPeek.Final.KeccakCodeHash.Lo, accountPeek.Final.MiMCCodeHash, accountPeek.Final.CodeSize},
|
||||
[]ifaces.Column{codeHash.CodeHashHi, codeHash.CodeHashLo, codeHash.NewState, codeHash.CodeSize},
|
||||
accountPeek.Final.ExistsAndHasNonEmptyCodeHash,
|
||||
codeHash.IsHashEnd,
|
||||
)
|
||||
}
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
"github.com/consensys/linea-monorepo/prover/utils"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/accumulator"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/accumulatorsummary"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/codehashconsistency"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/mimccodehash"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/statemanager/statesummary"
|
||||
)
|
||||
@@ -18,6 +19,7 @@ type StateManager struct {
|
||||
accumulatorSummaryConnector accumulatorsummary.Module
|
||||
StateSummary statesummary.Module // exported because needed by the public input module
|
||||
mimcCodeHash mimccodehash.Module
|
||||
codeHashConsistency codehashconsistency.Module
|
||||
}
|
||||
|
||||
// Settings stores all the setting to construct a StateManager and is passed to
|
||||
@@ -51,7 +53,7 @@ func NewStateManager(comp *wizard.CompiledIOP, settings Settings) *StateManager
|
||||
sm.accumulatorSummaryConnector.ConnectToStateSummary(comp, &sm.StateSummary)
|
||||
sm.mimcCodeHash.ConnectToRom(comp, rom(comp), romLex(comp))
|
||||
sm.StateSummary.ConnectToHub(comp, acp(comp), scp(comp))
|
||||
lookupStateSummaryCodeHash(comp, &sm.StateSummary.Account, &sm.mimcCodeHash)
|
||||
sm.codeHashConsistency = codehashconsistency.NewModule(comp, "CODEHASHCONSISTENCY", &sm.StateSummary, &sm.mimcCodeHash)
|
||||
|
||||
return sm
|
||||
}
|
||||
@@ -79,10 +81,7 @@ func NewStateManagerNoHub(comp *wizard.CompiledIOP, settings Settings) *StateMan
|
||||
|
||||
sm.accumulatorSummaryConnector.ConnectToStateSummary(comp, &sm.StateSummary)
|
||||
sm.mimcCodeHash.ConnectToRom(comp, rom(comp), romLex(comp))
|
||||
|
||||
// Waiting for the resolution of the mimc code hash issue
|
||||
//
|
||||
// lookupStateSummaryCodeHash(comp, &sm.StateSummary.Account, &sm.mimcCodeHash)
|
||||
sm.codeHashConsistency = codehashconsistency.NewModule(comp, "CODEHASHCONSISTENCY", &sm.StateSummary, &sm.mimcCodeHash)
|
||||
|
||||
return sm
|
||||
}
|
||||
@@ -95,6 +94,7 @@ func (sm *StateManager) Assign(run *wizard.ProverRuntime, shomeiTraces [][]state
|
||||
sm.accumulator.Assign(run, utils.Join(shomeiTraces...))
|
||||
sm.accumulatorSummaryConnector.Assign(run)
|
||||
sm.mimcCodeHash.Assign(run)
|
||||
sm.codeHashConsistency.Assign(run)
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -151,7 +151,7 @@ type Account struct {
|
||||
// single column each.
|
||||
Exists, Nonce, Balance, MiMCCodeHash, CodeSize, StorageRoot ifaces.Column
|
||||
// KeccakCodeHash stores the keccak code hash of the account.
|
||||
KeccakCodeHash HiLoColumns
|
||||
KeccakCodeHash common.HiLoColumns
|
||||
// HasEmptyCodeHash is an indicator column indicating whether the current
|
||||
// account has an empty codehash
|
||||
HasEmptyCodeHash ifaces.Column
|
||||
@@ -178,7 +178,7 @@ func newAccount(comp *wizard.CompiledIOP, size int, name string) Account {
|
||||
MiMCCodeHash: createCol("MIMC_CODEHASH"),
|
||||
CodeSize: createCol("CODESIZE"),
|
||||
StorageRoot: createCol("STORAGE_ROOT"),
|
||||
KeccakCodeHash: newHiLoColumns(comp, size, name+"_KECCAK_CODE_HASH"),
|
||||
KeccakCodeHash: common.NewHiLoColumns(comp, size, name+"_KECCAK_CODE_HASH"),
|
||||
ExistsAndHasNonEmptyCodeHash: createCol("EXISTS_AND_NON_EMPTY_CODEHASH"),
|
||||
}
|
||||
|
||||
@@ -231,7 +231,7 @@ func newAccountPeekAssignmentBuilder(ap *AccountPeek) accountPeekAssignmentBuild
|
||||
// builders relating to the an Account.
|
||||
type accountAssignmentBuilder struct {
|
||||
exists, nonce, balance, miMCCodeHash, codeSize, storageRoot *common.VectorBuilder
|
||||
keccakCodeHash hiLoAssignmentBuilder
|
||||
keccakCodeHash common.HiLoAssignmentBuilder
|
||||
existsAndHasNonEmptyCodeHash *common.VectorBuilder
|
||||
}
|
||||
|
||||
@@ -246,7 +246,7 @@ func newAccountAssignmentBuilder(ap *Account) accountAssignmentBuilder {
|
||||
codeSize: common.NewVectorBuilder(ap.CodeSize),
|
||||
storageRoot: common.NewVectorBuilder(ap.StorageRoot),
|
||||
existsAndHasNonEmptyCodeHash: common.NewVectorBuilder(ap.ExistsAndHasNonEmptyCodeHash),
|
||||
keccakCodeHash: newHiLoAssignmentBuilder(ap.KeccakCodeHash),
|
||||
keccakCodeHash: common.NewHiLoAssignmentBuilder(ap.KeccakCodeHash),
|
||||
}
|
||||
}
|
||||
|
||||
@@ -261,11 +261,11 @@ func (ss *accountAssignmentBuilder) pushAll(acc types.Account) {
|
||||
if accountExists {
|
||||
ss.balance.PushBytes32(types.LeftPadToBytes32(acc.Balance.Bytes()))
|
||||
ss.exists.PushOne()
|
||||
ss.keccakCodeHash.push(acc.KeccakCodeHash)
|
||||
ss.keccakCodeHash.Push(acc.KeccakCodeHash)
|
||||
} else {
|
||||
ss.balance.PushZero()
|
||||
ss.exists.PushZero()
|
||||
ss.keccakCodeHash.push(types.FullBytes32(statemanager.LEGACY_KECCAK_EMPTY_CODEHASH))
|
||||
ss.keccakCodeHash.Push(types.FullBytes32(statemanager.LEGACY_KECCAK_EMPTY_CODEHASH))
|
||||
}
|
||||
|
||||
ss.codeSize.PushInt(int(acc.CodeSize))
|
||||
@@ -289,11 +289,11 @@ func (ss *accountAssignmentBuilder) pushOverrideStorageRoot(
|
||||
if accountExists {
|
||||
ss.balance.PushBytes32(types.LeftPadToBytes32(acc.Balance.Bytes()))
|
||||
ss.exists.PushOne()
|
||||
ss.keccakCodeHash.push(acc.KeccakCodeHash)
|
||||
ss.keccakCodeHash.Push(acc.KeccakCodeHash)
|
||||
} else {
|
||||
ss.balance.PushZero()
|
||||
ss.exists.PushZero()
|
||||
ss.keccakCodeHash.push(types.FullBytes32(statemanager.LEGACY_KECCAK_EMPTY_CODEHASH))
|
||||
ss.keccakCodeHash.Push(types.FullBytes32(statemanager.LEGACY_KECCAK_EMPTY_CODEHASH))
|
||||
}
|
||||
|
||||
ss.codeSize.PushInt(int(acc.CodeSize))
|
||||
@@ -309,7 +309,7 @@ func (ss *accountAssignmentBuilder) PadAndAssign(run *wizard.ProverRuntime) {
|
||||
ss.exists.PadAndAssign(run)
|
||||
ss.nonce.PadAndAssign(run)
|
||||
ss.balance.PadAndAssign(run)
|
||||
ss.keccakCodeHash.padAssign(run, types.FullBytes32{})
|
||||
ss.keccakCodeHash.PadAssign(run, types.FullBytes32{})
|
||||
ss.miMCCodeHash.PadAndAssign(run)
|
||||
ss.storageRoot.PadAndAssign(run)
|
||||
ss.codeSize.PadAndAssign(run)
|
||||
|
||||
@@ -1,68 +0,0 @@
|
||||
package statesummary
|
||||
|
||||
import (
|
||||
"github.com/consensys/linea-monorepo/prover/maths/field"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/ifaces"
|
||||
"github.com/consensys/linea-monorepo/prover/protocol/wizard"
|
||||
"github.com/consensys/linea-monorepo/prover/utils/types"
|
||||
"github.com/consensys/linea-monorepo/prover/zkevm/prover/common"
|
||||
)
|
||||
|
||||
// HiLoColumns represents a pair of column representing a sequence of bytes32
|
||||
// element that do not fit in a single field element. The Hi columns stores the
|
||||
// first 16 bytes of the column. And the Lo columns stores the last 16 bytes.
|
||||
type HiLoColumns struct {
|
||||
Hi, Lo ifaces.Column
|
||||
}
|
||||
|
||||
// newHiLoColumns returns a new HiLoColumns with initialized and unconstrained
|
||||
// columns.
|
||||
func newHiLoColumns(comp *wizard.CompiledIOP, size int, name string) HiLoColumns {
|
||||
return HiLoColumns{
|
||||
Hi: comp.InsertCommit(
|
||||
0,
|
||||
ifaces.ColIDf("STATE_SUMMARY_%v_HI", name),
|
||||
size,
|
||||
),
|
||||
Lo: comp.InsertCommit(
|
||||
0,
|
||||
ifaces.ColIDf("STATE_SUMMARY_%v_LO", name),
|
||||
size,
|
||||
),
|
||||
}
|
||||
}
|
||||
|
||||
// hiLoAssignmentBuilder is a convenience structure storing the column builders
|
||||
// relating to an HiLoColumns.
|
||||
type hiLoAssignmentBuilder struct {
|
||||
hi, lo *common.VectorBuilder
|
||||
}
|
||||
|
||||
// newHiLoAssignmentBuilder returns a fresh [hiLoAssignmentBuilder]
|
||||
func newHiLoAssignmentBuilder(hiLo HiLoColumns) hiLoAssignmentBuilder {
|
||||
return hiLoAssignmentBuilder{
|
||||
hi: common.NewVectorBuilder(hiLo.Hi),
|
||||
lo: common.NewVectorBuilder(hiLo.Lo),
|
||||
}
|
||||
}
|
||||
|
||||
// push pushes a row representing `fb` onto `hl`
|
||||
func (hl *hiLoAssignmentBuilder) push(fb types.FullBytes32) {
|
||||
hl.hi.PushHi(fb)
|
||||
hl.lo.PushLo(fb)
|
||||
}
|
||||
|
||||
// pushZeroes pushes a row representing 0 onto `hl`
|
||||
func (hl *hiLoAssignmentBuilder) pushZeroes() {
|
||||
hl.hi.PushZero()
|
||||
hl.lo.PushZero()
|
||||
}
|
||||
|
||||
// padAssign pads `hl` with `fb` and assigns the resulting columns into `run`.
|
||||
func (hl *hiLoAssignmentBuilder) padAssign(run *wizard.ProverRuntime, fb types.FullBytes32) {
|
||||
var f field.Element
|
||||
f.SetBytes(fb[:16])
|
||||
hl.hi.PadAndAssign(run, f)
|
||||
f.SetBytes(fb[16:])
|
||||
hl.lo.PadAndAssign(run, f)
|
||||
}
|
||||
@@ -16,11 +16,11 @@ import (
|
||||
// slot.
|
||||
type StoragePeek struct {
|
||||
// StorageKey stores the storage key of the peeked slot
|
||||
Key HiLoColumns
|
||||
Key common.HiLoColumns
|
||||
// OldValue represents the storage value that is being peeked at.
|
||||
OldValue HiLoColumns
|
||||
OldValue common.HiLoColumns
|
||||
// NewValue represents the new value of the storage slot.
|
||||
NewValue HiLoColumns
|
||||
NewValue common.HiLoColumns
|
||||
|
||||
// OldValueIsZero and NewValueIsZero are indicator columns set to 1 when the
|
||||
// old/new value is set to zero and 0 otherwise.
|
||||
@@ -71,9 +71,9 @@ type StoragePeek struct {
|
||||
// unconstrained columns.
|
||||
func newStoragePeek(comp *wizard.CompiledIOP, size int, name string) StoragePeek {
|
||||
res := StoragePeek{
|
||||
Key: newHiLoColumns(comp, size, name+"_KEY"),
|
||||
OldValue: newHiLoColumns(comp, size, name+"_OLD_VALUE"),
|
||||
NewValue: newHiLoColumns(comp, size, name+"_NEW_VALUE"),
|
||||
Key: common.NewHiLoColumns(comp, size, name+"_KEY"),
|
||||
OldValue: common.NewHiLoColumns(comp, size, name+"_OLD_VALUE"),
|
||||
NewValue: common.NewHiLoColumns(comp, size, name+"_NEW_VALUE"),
|
||||
}
|
||||
|
||||
res.OldValueHash, res.ComputeOldValueHash = common.HashOf(
|
||||
@@ -128,63 +128,63 @@ func newStoragePeek(comp *wizard.CompiledIOP, size int, name string) StoragePeek
|
||||
// storagePeekAssignmentBuilder is a convenience structure storing the column
|
||||
// builders relating to a StoragePeek.
|
||||
type storagePeekAssignmentBuilder struct {
|
||||
key, oldValue, newValue hiLoAssignmentBuilder
|
||||
key, oldValue, newValue common.HiLoAssignmentBuilder
|
||||
}
|
||||
|
||||
// newStoragePeekAssignmentBuilder constructs a fresh [storagePeekAssignmentBuilder]
|
||||
// with empty columns.
|
||||
func newStoragePeekAssignmentBuilder(sp *StoragePeek) storagePeekAssignmentBuilder {
|
||||
return storagePeekAssignmentBuilder{
|
||||
key: newHiLoAssignmentBuilder(sp.Key),
|
||||
oldValue: newHiLoAssignmentBuilder(sp.OldValue),
|
||||
newValue: newHiLoAssignmentBuilder(sp.NewValue),
|
||||
key: common.NewHiLoAssignmentBuilder(sp.Key),
|
||||
oldValue: common.NewHiLoAssignmentBuilder(sp.OldValue),
|
||||
newValue: common.NewHiLoAssignmentBuilder(sp.NewValue),
|
||||
}
|
||||
}
|
||||
|
||||
// pushAllZeroes pushes a zero row onto the receiver
|
||||
func (sh *storagePeekAssignmentBuilder) pushAllZeroes() {
|
||||
sh.key.pushZeroes()
|
||||
sh.oldValue.pushZeroes()
|
||||
sh.newValue.pushZeroes()
|
||||
sh.key.PushZeroes()
|
||||
sh.oldValue.PushZeroes()
|
||||
sh.newValue.PushZeroes()
|
||||
}
|
||||
|
||||
// pushOnlyKey pushes the key onto the the "key" columns builder and zero on
|
||||
// the others
|
||||
func (sh *storagePeekAssignmentBuilder) pushOnlyKey(key types.FullBytes32) {
|
||||
sh.key.push(key)
|
||||
sh.oldValue.pushZeroes()
|
||||
sh.newValue.pushZeroes()
|
||||
sh.key.Push(key)
|
||||
sh.oldValue.PushZeroes()
|
||||
sh.newValue.PushZeroes()
|
||||
}
|
||||
|
||||
// pushOnlyOld pushes a row where the keys and the old value are the one provided
|
||||
// by the caller and the new value is zero.
|
||||
func (sh *storagePeekAssignmentBuilder) pushOnlyOld(key, oldVal types.FullBytes32) {
|
||||
sh.key.push(key)
|
||||
sh.oldValue.push(oldVal)
|
||||
sh.newValue.pushZeroes()
|
||||
sh.key.Push(key)
|
||||
sh.oldValue.Push(oldVal)
|
||||
sh.newValue.PushZeroes()
|
||||
}
|
||||
|
||||
// pushOnlyNew pushes a row where the key and the new value are the one provided
|
||||
// by the caller and the old value is set to zero.
|
||||
func (sh *storagePeekAssignmentBuilder) pushOnlyNew(key, newVal types.FullBytes32) {
|
||||
sh.key.push(key)
|
||||
sh.oldValue.pushZeroes()
|
||||
sh.newValue.push(newVal)
|
||||
sh.key.Push(key)
|
||||
sh.oldValue.PushZeroes()
|
||||
sh.newValue.Push(newVal)
|
||||
}
|
||||
|
||||
// push pushes a row where the key, the old value and the new value are the
|
||||
// one provided by the caller.
|
||||
func (sh *storagePeekAssignmentBuilder) push(key, oldVal, newVal types.FullBytes32) {
|
||||
sh.key.push(key)
|
||||
sh.oldValue.push(oldVal)
|
||||
sh.newValue.push(newVal)
|
||||
sh.key.Push(key)
|
||||
sh.oldValue.Push(oldVal)
|
||||
sh.newValue.Push(newVal)
|
||||
}
|
||||
|
||||
// padAssign pads and assigns the columns of the storage peek into `run`.
|
||||
func (sh *storagePeekAssignmentBuilder) padAssign(run *wizard.ProverRuntime) {
|
||||
sh.key.padAssign(run, types.FullBytes32{})
|
||||
sh.oldValue.padAssign(run, types.FullBytes32{})
|
||||
sh.newValue.padAssign(run, types.FullBytes32{})
|
||||
sh.key.PadAssign(run, types.FullBytes32{})
|
||||
sh.oldValue.PadAssign(run, types.FullBytes32{})
|
||||
sh.newValue.PadAssign(run, types.FullBytes32{})
|
||||
}
|
||||
|
||||
// hashOfZeroStorage returns the hash of (0, 0) which is what we use for empty
|
||||
|
||||
Reference in New Issue
Block a user