diff --git a/include/nil/crypto3/zk/components/algebra/curves/plonk/fixed_base_scalar_mul_5_wires.hpp b/include/nil/crypto3/zk/components/algebra/curves/plonk/fixed_base_scalar_mul_5_wires.hpp index 5671ee6d8..faedcd1fb 100644 --- a/include/nil/crypto3/zk/components/algebra/curves/plonk/fixed_base_scalar_mul_5_wires.hpp +++ b/include/nil/crypto3/zk/components/algebra/curves/plonk/fixed_base_scalar_mul_5_wires.hpp @@ -25,8 +25,8 @@ // @file Declaration of interfaces for auxiliary components for the SHA256 component. //---------------------------------------------------------------------------// -#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_SCALAR_MUL_COMPONENT_5_WIRES_HPP -#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_SCALAR_MUL_COMPONENT_5_WIRES_HPP +#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_FIXED_BASE_SCALAR_MUL_COMPONENT_5_WIRES_HPP +#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_FIXED_BASE_SCALAR_MUL_COMPONENT_5_WIRES_HPP #include @@ -38,7 +38,7 @@ namespace nil { template::value_type B> - class element_g1_scalar_mul_plonk : public component { + class element_g1_fixed_base_scalar_mul_plonk : public component { typedef snark::plonk_constraint_system arithmetization_type; typedef blueprint blueprint_type; @@ -46,7 +46,7 @@ namespace nil { typename blueprint_type::row_index_type j; public: - element_g1_scalar_mul_plonk(blueprint_type &bp) : + element_g1_fixed_base_scalar_mul_plonk(blueprint_type &bp) : component(bp){ j = bp.allocate_rows(85); @@ -276,4 +276,4 @@ namespace nil { } // namespace crypto3 } // namespace nil -#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_SCALAR_MUL_COMPONENT_5_WIRES_HPP +#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_FIXED_BASE_SCALAR_MUL_COMPONENT_5_WIRES_HPP diff --git a/include/nil/crypto3/zk/components/algebra/curves/plonk/variable_base_scalar_mul_5_wires.hpp b/include/nil/crypto3/zk/components/algebra/curves/plonk/variable_base_scalar_mul_5_wires.hpp index eb7c25acf..7c862c9fa 100644 --- a/include/nil/crypto3/zk/components/algebra/curves/plonk/variable_base_scalar_mul_5_wires.hpp +++ b/include/nil/crypto3/zk/components/algebra/curves/plonk/variable_base_scalar_mul_5_wires.hpp @@ -25,8 +25,8 @@ // @file Declaration of interfaces for auxiliary components for the SHA256 component. //---------------------------------------------------------------------------// -#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_SCALAR_MUL_COMPONENT_5_WIRES_HPP -#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_SCALAR_MUL_COMPONENT_5_WIRES_HPP +#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_VARIABLE_BASE_SCALAR_MUL_COMPONENT_5_WIRES_HPP +#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_VARIABLE_BASE_SCALAR_MUL_COMPONENT_5_WIRES_HPP #include @@ -38,7 +38,7 @@ namespace nil { template - class element_g1_scalar_mul_plonk : public component { + class element_g1_variable_base_scalar_mul_plonk : public component { typedef snark::plonk_constraint_system arithmetization_type; typedef blueprint blueprint_type; @@ -46,7 +46,7 @@ namespace nil { typename blueprint_type::row_index_type j; public: - element_g1_scalar_mul_plonk(blueprint_type &bp) : + element_g1_variable_base_scalar_mul_plonk(blueprint_type &bp) : component(bp){ j = bp.allocate_rows(213); @@ -210,4 +210,4 @@ namespace nil { } // namespace crypto3 } // namespace nil -#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_SCALAR_MUL_COMPONENT_5_WIRES_HPP +#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_VARIABLE_BASE_SCALAR_MUL_COMPONENT_5_WIRES_HPP diff --git a/include/nil/crypto3/zk/components/hashes/plonk/sha256.hpp b/include/nil/crypto3/zk/components/hashes/plonk/sha256.hpp index 5f2aaa09b..b7a39b2e1 100644 --- a/include/nil/crypto3/zk/components/hashes/plonk/sha256.hpp +++ b/include/nil/crypto3/zk/components/hashes/plonk/sha256.hpp @@ -52,7 +52,7 @@ namespace nil { } - void generate_r1cs_constraints(bool ensure_output_bitness = true) { // TODO: ignored for now + void generate_r1cs_constraints() { // TODO: ignored for now padding->generate_r1cs_constraints(); for (auto f : blocks_components) { f->generate_r1cs_constraints(); diff --git a/include/nil/crypto3/zk/components/pubkey/plonk/eddsa_5_wires.hpp b/include/nil/crypto3/zk/components/pubkey/plonk/eddsa_5_wires.hpp new file mode 100644 index 000000000..a4b6457b9 --- /dev/null +++ b/include/nil/crypto3/zk/components/pubkey/plonk/eddsa_5_wires.hpp @@ -0,0 +1,148 @@ +//---------------------------------------------------------------------------// +// Copyright (c) 2021 Mikhail Komarov +// Copyright (c) 2021 Nikita Kaskov +// +// MIT License +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +//---------------------------------------------------------------------------// +// @file Declaration of interfaces for auxiliary components for the SHA256 component. +//---------------------------------------------------------------------------// + +#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_EDDSA_5_WIRES_HPP +#define CRYPTO3_ZK_BLUEPRINT_PLONK_EDDSA_5_WIRES_HPP + +#include +#include + +namespace nil { + namespace crypto3 { + namespace zk { + namespace components { + + template + class eddsa_verifier_plonk : public component { + + typedef snark::plonk_constraint_system arithmetization_type; + + constexpr algebra::matrix M; + constexpr algebra::vector RC; + + typedef blueprint blueprint_type; + + typename blueprint_type::row_index_type j; + + range_plonk range_proof; + sha512_plonk sha512; + element_g1_fixed_base_scalar_mul_plonk fixed_scalar_mul; + element_g1_variable_base_scalar_mul_plonk variable_base_mul; + public: + + eddsa_verifier_plonk(blueprint_type &bp) : + component(bp), range_proof(bp), sha512(bp), + fixed_scalar_mul(bp), variable_base_mul(bp) { + + j = bp.allocate_rows(6); + } + + void generate_gates() { + + constexpr static const typename blueprint_type::variable_type w_o_jp2(W0, + blueprint_type::variable_type::rotation_type::pre_previous); + constexpr static const typename blueprint_type::variable_type w_1_jp2(W1, + blueprint_type::variable_type::rotation_type::pre_previous); + constexpr static const typename blueprint_type::variable_type w_2_jp2(W2, + blueprint_type::variable_type::rotation_type::pre_previous); + constexpr static const typename blueprint_type::variable_type w_3_jp2(W3, + blueprint_type::variable_type::rotation_type::pre_previous); + constexpr static const typename blueprint_type::variable_type w_4_jp2(W4, + blueprint_type::variable_type::rotation_type::pre_previous); + + constexpr static const typename blueprint_type::variable_type w_o_jm1(W0, + blueprint_type::variable_type::rotation_type::previous); + constexpr static const typename blueprint_type::variable_type w_1_jm1(W1, + blueprint_type::variable_type::rotation_type::previous); + constexpr static const typename blueprint_type::variable_type w_2_jm1(W2, + blueprint_type::variable_type::rotation_type::previous); + constexpr static const typename blueprint_type::variable_type w_3_jm1(W3, + blueprint_type::variable_type::rotation_type::previous); + constexpr static const typename blueprint_type::variable_type w_4_jm1(W4, + blueprint_type::variable_type::rotation_type::previous); + + constexpr static const typename blueprint_type::variable_type w_o_j(W0, + blueprint_type::variable_type::rotation_type::current); + constexpr static const typename blueprint_type::variable_type w_1_j(W1, + blueprint_type::variable_type::rotation_type::current); + constexpr static const typename blueprint_type::variable_type w_2_j(W2, + blueprint_type::variable_type::rotation_type::current); + constexpr static const typename blueprint_type::variable_type w_3_j(W3, + blueprint_type::variable_type::rotation_type::current); + constexpr static const typename blueprint_type::variable_type w_4_j(W4, + blueprint_type::variable_type::rotation_type::current); + + constexpr static const typename blueprint_type::variable_type w_o_jp1(W0, + blueprint_type::variable_type::rotation_type::next); + constexpr static const typename blueprint_type::variable_type w_1_jp1(W1, + blueprint_type::variable_type::rotation_type::next); + constexpr static const typename blueprint_type::variable_type w_2_jp1(W2, + blueprint_type::variable_type::rotation_type::next); + constexpr static const typename blueprint_type::variable_type w_3_jp1(W3, + blueprint_type::variable_type::rotation_type::next); + constexpr static const typename blueprint_type::variable_type w_4_jp1(W4, + blueprint_type::variable_type::rotation_type::next); + + constexpr static const typename blueprint_type::variable_type w_o_jp2(W0, + blueprint_type::variable_type::rotation_type::after_next); + constexpr static const typename blueprint_type::variable_type w_1_jp2(W1, + blueprint_type::variable_type::rotation_type::after_next); + constexpr static const typename blueprint_type::variable_type w_2_jp2(W2, + blueprint_type::variable_type::rotation_type::after_next); + constexpr static const typename blueprint_type::variable_type w_3_jp2(W3, + blueprint_type::variable_type::rotation_type::after_next); + constexpr static const typename blueprint_type::variable_type w_4_jp2(W4, + blueprint_type::variable_type::rotation_type::after_next); + + range_proof.generate_gates(); + sha512_plonk.generate_gates(); + fixed_scalar_mul.generate_gates(); + variable_base_mul.generate_gates(); + } + + void generate_assignments( + pubkey::eddsa::digest_type signature, + pubkey::eddsa::message_type M, + pubkey::eddsa::public_key_type A, + pubkey::eddsa::generator_type B) { + + range_proof.generate_assignments(signature.s, 2**252, 2**252+27742317777372353535851937790883648493); + sha512_plonk.generate_assignments(data, R, A ,M); + + fixed_scalar_mul.generate_assignments(s, B, s*B); + variable_scalar_mul.generate_assignments(); + } + }; + + } // namespace components + } // namespace zk + } // namespace crypto3 +} // namespace nil + +#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_EDDSA_5_WIRES_HPP