Skip to content

Commit

Permalink
PLONK doubling, tripling added. #16
Browse files Browse the repository at this point in the history
  • Loading branch information
@nkaskov
nkaskov committed Nov 22, 2021
1 parent 4254486 commit e0a02ef
Show file tree
Hide file tree
Showing 3 changed files with 168 additions and 1 deletion.
1 change: 0 additions & 1 deletion include/nil/crypto3/zk/components/algebra/curves/plonk/addition.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@
#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_ADDITION_COMPONENT_HPP

#include <nil/crypto3/zk/components/blueprint.hpp>
#include <nil/crypto3/zk/components/blueprint_variable.hpp>

namespace nil {
namespace crypto3 {
Expand Down
90 changes: 90 additions & 0 deletions include/nil/crypto3/zk/components/algebra/curves/plonk/doubling.hpp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,90 @@
//---------------------------------------------------------------------------//
// Copyright (c) 2021 Mikhail Komarov <nemo@nil.foundation>
// Copyright (c) 2021 Nikita Kaskov <nbering@nil.foundation>
//
// MIT License
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all
// copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
// SOFTWARE.
//---------------------------------------------------------------------------//
// @file Declaration of interfaces for auxiliary components for the SHA256 component.
//---------------------------------------------------------------------------//

#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_DOUBLING_COMPONENT_HPP
#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_DOUBLING_COMPONENT_HPP

#include <nil/crypto3/zk/components/blueprint.hpp>

namespace nil {
namespace crypto3 {
namespace zk {
namespace components {

template<typename TBlueprintField, typename CurveType,
std::size_t W0 = 0, std::size_t W1 = 1, std::size_t W2 = 2, std::size_t W3 = 3,
std::size_t W6 = 6>
class element_g1_doubling_plonk : public component<TBlueprintField> {
typedef snark::plonk_constraint_system<TBlueprintField> arithmetization_type;

typedef blueprint<arithmetization_type, TBlueprintField> blueprint_type;

typename blueprint_type::row_index_type i;
public:

element_g1_doubling_plonk(blueprint_type &bp) :
component<FieldType>(bp) {
i = bp.allocate_row();
}

void generate_r1cs_constraints() {
typename blueprint_type::variable_type x_1(W0,
blueprint_type::variable_type::rotation_type::current);
typename blueprint_type::variable_type y_1(W1,
blueprint_type::variable_type::rotation_type::current);
typename blueprint_type::variable_type x_2(W2,
blueprint_type::variable_type::rotation_type::current);
typename blueprint_type::variable_type y_2(W3,
blueprint_type::variable_type::rotation_type::current);
typename blueprint_type::variable_type r(W6,
blueprint_type::variable_type::rotation_type::current);

bp.add_gate(i, 4*y_1^2 * (x_2 + 2*x_1) - 9 * x_1^4);
bp.add_gate(i, 2*y_1 * (y_2 + y_1) - 3*x_1^2 * (x_1 - x_2));
bp.add_gate(i, y_1*r_1 - 1);
}

void generate_r1cs_witness(typename CurveType::value_type &P1) {
generate_r1cs_witness(P1, P1.doubled());
}

void generate_r1cs_witness(typename CurveType::value_type &P1,
typename CurveType::value_type &P2) {
bp.val(W0, i) = P1.X;
bp.val(W1, i) = P1.Y;
bp.val(W2, i) = P2.X;
bp.val(W3, i) = P2.Y;
bp.val(W6, i) = ?;
}
};

} // namespace components
} // namespace zk
} // namespace crypto3
} // namespace nil

#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_DOUBLING_COMPONENT_HPP
78 changes: 78 additions & 0 deletions include/nil/crypto3/zk/components/algebra/curves/plonk/tripling.hpp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
//---------------------------------------------------------------------------//
// Copyright (c) 2021 Mikhail Komarov <nemo@nil.foundation>
// Copyright (c) 2021 Nikita Kaskov <nbering@nil.foundation>
//
// MIT License
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in all
// copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
// SOFTWARE.
//---------------------------------------------------------------------------//
// @file Declaration of interfaces for auxiliary components for the SHA256 component.
//---------------------------------------------------------------------------//

#ifndef CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_TRIPLING_COMPONENT_HPP
#define CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_TRIPLING_COMPONENT_HPP

#include <nil/crypto3/zk/components/blueprint.hpp>
#include <nil/crypto3/zk/components/algebra/curves/plonk/doubling.hpp>
#include <nil/crypto3/zk/components/algebra/curves/plonk/addition.hpp>

namespace nil {
namespace crypto3 {
namespace zk {
namespace components {

template<typename TBlueprintField, typename CurveType,
std::size_t W0 = 0, std::size_t W1 = 1, std::size_t W2 = 2, std::size_t W3 = 3,
std::size_t W4 = 4, std::size_t W5 = 5, std::size_t W6 = 6, std::size_t W7 = 7>
class element_g1_tripling_plonk : public component<TBlueprintField> {
typedef snark::plonk_constraint_system<TBlueprintField> arithmetization_type;

typedef blueprint<arithmetization_type, TBlueprintField> blueprint_type;

element_g1_doubling_plonk<TBlueprintField, CurveType, W0, W1, W2, W3, W6> doubling_component;
element_g1_addition_plonk<TBlueprintField, CurveType, W0, W1, W2, W3, W4, W5, W7> addition_component;
public:

element_g1_tripling_plonk(blueprint_type &bp) :
component<FieldType>(bp), doubling_component(bp),
addition_component(bp) {
}

void generate_gates() {
doubling_component.generate_gates();
addition_component.generate_gates();
}

void generate_assignments(typename CurveType::value_type &P1) {
generate_assignments(P1, P1.doubled() + P1);
}

void generate_assignments(typename CurveType::value_type &P1,
typename CurveType::value_type &P2) {
doubling_component.generate_assignments(P1, P1.doubled());
addition_component.generate_assignments(P1.doubled(), P1, P2);
}
};

} // namespace components
} // namespace zk
} // namespace crypto3
} // namespace nil

#endif // CRYPTO3_ZK_BLUEPRINT_PLONK_CURVE_ELEMENT_TRIPLING_COMPONENT_HPP

0 comments on commit e0a02ef

Please sign in to comment.