feat!: Update to acvm 0.14.0 (#1594)

* acvm 0.14.0 dep and respective backend change * updates inside noir for acvm 0.14.0 * cargo fmt * add verify_proof to stdlib
noir-lang · Jun 7, 2023 · f2d6b7b · f2d6b7b
1 parent 37c0be6
commit f2d6b7b
Show file tree

Hide file tree

Showing 10 changed files with 100 additions and 20 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -24,7 +24,7 @@ edition = "2021"
 rust-version = "1.66"
 
 [workspace.dependencies]
-acvm = "=0.13.3"
+acvm = "=0.14.0"
 arena = { path = "crates/arena" }
 fm = { path = "crates/fm" }
 iter-extended = { path = "crates/iter-extended" }

diff --git a/crates/nargo/src/ops/prove.rs b/crates/nargo/src/ops/prove.rs
@@ -8,5 +8,6 @@ pub fn prove_execution<B: ProofSystemCompiler>(
     solved_witness: WitnessMap,
     proving_key: &[u8],
 ) -> Result<Vec<u8>, B::Error> {
-    backend.prove_with_pk(common_reference_string, circuit, solved_witness, proving_key)
+    // TODO(#1569): update from not just accepting `false` once we get nargo to interop with dynamic backend
+    backend.prove_with_pk(common_reference_string, circuit, solved_witness, proving_key, false)
 }
diff --git a/crates/nargo/src/ops/verify.rs b/crates/nargo/src/ops/verify.rs
@@ -9,5 +9,13 @@ pub fn verify_proof<B: ProofSystemCompiler>(
     public_inputs: WitnessMap,
     verification_key: &[u8],
 ) -> Result<bool, B::Error> {
-    backend.verify_with_vk(common_reference_string, proof, public_inputs, circuit, verification_key)
+    // TODO(#1569): update from not just accepting `false` once we get nargo to interop with dynamic backend
+    backend.verify_with_vk(
+        common_reference_string,
+        proof,
+        public_inputs,
+        circuit,
+        verification_key,
+        false,
+    )
 }
diff --git a/crates/nargo_cli/Cargo.toml b/crates/nargo_cli/Cargo.toml
@@ -42,7 +42,7 @@ color-eyre = "0.6.2"
 tokio = "1.0"
 
 # Backends
-acvm-backend-barretenberg = { version = "0.3.0", default-features = false }
+acvm-backend-barretenberg = { version = "0.4.0", default-features = false }
 
 [dev-dependencies]
 tempdir = "0.3.7"

diff --git a/crates/noirc_evaluator/src/ssa/acir_gen/operations/intrinsics.rs b/crates/noirc_evaluator/src/ssa/acir_gen/operations/intrinsics.rs
@@ -95,6 +95,11 @@ pub(crate) fn evaluate(
                 | BlackBoxFunc::HashToField128Security => {
                     prepare_outputs(&mut acir_gen.memory, instruction_id, 1, ctx, evaluator)
                 }
+                // There are some low level functions that have variable outputs and
+                // should not have a set output count in Noir
+                BlackBoxFunc::RecursiveAggregation => {
+                    prepare_outputs_no_count(&mut acir_gen.memory, instruction_id, ctx, evaluator)
+                }
                 _ => panic!("Unsupported low level function {:?}", op),
             };
             let func_call = match op {
@@ -151,6 +156,31 @@ pub(crate) fn evaluate(
                     inputs: resolve_array(&args[0], acir_gen, ctx, evaluator),
                     output: outputs[0],
                 },
+                BlackBoxFunc::RecursiveAggregation => {
+                    let has_previous_aggregation = evaluator.opcodes.iter().any(|op| {
+                        matches!(
+                            op,
+                            AcirOpcode::BlackBoxFuncCall(
+                                BlackBoxFuncCall::RecursiveAggregation { .. }
+                            )
+                        )
+                    });
+
+                    let input_aggregation_object = if !has_previous_aggregation {
+                        None
+                    } else {
+                        Some(resolve_array(&args[4], acir_gen, ctx, evaluator))
+                    };
+
+                    BlackBoxFuncCall::RecursiveAggregation {
+                        verification_key: resolve_array(&args[0], acir_gen, ctx, evaluator),
+                        proof: resolve_array(&args[1], acir_gen, ctx, evaluator),
+                        public_inputs: resolve_array(&args[2], acir_gen, ctx, evaluator),
+                        key_hash: resolve_variable(&args[3], acir_gen, ctx, evaluator).unwrap(),
+                        input_aggregation_object,
+                        output_aggregation_object: outputs.to_vec(),
+                    }
+                }
                 _ => panic!("Unsupported low level function {:?}", op),
             };
             evaluator.opcodes.push(AcirOpcode::BlackBoxFuncCall(func_call));
@@ -280,6 +310,25 @@ fn prepare_outputs(
     outputs
 }
 
+fn prepare_outputs_no_count(
+    memory_map: &mut AcirMem,
+    pointer: NodeId,
+    ctx: &SsaContext,
+    evaluator: &mut Evaluator,
+) -> Vec<Witness> {
+    // Create fresh variables that will link to the output
+    let l_obj = ctx.try_get_node(pointer).unwrap();
+    if let node::ObjectType::ArrayPointer(a) = l_obj.get_type() {
+        let mem_array = &ctx.mem[a];
+        let output_nb = mem_array.len;
+        let outputs = vecmap(0..output_nb, |_| evaluator.add_witness_to_cs());
+        memory_map.map_array(a, &outputs, ctx);
+        outputs
+    } else {
+        vec![evaluator.add_witness_to_cs()]
+    }
+}
+
 fn evaluate_println(
     var_cache: &mut InternalVarCache,
     memory_map: &mut AcirMem,

diff --git a/crates/noirc_evaluator/src/ssa/builtin.rs b/crates/noirc_evaluator/src/ssa/builtin.rs
@@ -76,7 +76,8 @@ impl Opcode {
                     | BlackBoxFunc::Keccak256
                     | BlackBoxFunc::Blake2s
                     | BlackBoxFunc::Pedersen
-                    | BlackBoxFunc::FixedBaseScalarMul => BigUint::zero(),
+                    | BlackBoxFunc::FixedBaseScalarMul
+                    | BlackBoxFunc::RecursiveAggregation => BigUint::zero(),
                     // Verify returns zero or one
                     BlackBoxFunc::SchnorrVerify | BlackBoxFunc::EcdsaSecp256k1 => BigUint::one(),
                     BlackBoxFunc::HashToField128Security => ObjectType::native_field().max_size(),
@@ -107,6 +108,10 @@ impl Opcode {
                     }
                     BlackBoxFunc::Pedersen => (2, ObjectType::native_field()),
                     BlackBoxFunc::FixedBaseScalarMul => (2, ObjectType::native_field()),
+                    BlackBoxFunc::RecursiveAggregation => {
+                        let a = super::mem::Memory::deref(ctx, args[4]).unwrap();
+                        (ctx.mem[a].len, ctx.mem[a].element_type)
+                    }
                     BlackBoxFunc::RANGE | BlackBoxFunc::AND | BlackBoxFunc::XOR => {
                         unreachable!("ICE: these opcodes do not have Noir builtin functions")
                     }

diff --git a/crates/noirc_evaluator/src/ssa_refactor/acir_gen/acir_ir/generated_acir.rs b/crates/noirc_evaluator/src/ssa_refactor/acir_gen/acir_ir/generated_acir.rs
@@ -207,6 +207,10 @@ impl GeneratedAcir {
                 let var_message_size = inputs.pop().expect("ICE: Missing message_size arg");
                 BlackBoxFuncCall::Keccak256VariableLength { inputs, var_message_size, outputs }
             }
+            // TODO(#1570): Generate ACIR for recursive aggregation
+            BlackBoxFunc::RecursiveAggregation => {
+                panic!("ICE: Cannot generate ACIR for recursive aggregation")
+            }
         };
 
         self.opcodes.push(AcirOpcode::BlackBoxFuncCall(black_box_func_call));
@@ -635,6 +639,12 @@ fn black_box_func_expected_input_size(name: BlackBoxFunc) -> Option<usize> {
         // Inputs for fixed based scalar multiplication
         // is just a scalar
         BlackBoxFunc::FixedBaseScalarMul => Some(1),
+        // TODO(#1570): Generate ACIR for recursive aggregation
+        // RecursiveAggregation has variable inputs and we could return `None` here,
+        // but as it is not fully implemented we panic for now
+        BlackBoxFunc::RecursiveAggregation => {
+            panic!("ICE: Cannot generate ACIR for recursive aggregation")
+        }
     }
 }
 
@@ -659,6 +669,10 @@ fn black_box_expected_output_size(name: BlackBoxFunc) -> u32 {
         // Output of fixed based scalar mul over the embedded curve
         // will be 2 field elements representing the point.
         BlackBoxFunc::FixedBaseScalarMul => 2,
+        // TODO(#1570): Generate ACIR for recursive aggregation
+        BlackBoxFunc::RecursiveAggregation => {
+            panic!("ICE: Cannot generate ACIR for recursive aggregation")
+        }
     }
 }
 

diff --git a/flake.lock b/flake.lock
diff --git a/noir_stdlib/src/lib.nr b/noir_stdlib/src/lib.nr
@@ -15,3 +15,6 @@ mod compat;
 
 #[builtin(println)]
 fn println<T>(_input : T) {}
+
+#[foreign(recursive_aggregation)]
+fn verify_proof(_verification_key : [Field], _proof : [Field], _public_inputs : [Field], _key_hash : Field, _input_aggregation_object : [Field]) -> [Field] {}