Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: (halo2) SNARK verifier #805

Merged
merged 34 commits into from
Dec 31, 2024
Merged

feat: (halo2) SNARK verifier #805

Show file tree
Hide file tree
Changes from 23 commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
3e17112
make msm implementation with blackbox
MonkeyKing-1 Oct 14, 2024
1b40540
feat: use msm_serial variant
MonkeyKing-1 Oct 26, 2024
d144b8b
merge main
MonkeyKing-1 Oct 26, 2024
d8b8dc7
feat: set up foundations
MonkeyKing-1 Oct 26, 2024
c4e9c74
wip
MonkeyKing-1 Oct 30, 2024
1ae540e
implement accumulation decider
MonkeyKing-1 Nov 7, 2024
c9c1060
finish merge
MonkeyKing-1 Nov 16, 2024
0072957
wip
MonkeyKing-1 Nov 22, 2024
56de8d2
Merge branch 'main' of github.com:axiom-crypto/afs-prototype into fea…
MonkeyKing-1 Nov 22, 2024
b6deb4a
Merge branch 'main' of github.com:axiom-crypto/afs-prototype into fea…
MonkeyKing-1 Nov 22, 2024
ac21521
wip
MonkeyKing-1 Nov 22, 2024
d04b66f
wip
MonkeyKing-1 Nov 22, 2024
5cbc31c
wip
MonkeyKing-1 Nov 27, 2024
fd0c003
Merge branch 'main' of github.com:axiom-crypto/afs-prototype into fea…
MonkeyKing-1 Nov 27, 2024
f2bcfa6
finish loader
MonkeyKing-1 Nov 27, 2024
1ac5f52
Merge branch 'main' of github.com:axiom-crypto/afs-prototype into fea…
MonkeyKing-1 Nov 27, 2024
1fc9852
finish decider
MonkeyKing-1 Dec 3, 2024
b4e1850
wip
MonkeyKing-1 Dec 4, 2024
2399232
finish transcript(?)
MonkeyKing-1 Dec 4, 2024
607fb1b
add files
MonkeyKing-1 Dec 4, 2024
dc64022
finish merge
MonkeyKing-1 Dec 18, 2024
d3d3d91
verifier code done
MonkeyKing-1 Dec 18, 2024
fda3859
rename and clean
MonkeyKing-1 Dec 18, 2024
8ea553e
fix halo2 verifier guest code (#1137)
lispc Dec 27, 2024
34bc588
add tests for verifier
MonkeyKing-1 Dec 30, 2024
7d385a0
rename and add files
MonkeyKing-1 Dec 31, 2024
140a10f
wip: make integration test
jonathanpwang Dec 31, 2024
372847b
Merge branch 'main' into feat/axvm-verifier
jonathanpwang Dec 31, 2024
7c129f2
chore: protect EcPoint constructor
jonathanpwang Dec 31, 2024
17cd247
feat: add integration test
jonathanpwang Dec 31, 2024
ea114f7
chore: remove unused
jonathanpwang Dec 31, 2024
a9c3333
Merge branch 'main' into feat/axvm-verifier
jonathanpwang Dec 31, 2024
b841983
chore: reorganize Cargo.toml
jonathanpwang Dec 31, 2024
36dcaa1
chore: lints
jonathanpwang Dec 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
247 changes: 174 additions & 73 deletions Cargo.lock
View file
Open in desktop

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ members = [
"extensions/pairing/transpiler",
"extensions/pairing/guest",
"extensions/rv32-adapters",
"extensions/verifier",
]
exclude = ["crates/sdk/example"]
resolver = "2"
Expand Down
4 changes: 4 additions & 0 deletions extensions/algebra/guest/src/field/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,10 @@ pub trait Field:

/// Square `self` in-place
fn square_assign(&mut self);

fn inverse(&self) -> Option<Self> {
Some(Self::ONE.div_unsafe(self))
}
}

/// Field extension trait. BaseField is the base field of the extension field.
Expand Down
7 changes: 7 additions & 0 deletions extensions/pairing/guest/src/halo2curves_shims/bn254/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,10 @@ impl AffineCoords<Fq2> for G2Affine {
self.x == Fq2::ZERO && self.y == Fq2::ZERO
}
}

#[cfg(target_os = "zkvm")]
use {
axvm_platform::constants::{Custom1Funct3, SwBaseFunct7, CUSTOM_1},
axvm_platform::custom_insn_r,
core::mem::MaybeUninit,
};
109 changes: 109 additions & 0 deletions extensions/pairing/guest/src/tests/ec_msm.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
use std::{ops::Mul, str::FromStr};

use ax_sdk::utils::create_seeded_rng;
use elliptic_curve::group::cofactor::CofactorCurveAffine;
use num_bigint_dig::BigUint;
use rand::Rng;
use snark_verifier_sdk::snark_verifier::{
halo2_base::{
halo2_proofs::halo2curves::{
msm::multiexp_serial,
secp256k1::{Fp, Fq, Secp256k1Affine},
},
utils::ScalarField,
},
util::arithmetic::CurveAffine,
};

use crate::ec_msm::msm_axvm;

pub fn get_base() -> Secp256k1Affine {
let base = (
BigUint::from_str(
"55066263022277343669578718895168534326250603453777594175500187360389116729240",
)
.unwrap(),
BigUint::from_str(
"32670510020758816978083085130507043184471273380659243275938904335757337482424",
)
.unwrap(),
);
Secp256k1Affine::from_xy(
Fp::from_bytes_le(&base.0.to_bytes_le()),
Fp::from_bytes_le(&base.1.to_bytes_le()),
)
.unwrap()
}

// pub fn base_line(g: Vec<Secp256k1Affine>, scalars: Vec<Fq>) -> Secp256k1Affine {
// let mut res = Secp256k1Affine::identity();
// for (g, s) in g.iter().zip(scalars.iter()) {
// res = (res + g.mul(*s)).into();
// }
// res
// }

#[test]
pub fn msm_simple_test() {
let base = get_base();
let a = Fq::from(101);
let b = Fq::from(102);
let one = Fq::from(1);
let base2 = base.mul(a).into();
let g = vec![base, base2];
let scalars = vec![b, one];
let res = msm_axvm(g, scalars);
assert_eq!(res, base.mul(a + b).into());
}

pub fn msm_rand_test(n: usize, disable_base_line: bool) {
let base = get_base();
let mut rng = create_seeded_rng();
let base_muls = (0..n)
.map(|_| Fq::from(rng.gen_range(0..100)))
.collect::<Vec<_>>();
let g = base_muls
.iter()
.map(|a| base.mul(*a).into())
.collect::<Vec<_>>();
let scalar_muls = (0..n)
.map(|_| Fq::from(rng.gen_range(0..100)))
.collect::<Vec<_>>();
let time = std::time::Instant::now();
let res = msm_axvm(g.clone(), scalar_muls.clone());
println!("MSM Time Taken: {:?}", time.elapsed());
let expected = if disable_base_line {
let scalar = base_muls
.iter()
.zip(scalar_muls.iter())
.map(|(a, b)| a.mul(b))
.fold(Fq::from(0), |acc, x| acc + x);
base.mul(scalar).into()
} else {
// let time = std::time::Instant::now();
// let expected = base_line(g, scalar_muls);
// println!("Base Line Time Taken: {:?}", time.elapsed());
// expected
let time = std::time::Instant::now();
let mut acc = Secp256k1Affine::identity().into();
multiexp_serial(&scalar_muls, &g, &mut acc);
println!("Base Line Time Taken: {:?}", time.elapsed());
acc.into()
};
assert_eq!(res, expected);
}

#[test]
pub fn msm_rand_test_10() {
msm_rand_test(10, false);
}

#[test]
pub fn msm_rand_test_1000() {
msm_rand_test(1000, false);
}

#[test]
pub fn msm_rand_test_10000() {
msm_rand_test(10000, false);
}
Loading