mirror of https://github.com/zcash/mpc.git
Carry the constraint system through and compute QAP reduction whenever necessary.
This commit is contained in:
Sean Bowe
parent
a736e51e7f
commit
dc87adf7fc
|
|
@ -18,8 +18,8 @@ pub use self::g2::G2;
|
|||
extern "C" {
|
||||
fn libsnarkwrap_init();
|
||||
fn libsnarkwrap_pairing(p: *const G1, q: *const G2) -> Gt;
|
||||
fn libsnarkwrap_getqap(d: *mut libc::uint32_t, omega: *mut Fr) -> *mut libc::c_void;
|
||||
fn libsnarkwrap_dropqap(qap: *mut libc::c_void);
|
||||
fn libsnarkwrap_getcs(d: *mut libc::uint32_t, omega: *mut Fr) -> *mut libc::c_void;
|
||||
fn libsnarkwrap_dropcs(cs: *mut libc::c_void);
|
||||
fn libsnarkwrap_test_compare_tau(
|
||||
i: *const G1,
|
||||
tau: *const Fr,
|
||||
|
|
@ -41,29 +41,28 @@ pub fn initialize() {
|
|||
}
|
||||
}
|
||||
|
||||
pub struct QAP(*mut libc::c_void);
|
||||
pub struct CS(*mut libc::c_void);
|
||||
|
||||
impl Drop for QAP {
|
||||
impl Drop for CS {
|
||||
fn drop(&mut self) {
|
||||
unsafe { libsnarkwrap_dropqap(self.0) }
|
||||
unsafe { libsnarkwrap_dropcs(self.0) }
|
||||
}
|
||||
}
|
||||
|
||||
/// Get the QAP info for the generation routines
|
||||
pub fn getqap() -> (usize, Fr, QAP) {
|
||||
pub fn getqap() -> (usize, Fr, CS) {
|
||||
let mut d = 0;
|
||||
let mut o = Fr::zero();
|
||||
|
||||
let cs = unsafe { libsnarkwrap_getcs(&mut d, &mut o) };
|
||||
|
||||
let qap = unsafe { libsnarkwrap_getqap(&mut d, &mut o) };
|
||||
|
||||
(d as usize, o, QAP(qap))
|
||||
(d as usize, o, CS(cs))
|
||||
}
|
||||
|
||||
/// Check that the lagrange coefficients computed by tau over
|
||||
/// G1 equal the expected vector.
|
||||
pub fn compare_tau(v: &[G1], tau: &Fr, qap: &QAP) -> bool {
|
||||
unsafe { libsnarkwrap_test_compare_tau(&v[0], tau, v.len() as u32, qap.0) }
|
||||
pub fn compare_tau(v: &[G1], tau: &Fr, cs: &CS) -> bool {
|
||||
unsafe { libsnarkwrap_test_compare_tau(&v[0], tau, v.len() as u32, cs.0) }
|
||||
}
|
||||
|
||||
pub trait Pairing<Other: Group> {
|
||||
|
|
|
|||
|
|
@ -172,7 +172,7 @@ extern "C" curve_GT libsnarkwrap_pairing(const curve_G1 *p, const curve_G2 *q) {
|
|||
|
||||
// QAP
|
||||
|
||||
qap_instance<curve_Fr> get_qap()
|
||||
extern "C" void* libsnarkwrap_getcs(uint32_t *d, curve_Fr *omega)
|
||||
{
|
||||
// Generate a dummy circuit
|
||||
auto example = generate_r1cs_example_with_field_input<curve_Fr>(250, 4);
|
||||
|
|
@ -180,41 +180,38 @@ qap_instance<curve_Fr> get_qap()
|
|||
// A/B swap
|
||||
example.constraint_system.swap_AB_if_beneficial();
|
||||
|
||||
// QAP reduction
|
||||
auto qap = r1cs_to_qap_instance_map(example.constraint_system);
|
||||
{
|
||||
// QAP reduction
|
||||
auto qap = r1cs_to_qap_instance_map(example.constraint_system);
|
||||
|
||||
// Degree of the QAP must be a power of 2
|
||||
assert(qap.degree() == 256);
|
||||
// Degree of the QAP must be a power of 2
|
||||
assert(qap.degree() == 256);
|
||||
|
||||
// Assume radix2 evaluation domain
|
||||
*omega = std::static_pointer_cast<basic_radix2_domain<curve_Fr>>(qap.domain)->omega;
|
||||
|
||||
return qap;
|
||||
*d = qap.degree();
|
||||
}
|
||||
|
||||
return new r1cs_constraint_system<curve_Fr>(example.constraint_system);
|
||||
}
|
||||
|
||||
extern "C" void* libsnarkwrap_getqap(uint32_t *d, curve_Fr *omega)
|
||||
extern "C" void libsnarkwrap_dropcs(r1cs_constraint_system<curve_Fr> *cs)
|
||||
{
|
||||
auto qap = new qap_instance<curve_Fr>(get_qap());
|
||||
|
||||
// Assume radix2 evaluation domain
|
||||
*omega = std::static_pointer_cast<basic_radix2_domain<curve_Fr>>(qap->domain)->omega;
|
||||
*d = qap->degree();
|
||||
|
||||
return qap;
|
||||
}
|
||||
|
||||
extern "C" void libsnarkwrap_dropqap(qap_instance<curve_Fr> *qap)
|
||||
{
|
||||
delete qap;
|
||||
delete cs;
|
||||
}
|
||||
|
||||
extern "C" bool libsnarkwrap_test_compare_tau(
|
||||
const curve_G1 *inputs,
|
||||
const curve_Fr *tau,
|
||||
uint32_t d,
|
||||
const qap_instance<curve_Fr> *qap
|
||||
const r1cs_constraint_system<curve_Fr> *cs
|
||||
)
|
||||
{
|
||||
auto coeffs = qap->domain->lagrange_coeffs(*tau);
|
||||
auto qap = r1cs_to_qap_instance_map(*cs);
|
||||
auto coeffs = qap.domain->lagrange_coeffs(*tau);
|
||||
assert(coeffs.size() == d);
|
||||
assert(qap->degree() == d);
|
||||
assert(qap.degree() == d);
|
||||
|
||||
bool res = true;
|
||||
for (size_t i = 0; i < d; i++) {
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ mod test {
|
|||
initialize();
|
||||
|
||||
// Get the QAP degree and omega (for FFT evaluation)
|
||||
let (d, omega, qap) = getqap();
|
||||
let (d, omega, cs) = getqap();
|
||||
|
||||
// Sample a random tau
|
||||
let tau = Fr::random();
|
||||
|
|
@ -62,9 +62,9 @@ mod test {
|
|||
.collect::<Vec<_>>();
|
||||
|
||||
// Compare against libsnark
|
||||
assert!(compare_tau(&lc, &tau, &qap));
|
||||
assert!(compare_tau(&lc, &tau, &cs));
|
||||
|
||||
// Wrong tau
|
||||
assert!(!compare_tau(&lc, &Fr::random(), &qap));
|
||||
assert!(!compare_tau(&lc, &Fr::random(), &cs));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue