From d59bb53c074de6489637c19e05a7aa0e7520b1a9 Mon Sep 17 00:00:00 2001 From: Bartosz Nowak Date: Wed, 21 Aug 2024 00:57:26 -0400 Subject: [PATCH 1/3] cairo1 program hash fix --- src/air/public_input.cairo | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/air/public_input.cairo b/src/air/public_input.cairo index b89b475b9..036867916 100644 --- a/src/air/public_input.cairo +++ b/src/air/public_input.cairo @@ -175,7 +175,7 @@ fn verify_cairo1_public_input(public_input: @PublicInput) -> (felt252, felt252) // 1. Program segment assert(initial_pc == INITIAL_PC, 'Invalid initial_pc'); let program = memory - .extract_range_unchecked(initial_pc.try_into().unwrap(), memory.len() - output_len); + .extract_range_unchecked(0, memory.len() - output_len); let program_hash = poseidon_hash_span(program); // 2. Output segment From 3ce554845d89233bcde25c717da6dc30a049f1c6 Mon Sep 17 00:00:00 2001 From: Bartosz Nowak Date: Wed, 21 Aug 2024 21:50:22 -0400 Subject: [PATCH 2/3] fmt --- src/air/public_input.cairo | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/air/public_input.cairo b/src/air/public_input.cairo index 036867916..0c9ef0fe4 100644 --- a/src/air/public_input.cairo +++ b/src/air/public_input.cairo @@ -174,8 +174,7 @@ fn verify_cairo1_public_input(public_input: @PublicInput) -> (felt252, felt252) // 1. Program segment assert(initial_pc == INITIAL_PC, 'Invalid initial_pc'); - let program = memory - .extract_range_unchecked(0, memory.len() - output_len); + let program = memory.extract_range_unchecked(0, memory.len() - output_len); let program_hash = poseidon_hash_span(program); // 2. Output segment From af5cf7913ec5f2d0809e11eed55840c2b78fd18e Mon Sep 17 00:00:00 2001 From: Filip Krawczyk <71193923+fmkra@users.noreply.github.com> Date: Thu, 29 Aug 2024 10:02:08 +0200 Subject: [PATCH 3/3] Optimizations (#136) * Use divrem in rotr functions * Sigma calculation optimization * Use felts where possible * Inline rotr functions * Fmt * Fix comment break * Revert to scarb 2.6.3 * Fmt * Fmt * public input hash test * cairo0_example_proof_blake2s * Fix public input test * Fmt * ducking formatting * I gonna loose my mind --------- Co-authored-by: Bartosz Nowak --- src/air/layouts/dex/public_input.cairo | 2 +- src/air/layouts/recursive/public_input.cairo | 2 +- .../public_input.cairo | 2 +- src/air/layouts/small/public_input.cairo | 2 +- src/air/layouts/starknet/public_input.cairo | 2 +- .../starknet_with_keccak/public_input.cairo | 2 +- src/air/public_input.cairo | 7 +- src/air/public_memory.cairo | 2 +- src/common/blake2s.cairo | 252 ++++++++++++++---- src/common/blake2s_u8.cairo | 248 +++++++++++++---- src/common/tests/test_blake2s.cairo | 2 +- .../tests/test_proof_of_work.cairo | 2 +- src/stark/tests/test_stark_commit.cairo | 6 +- src/stark/tests/test_stark_proof_verify.cairo | 4 +- src/stark/tests/test_stark_verify.cairo | 2 +- .../test_table_commitment_decommit.cairo | 2 +- 16 files changed, 407 insertions(+), 132 deletions(-) diff --git a/src/air/layouts/dex/public_input.cairo b/src/air/layouts/dex/public_input.cairo index 616ab8437..772fe53e9 100644 --- a/src/air/layouts/dex/public_input.cairo +++ b/src/air/layouts/dex/public_input.cairo @@ -97,7 +97,7 @@ impl DexPublicInputImpl of PublicInputTrait { ref memory_index ); - // 3. Output segment + // 3. Output segment let output_len = output_stop - output_start; let output = memory .extract_range( diff --git a/src/air/layouts/recursive/public_input.cairo b/src/air/layouts/recursive/public_input.cairo index ab73b9456..5a997cf31 100644 --- a/src/air/layouts/recursive/public_input.cairo +++ b/src/air/layouts/recursive/public_input.cairo @@ -97,7 +97,7 @@ impl RecursivePublicInputImpl of PublicInputTrait { ref memory_index ); - // 3. Output segment + // 3. Output segment let output_len = output_stop - output_start; let output = memory .extract_range( diff --git a/src/air/layouts/recursive_with_poseidon/public_input.cairo b/src/air/layouts/recursive_with_poseidon/public_input.cairo index 7f53bfa84..b33b8879a 100644 --- a/src/air/layouts/recursive_with_poseidon/public_input.cairo +++ b/src/air/layouts/recursive_with_poseidon/public_input.cairo @@ -98,7 +98,7 @@ impl RecursiveWithPoseidonPublicInputImpl of PublicInputTrait { ref memory_index ); - // 3. Output segment + // 3. Output segment let output_len = output_stop - output_start; let output = memory .extract_range( diff --git a/src/air/layouts/small/public_input.cairo b/src/air/layouts/small/public_input.cairo index 06dba89e7..677536c87 100644 --- a/src/air/layouts/small/public_input.cairo +++ b/src/air/layouts/small/public_input.cairo @@ -97,7 +97,7 @@ impl SmallPublicInputImpl of PublicInputTrait { ref memory_index ); - // 3. Output segment + // 3. Output segment let output_len = output_stop - output_start; let output = memory .extract_range( diff --git a/src/air/layouts/starknet/public_input.cairo b/src/air/layouts/starknet/public_input.cairo index edfb424ec..a82997643 100644 --- a/src/air/layouts/starknet/public_input.cairo +++ b/src/air/layouts/starknet/public_input.cairo @@ -98,7 +98,7 @@ impl StarknetPublicInputImpl of PublicInputTrait { ref memory_index ); - // 3. Output segment + // 3. Output segment let output_len = output_stop - output_start; let output = memory .extract_range( diff --git a/src/air/layouts/starknet_with_keccak/public_input.cairo b/src/air/layouts/starknet_with_keccak/public_input.cairo index 9b477ddeb..0a730575e 100644 --- a/src/air/layouts/starknet_with_keccak/public_input.cairo +++ b/src/air/layouts/starknet_with_keccak/public_input.cairo @@ -98,7 +98,7 @@ impl StarknetWithKeccakPublicInputImpl of PublicInputTrait { ref memory_index ); - // 3. Output segment + // 3. Output segment let output_len = output_stop - output_start; let output = memory .extract_range( diff --git a/src/air/public_input.cairo b/src/air/public_input.cairo index 0c9ef0fe4..10c7f9beb 100644 --- a/src/air/public_input.cairo +++ b/src/air/public_input.cairo @@ -177,17 +177,17 @@ fn verify_cairo1_public_input(public_input: @PublicInput) -> (felt252, felt252) let program = memory.extract_range_unchecked(0, memory.len() - output_len); let program_hash = poseidon_hash_span(program); - // 2. Output segment + // 2. Output segment let output = memory.extract_range_unchecked(memory.len() - output_len, output_len); let output_hash = poseidon_hash_span(output); (program_hash, output_hash) } +// === RECURSIVE BEGIN === #[cfg(test)] mod tests { use super::get_public_input_hash; use cairo_verifier::tests::stone_proof_fibonacci_keccak::public_input::get; - // test data from cairo0-verifier run on stone-prover generated proof #[test] #[available_gas(9999999999)] fn test_get_public_input_hash() { @@ -199,3 +199,6 @@ mod tests { ) } } +// === RECURSIVE END === + + diff --git a/src/air/public_memory.cairo b/src/air/public_memory.cairo index af58c1e28..55f3a2427 100644 --- a/src/air/public_memory.cairo +++ b/src/air/public_memory.cairo @@ -56,7 +56,7 @@ impl PageImpl of PageTrait { let current = *self.at(offset); - // TODO is this needed? If not we can just use slice directly + // TODO is this needed? If not we can just use slice directly assert(current.address == (addr + i).into(), 'Invalid address'); arr.append(current.value); i += 1; diff --git a/src/common/blake2s.cairo b/src/common/blake2s.cairo index d4174f236..063e40f09 100644 --- a/src/common/blake2s.cairo +++ b/src/common/blake2s.cairo @@ -18,52 +18,28 @@ fn truncated_blake2s(data: Array) -> felt252 { // internals: -fn load32(p0: u8, p1: u8, p2: u8, p3: u8) -> u32 { - let mut x: u32 = p3.into(); - x = x * 256 + p2.into(); - x = x * 256 + p1.into(); - x = x * 256 + p0.into(); - x -} - -fn get_sigma(r: u32) -> Array { - if r == 0 { - array![0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15] - } else if r == 1 { - array![14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3] - } else if r == 2 { - array![11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4] - } else if r == 3 { - array![7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8] - } else if r == 4 { - array![9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13] - } else if r == 5 { - array![2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9] - } else if r == 6 { - array![12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11] - } else if r == 7 { - array![13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10] - } else if r == 8 { - array![6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5] - } else { // r == 9 - array![10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0] - } -} - +#[inline(always)] fn rotr16(n: u32) -> u32 { - n / 65536 + (n % 65536) * 65536 + let (high, low) = DivRem::div_rem(n, 65536); + TryInto::::try_into(high.into() + low.into() * 65536).unwrap() } +#[inline(always)] fn rotr12(n: u32) -> u32 { - n / 4096 + (n % 4096) * 1048576 + let (high, low) = DivRem::div_rem(n, 4096); + TryInto::::try_into(high.into() + low.into() * 1048576).unwrap() } +#[inline(always)] fn rotr8(n: u32) -> u32 { - n / 256 + (n % 256) * 16777216 + let (high, low) = DivRem::div_rem(n, 256); + TryInto::::try_into(high.into() + low.into() * 16777216).unwrap() } +#[inline(always)] fn rotr7(n: u32) -> u32 { - n / 128 + (n % 128) * 33554432 + let (high, low) = DivRem::div_rem(n, 128); + TryInto::::try_into(high.into() + low.into() * 33554432).unwrap() } #[derive(Drop, Clone)] @@ -113,98 +89,256 @@ fn blake2s_compress(mut s: blake2s_state, m: Array) -> blake2s_state { let mut v15: u32 = 0x5BE0CD19; // f1 is always 0 let m_span = m.span(); + let mut sigma = array![ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 14, + 10, + 4, + 8, + 9, + 15, + 13, + 6, + 1, + 12, + 0, + 2, + 11, + 7, + 5, + 3, + 11, + 8, + 12, + 0, + 5, + 2, + 15, + 13, + 10, + 14, + 3, + 6, + 7, + 1, + 9, + 4, + 7, + 9, + 3, + 1, + 13, + 12, + 11, + 14, + 2, + 6, + 5, + 10, + 4, + 0, + 15, + 8, + 9, + 0, + 5, + 7, + 2, + 4, + 10, + 15, + 14, + 1, + 11, + 12, + 6, + 8, + 3, + 13, + 2, + 12, + 6, + 10, + 0, + 11, + 8, + 3, + 4, + 13, + 7, + 5, + 15, + 14, + 1, + 9, + 12, + 5, + 1, + 15, + 14, + 13, + 4, + 10, + 0, + 7, + 6, + 3, + 9, + 2, + 8, + 11, + 13, + 11, + 7, + 14, + 12, + 1, + 3, + 9, + 5, + 0, + 15, + 4, + 8, + 6, + 2, + 10, + 6, + 15, + 14, + 9, + 11, + 3, + 0, + 8, + 12, + 2, + 13, + 7, + 1, + 4, + 10, + 5, + 10, + 2, + 8, + 4, + 7, + 6, + 1, + 5, + 15, + 11, + 9, + 14, + 3, + 12, + 13, + 0, + ] + .span(); - let mut r = 0; loop { - if r == 10 { + if sigma.is_empty() { break; } - let sigma = get_sigma(r); - // ROUND function begin // 0 - 0,4,8,12 - v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma[0])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr16(v12 ^ v0); v8 = u32_wrapping_add(v8, v12); v4 = rotr12(v4 ^ v8); - v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma[1])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr8(v12 ^ v0); v8 = u32_wrapping_add(v8, v12); v4 = rotr7(v4 ^ v8); // 1 - 1,5,9,13 - v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma[2])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr16(v13 ^ v1); v9 = u32_wrapping_add(v9, v13); v5 = rotr12(v5 ^ v9); - v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma[3])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr8(v13 ^ v1); v9 = u32_wrapping_add(v9, v13); v5 = rotr7(v5 ^ v9); // 2 - 2,6,10,14 - v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma[4])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr16(v14 ^ v2); v10 = u32_wrapping_add(v10, v14); v6 = rotr12(v6 ^ v10); - v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma[5])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr8(v14 ^ v2); v10 = u32_wrapping_add(v10, v14); v6 = rotr7(v6 ^ v10); // 3 - 3,7,11,15 - v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma[6])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr16(v15 ^ v3); v11 = u32_wrapping_add(v11, v15); v7 = rotr12(v7 ^ v11); - v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma[7])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr8(v15 ^ v3); v11 = u32_wrapping_add(v11, v15); v7 = rotr7(v7 ^ v11); // 4 - 0,5,10,15 - v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma[8])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr16(v15 ^ v0); v10 = u32_wrapping_add(v10, v15); v5 = rotr12(v5 ^ v10); - v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma[9])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr8(v15 ^ v0); v10 = u32_wrapping_add(v10, v15); v5 = rotr7(v5 ^ v10); // 5 - 1,6,11,12 - v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma[10])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr16(v12 ^ v1); v11 = u32_wrapping_add(v11, v12); v6 = rotr12(v6 ^ v11); - v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma[11])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr8(v12 ^ v1); v11 = u32_wrapping_add(v11, v12); v6 = rotr7(v6 ^ v11); // 6 - 2,7,8,13 - v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma[12])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr16(v13 ^ v2); v8 = u32_wrapping_add(v8, v13); v7 = rotr12(v7 ^ v8); - v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma[13])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr8(v13 ^ v2); v8 = u32_wrapping_add(v8, v13); v7 = rotr7(v7 ^ v8); // 7 - 3,4,9,14 - v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma[14])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr16(v14 ^ v3); v9 = u32_wrapping_add(v9, v14); v4 = rotr12(v4 ^ v9); - v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma[15])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr8(v14 ^ v3); v9 = u32_wrapping_add(v9, v14); v4 = rotr7(v4 ^ v9); - - r += 1; }; let mut new_h = ArrayTrait::new(); @@ -324,7 +458,7 @@ fn blake2s_update(mut s: blake2s_state, in: Array) -> blake2s_state { fn blake2s_final(mut s: blake2s_state) -> u256 { assert(s.f0 == 0, 'blake2s_is_lastblock'); - // blake2s_increment_counter + // blake2s_increment_counter s.t0 = u32_wrapping_add(s.t0, s.buflen * 4); if s.t0 < s.buflen { s.t1 = u32_wrapping_add(s.t1, 1); diff --git a/src/common/blake2s_u8.cairo b/src/common/blake2s_u8.cairo index 71be4cf98..57fb8c31d 100644 --- a/src/common/blake2s_u8.cairo +++ b/src/common/blake2s_u8.cairo @@ -20,53 +20,34 @@ fn truncated_blake2s(data: Array) -> felt252 { // internals: fn load32(p0: u8, p1: u8, p2: u8, p3: u8) -> u32 { - let mut x: u32 = p3.into(); + let mut x: felt252 = p3.into(); x = x * 256 + p2.into(); x = x * 256 + p1.into(); x = x * 256 + p0.into(); - x -} - -fn get_sigma(r: u32) -> Array { - if r == 0 { - array![0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15] - } else if r == 1 { - array![14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3] - } else if r == 2 { - array![11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4] - } else if r == 3 { - array![7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8] - } else if r == 4 { - array![9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13] - } else if r == 5 { - array![2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9] - } else if r == 6 { - array![12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11] - } else if r == 7 { - array![13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10] - } else if r == 8 { - array![6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5] - } else { // r == 9 - array![10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0] - } + x.try_into().unwrap() } fn rotr16(n: u32) -> u32 { - n / 65536 + (n % 65536) * 65536 + let (high, low) = DivRem::div_rem(n, 65536); + TryInto::::try_into(high.into() + low.into() * 65536).unwrap() } fn rotr12(n: u32) -> u32 { - n / 4096 + (n % 4096) * 1048576 + let (high, low) = DivRem::div_rem(n, 4096); + TryInto::::try_into(high.into() + low.into() * 1048576).unwrap() } fn rotr8(n: u32) -> u32 { - n / 256 + (n % 256) * 16777216 + let (high, low) = DivRem::div_rem(n, 256); + TryInto::::try_into(high.into() + low.into() * 16777216).unwrap() } fn rotr7(n: u32) -> u32 { - n / 128 + (n % 128) * 33554432 + let (high, low) = DivRem::div_rem(n, 128); + TryInto::::try_into(high.into() + low.into() * 33554432).unwrap() } + #[derive(Drop, Clone)] struct blake2s_state { h: Array, // length: 8 @@ -125,100 +106,257 @@ fn blake2s_compress(mut s: blake2s_state, in: Array) -> blake2s_state { let mut v15: u32 = 0x5BE0CD19; // f1 is always 0 let m_span = m.span(); + let mut sigma = array![ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 14, + 10, + 4, + 8, + 9, + 15, + 13, + 6, + 1, + 12, + 0, + 2, + 11, + 7, + 5, + 3, + 11, + 8, + 12, + 0, + 5, + 2, + 15, + 13, + 10, + 14, + 3, + 6, + 7, + 1, + 9, + 4, + 7, + 9, + 3, + 1, + 13, + 12, + 11, + 14, + 2, + 6, + 5, + 10, + 4, + 0, + 15, + 8, + 9, + 0, + 5, + 7, + 2, + 4, + 10, + 15, + 14, + 1, + 11, + 12, + 6, + 8, + 3, + 13, + 2, + 12, + 6, + 10, + 0, + 11, + 8, + 3, + 4, + 13, + 7, + 5, + 15, + 14, + 1, + 9, + 12, + 5, + 1, + 15, + 14, + 13, + 4, + 10, + 0, + 7, + 6, + 3, + 9, + 2, + 8, + 11, + 13, + 11, + 7, + 14, + 12, + 1, + 3, + 9, + 5, + 0, + 15, + 4, + 8, + 6, + 2, + 10, + 6, + 15, + 14, + 9, + 11, + 3, + 0, + 8, + 12, + 2, + 13, + 7, + 1, + 4, + 10, + 5, + 10, + 2, + 8, + 4, + 7, + 6, + 1, + 5, + 15, + 11, + 9, + 14, + 3, + 12, + 13, + 0, + ] + .span(); - let mut r = 0; loop { - if r == 10 { + if sigma.is_empty() { break; } - let sigma = get_sigma(r); - // ROUND function begin // 0 - 0,4,8,12 - v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma[0])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr16(v12 ^ v0); v8 = u32_wrapping_add(v8, v12); v4 = rotr12(v4 ^ v8); - v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma[1])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v4), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr8(v12 ^ v0); v8 = u32_wrapping_add(v8, v12); v4 = rotr7(v4 ^ v8); // 1 - 1,5,9,13 - v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma[2])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr16(v13 ^ v1); v9 = u32_wrapping_add(v9, v13); v5 = rotr12(v5 ^ v9); - v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma[3])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v5), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr8(v13 ^ v1); v9 = u32_wrapping_add(v9, v13); v5 = rotr7(v5 ^ v9); // 2 - 2,6,10,14 - v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma[4])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr16(v14 ^ v2); v10 = u32_wrapping_add(v10, v14); v6 = rotr12(v6 ^ v10); - v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma[5])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v6), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr8(v14 ^ v2); v10 = u32_wrapping_add(v10, v14); v6 = rotr7(v6 ^ v10); // 3 - 3,7,11,15 - v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma[6])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr16(v15 ^ v3); v11 = u32_wrapping_add(v11, v15); v7 = rotr12(v7 ^ v11); - v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma[7])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v7), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr8(v15 ^ v3); v11 = u32_wrapping_add(v11, v15); v7 = rotr7(v7 ^ v11); // 4 - 0,5,10,15 - v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma[8])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr16(v15 ^ v0); v10 = u32_wrapping_add(v10, v15); v5 = rotr12(v5 ^ v10); - v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma[9])); + v0 = u32_wrapping_add(u32_wrapping_add(v0, v5), *m_span.at(*sigma.pop_front().unwrap())); v15 = rotr8(v15 ^ v0); v10 = u32_wrapping_add(v10, v15); v5 = rotr7(v5 ^ v10); // 5 - 1,6,11,12 - v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma[10])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr16(v12 ^ v1); v11 = u32_wrapping_add(v11, v12); v6 = rotr12(v6 ^ v11); - v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma[11])); + v1 = u32_wrapping_add(u32_wrapping_add(v1, v6), *m_span.at(*sigma.pop_front().unwrap())); v12 = rotr8(v12 ^ v1); v11 = u32_wrapping_add(v11, v12); v6 = rotr7(v6 ^ v11); // 6 - 2,7,8,13 - v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma[12])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr16(v13 ^ v2); v8 = u32_wrapping_add(v8, v13); v7 = rotr12(v7 ^ v8); - v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma[13])); + v2 = u32_wrapping_add(u32_wrapping_add(v2, v7), *m_span.at(*sigma.pop_front().unwrap())); v13 = rotr8(v13 ^ v2); v8 = u32_wrapping_add(v8, v13); v7 = rotr7(v7 ^ v8); // 7 - 3,4,9,14 - v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma[14])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr16(v14 ^ v3); v9 = u32_wrapping_add(v9, v14); v4 = rotr12(v4 ^ v9); - v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma[15])); + v3 = u32_wrapping_add(u32_wrapping_add(v3, v4), *m_span.at(*sigma.pop_front().unwrap())); v14 = rotr8(v14 ^ v3); v9 = u32_wrapping_add(v9, v14); v4 = rotr7(v4 ^ v9); - - // ROUND function end - - r += 1; + // ROUND function end }; let mut new_h = ArrayTrait::new(); @@ -338,7 +476,7 @@ fn blake2s_update(mut s: blake2s_state, in: Array) -> blake2s_state { fn blake2s_final(mut s: blake2s_state) -> u256 { assert(s.f0 == 0, 'blake2s_is_lastblock'); - // blake2s_increment_counter + // blake2s_increment_counter s.t0 = u32_wrapping_add(s.t0, s.buflen); if s.t0 < s.buflen { s.t1 = u32_wrapping_add(s.t1, 1); diff --git a/src/common/tests/test_blake2s.cairo b/src/common/tests/test_blake2s.cairo index 84f51f4ab..18f9cbac6 100644 --- a/src/common/tests/test_blake2s.cairo +++ b/src/common/tests/test_blake2s.cairo @@ -1,5 +1,5 @@ use cairo_verifier::common::{ - array_append::ArrayAppendTrait, blake2s::{blake2s, truncated_blake2s, load32} + array_append::ArrayAppendTrait, blake2s::{blake2s, truncated_blake2s}, blake2s_u8::load32, }; fn get_arr_v1(n: u32) -> Array { diff --git a/src/proof_of_work/tests/test_proof_of_work.cairo b/src/proof_of_work/tests/test_proof_of_work.cairo index 809f5009a..e2b6dd6de 100644 --- a/src/proof_of_work/tests/test_proof_of_work.cairo +++ b/src/proof_of_work/tests/test_proof_of_work.cairo @@ -9,7 +9,7 @@ use cairo_verifier::proof_of_work::proof_of_work::verify_proof_of_work; // let n_bits: u8 = 20; // verify_proof_of_work(digest, n_bits, nonce); // } -// +// // #[test] // #[should_panic] // #[available_gas(9999999999)] diff --git a/src/stark/tests/test_stark_commit.cairo b/src/stark/tests/test_stark_commit.cairo index 620694c6a..c4949bfd0 100644 --- a/src/stark/tests/test_stark_commit.cairo +++ b/src/stark/tests/test_stark_commit.cairo @@ -10,19 +10,19 @@ use cairo_verifier::{ // let mut channel = ChannelTrait::new_with_counter( // 0xaf91f2c71f4a594b1575d258ce82464475c82d8fb244142d0db450491c1b52, 0x0 // ); -// +// // let public_input = stone_proof_fibonacci::public_input::get(); // let unsent_commitment = stone_proof_fibonacci::stark::unsent_commitment::get(); // let config = stone_proof_fibonacci::stark::config::get(); // let stark_domains = stone_proof_fibonacci::stark::domains::get(); -// +// // assert( // stark_commit( // ref channel, @public_input, @unsent_commitment, @config, @stark_domains // ) == stone_proof_fibonacci::stark::commitment::get(), // 'Invalid value' // ); -// +// // assert( // channel.digest == 0x9c769c7e0797cf043b06b980072a798b141f2bc41b14e85ad93ba178b13de7, // 'Invalid value' diff --git a/src/stark/tests/test_stark_proof_verify.cairo b/src/stark/tests/test_stark_proof_verify.cairo index 03b492b63..6bae399a7 100644 --- a/src/stark/tests/test_stark_proof_verify.cairo +++ b/src/stark/tests/test_stark_proof_verify.cairo @@ -8,14 +8,14 @@ use cairo_verifier::{ // #[available_gas(99999999999)] // fn test_stark_proof_fibonacci_verify() { // let security_bits: felt252 = 50; -// +// // let stark_proof = StarkProof { // config: stone_proof_fibonacci::stark::config::get(), // public_input: stone_proof_fibonacci::public_input::get(), // unsent_commitment: stone_proof_fibonacci::stark::unsent_commitment::get(), // witness: stone_proof_fibonacci::stark::witness::get(), // }; -// +// // stark_proof.verify(security_bits); // } // === BLAKE2S END === diff --git a/src/stark/tests/test_stark_verify.cairo b/src/stark/tests/test_stark_verify.cairo index 79ed05e3e..a8136800c 100644 --- a/src/stark/tests/test_stark_verify.cairo +++ b/src/stark/tests/test_stark_verify.cairo @@ -12,7 +12,7 @@ use cairo_verifier::{ // let commitment = stone_proof_fibonacci::stark::commitment::get(); // let witness = stone_proof_fibonacci::stark::witness::get(); // let stark_domains = stone_proof_fibonacci::stark::domains::get(); -// +// // stark_verify( // NUM_COLUMNS_FIRST, NUM_COLUMNS_SECOND, queries, commitment, witness, stark_domains, // ) diff --git a/src/table_commitment/tests/test_table_commitment_decommit.cairo b/src/table_commitment/tests/test_table_commitment_decommit.cairo index 6fecdb096..5b845691c 100644 --- a/src/table_commitment/tests/test_table_commitment_decommit.cairo +++ b/src/table_commitment/tests/test_table_commitment_decommit.cairo @@ -17,7 +17,7 @@ use cairo_verifier::{ // let queries = stone_proof_fibonacci::queries::get().span(); // let decommitment = stone_proof_fibonacci::traces::decommitment::get().original; // let witness = stone_proof_fibonacci::traces::witness::get().original; -// +// // table_decommit(commitment, queries, decommitment, witness); // } // === BLAKE2S END ===