Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Circuit improvements #198

Merged

Conversation

enricobottazzi
Copy link
Member

@enricobottazzi enricobottazzi commented Nov 28, 2023

Subject of this PR:

On the last part there's still two missing things:

  • Enforcing that no overflow can happen inside the circuit, based on the chosen parameters N_BYTES and LEVELS on the smart contract level. (this is better described in the issue) cc: @alxkzmn
  • Update the benchmarks. For now the benchmarks are broken due to the new csv format. I opened an issue for that (Fix csv files folder for Benchmark #197). I think we can still go on and merge this PR and update the benchmarks later @sifnoc

@enricobottazzi enricobottazzi changed the base branch from master to v1-improvements-and-consolidation November 28, 2023 16:57
@enricobottazzi
Copy link
Member Author

  • @alxkzmn to add possibility of recording the generic parameters of the [MstInclusionCircuit](https://github.com/summa-dev/summa-solvency/blob/master/zk_prover/src/circuits/merkle_sum_tree.rs#L29) on the Summa contract.
  • @enricobottazzi to create a script to verify that the combination circuit + generic parameters + trusted setup leads to the same smart contract

@enricobottazzi
Copy link
Member Author

@alxkzmn thanks for sorting this out! I think that the value that you hardcoded for the merkle tree levels is not correct.

These are the parameters that we are using for building the verifier (https://github.com/summa-dev/summa-solvency/blob/circuit-improvement-enrico/zk_prover/examples/gen_inclusion_verifier.rs).

Can you update them, adding N_ASSETS as well and add in the comments a link to the script that we use to generate such verifier contract

@enricobottazzi enricobottazzi marked this pull request as ready for review November 30, 2023 08:55
@@ -20,7 +20,7 @@ pub struct MerkleSumTreeConfig {
/// Chip that performs various constraints related to a Merkle Sum Tree data structure such as:
///
/// * `s * swap_bit * (1 - swap_bit) = 0` (if `bool_and_swap_selector` is toggled). It basically enforces that swap_bit is either a 0 or 1.
/// * `s * (swap_bit * 2 * (elelment_r_cur - elelment_l_cur) - (elelment_l_next - elelment_l_cur) - (elelment_r_cur - elelment_r_next)) = 0`. Enforces that if the swap_bit is equal to 1, the values will be swapped on the next row (if `bool_and_swap_selector` is toggled).
/// * `s * (swap_bit * 2 * (element_r_cur - element_l_cur) - (element_l_next - element_l_cur) - (element_r_cur - element_r_next)) = 0`. Enforces that if the swap_bit is equal to 1, the values will be swapped on the next row (if `bool_and_swap_selector` is toggled).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The description is outdated

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed!

Copy link
Member

@sifnoc sifnoc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! but I left small thing what i found.

@@ -30,4 +30,24 @@ pub trait CircuitBase {
|mut region| region.assign_advice(|| "value", advice_col, 0, || Value::known(value)),
)
}

/// /// Loads the lookup table with values from `0` to `2^8 - 1`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duplicated ///


/// /// Loads the lookup table with values from `0` to `2^8 - 1`
fn load(&self, layouter: &mut impl Layouter<Fp>, column: Column<Fixed>) -> Result<(), Error> {
let range = 1 << (8);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

May not need parentheses for 8

@enricobottazzi
Copy link
Member Author

Thanks @sifnoc, applied changes

@@ -30,4 +30,24 @@ pub trait CircuitBase {
|mut region| region.assign_advice(|| "value", advice_col, 0, || Value::known(value)),
)
}

/// Loads the lookup table with values from `0` to `2^8 - 1`
fn load(&self, layouter: &mut impl Layouter<Fp>, column: Column<Fixed>) -> Result<(), Error> {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Technically this is not a problem, but this method is very specific to the implementation of our MST. It makes CircuitBase not a common trait anymore but a specific API for this case, so either naming and description don't correspond to the function anymore, or the method should be inside the MST circuit implementation.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess the trait is a leftover from the time when we had two circuits

@enricobottazzi enricobottazzi merged commit 0ce4a0d into v1-improvements-and-consolidation Dec 1, 2023
5 checks passed
@enricobottazzi enricobottazzi deleted the circuit-improvement-enrico branch December 1, 2023 09:15
@enricobottazzi enricobottazzi mentioned this pull request Dec 1, 2023
alxkzmn added a commit to alxkzmn/summa-solvency that referenced this pull request Dec 5, 2023
* chore: apply clippy fixes

* fix: audit comment 1 - Lookup table lives outside of `RangeCheckChip`

* fix: audit comment 2 - `swap_constraint`

* feat: optimize number of balances to be range checked

* chore: update `InclusionVerifier` contract

* chore: comment

* Record circuit config parameters in the contract

* Fix contract deployment parameters

* Fix typo

* chore: rename to `assetsCount`

* chore: update backend

* chore: fix comments

* chore: minor changes

---------

Co-authored-by: Alex Kuzmin <[email protected]>
alxkzmn added a commit to alxkzmn/summa-solvency that referenced this pull request Dec 5, 2023
* chore: apply clippy fixes

* fix: audit comment 1 - Lookup table lives outside of `RangeCheckChip`

* fix: audit comment 2 - `swap_constraint`

* feat: optimize number of balances to be range checked

* chore: update `InclusionVerifier` contract

* chore: comment

* Record circuit config parameters in the contract

* Fix contract deployment parameters

* Fix typo

* chore: rename to `assetsCount`

* chore: update backend

* chore: fix comments

* chore: minor changes

---------

Co-authored-by: Alex Kuzmin <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Apply Circuit Audit Fixeing ZK Proof of Inclusion Efficiency improvement
3 participants