diff --git a/barretenberg/cpp/src/CMakeLists.txt b/barretenberg/cpp/src/CMakeLists.txt index e50a20398ae5..94cef6e7947c 100644 --- a/barretenberg/cpp/src/CMakeLists.txt +++ b/barretenberg/cpp/src/CMakeLists.txt @@ -49,6 +49,7 @@ else() endif() add_subdirectory(barretenberg/bb) +add_subdirectory(barretenberg/circuit_checker) add_subdirectory(barretenberg/client_ivc) add_subdirectory(barretenberg/commitment_schemes) add_subdirectory(barretenberg/common) diff --git a/barretenberg/cpp/src/barretenberg/circuit_checker/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/circuit_checker/CMakeLists.txt new file mode 100644 index 000000000000..ae05d215dd79 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/circuit_checker/CMakeLists.txt @@ -0,0 +1 @@ +barretenberg_module(circuit_checker proof_system flavor) \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/circuit_checker/circuit_checker.cpp b/barretenberg/cpp/src/barretenberg/circuit_checker/circuit_checker.cpp new file mode 100644 index 000000000000..80998301f506 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/circuit_checker/circuit_checker.cpp @@ -0,0 +1,190 @@ +#include "circuit_checker.hpp" +#include "barretenberg/flavor/goblin_ultra.hpp" +#include +#include + +namespace bb { + +template <> auto CircuitChecker::init_empty_values>>() +{ + return UltraFlavor::AllValues{}; +} + +template <> auto CircuitChecker::init_empty_values>() +{ + return GoblinUltraFlavor::AllValues{}; +} + +template bool CircuitChecker::check(const Builder& builder_in) +{ + // Create a copy of the input circuit and finalize it + Builder builder{ builder_in }; + builder.finalize_circuit(); + + // Construct a hash table for lookup table entries to efficiently determine if a lookup gate is valid + LookupHashTable lookup_hash_table; + for (const auto& table : builder.lookup_tables) { + const FF table_index(table.table_index); + for (size_t i = 0; i < table.size; ++i) { + lookup_hash_table.insert({ table.column_1[i], table.column_2[i], table.column_3[i], table_index }); + } + } + + // Instantiate structs used for checking tag and memory record correctness + TagCheckData tag_data; + MemoryCheckData memory_data{ builder }; + + // Initialize empty AllValues of the correct Flavor based on Builder type; for input to Relation::accumulate + auto values = init_empty_values(); + Params params; + params.eta = memory_data.eta; // used in Auxiliary relation for RAM/ROM consistency + + // TODO(https://github.com/AztecProtocol/barretenberg/issues/867): Once we sort gates into their respective blocks + // we'll need to either naively run this on all blocks or run only the relevant checks on each block. + auto& block = builder.blocks.main; + + // Perform checks on each gate defined in the builder + bool result = true; + for (size_t idx = 0; idx < block.size(); ++idx) { + populate_values(builder, block, values, tag_data, memory_data, idx); + + result = result && check_relation(values, params); + result = result && check_relation(values, params); + result = result && check_relation(values, params); + result = result && check_relation(values, params); + result = result && check_lookup(values, lookup_hash_table); + if constexpr (IsGoblinBuilder) { + result = result && check_relation(values, params); + result = result && check_relation(values, params); + } + } + + // Tag check is only expected to pass after all gates have been processed + result = result && check_tag_data(tag_data); + + return result; +}; + +template bool CircuitChecker::check_relation(auto& values, auto& params) +{ + // Define zero initialized array to store the evaluation of each sub-relation + using SubrelationEvaluations = typename Relation::SumcheckArrayOfValuesOverSubrelations; + SubrelationEvaluations subrelation_evaluations; + for (auto& eval : subrelation_evaluations) { + eval = 0; + } + + // Evaluate each subrelation in the relation + Relation::accumulate(subrelation_evaluations, values, params, /*scaling_factor=*/1); + + // Ensure each subrelation evaluates to zero + for (auto& eval : subrelation_evaluations) { + if (eval != 0) { + return false; + } + } + return true; +} + +bool CircuitChecker::check_lookup(auto& values, auto& lookup_hash_table) +{ + // If this is a lookup gate, check the inputs are in the hash table containing all table entries + if (!values.q_lookup.is_zero()) { + return lookup_hash_table.contains({ values.w_l + values.q_r * values.w_l_shift, + values.w_r + values.q_m * values.w_r_shift, + values.w_o + values.q_c * values.w_o_shift, + values.q_o }); + } + return true; +}; + +bool CircuitChecker::check_tag_data(const TagCheckData& tag_data) +{ + return tag_data.left_product == tag_data.right_product; +}; + +template +void CircuitChecker::populate_values( + Builder& builder, auto& block, auto& values, TagCheckData& tag_data, MemoryCheckData& memory_data, size_t idx) +{ + // Function to quickly update tag products and encountered variable set by index and value + auto update_tag_check_data = [&](const size_t variable_index, const FF& value) { + size_t real_index = builder.real_variable_index[variable_index]; + // Check to ensure that we are not including a variable twice + if (tag_data.encountered_variables.contains(real_index)) { + return; + } + uint32_t tag_in = builder.real_variable_tags[real_index]; + if (tag_in != DUMMY_TAG) { + uint32_t tag_out = builder.tau.at(tag_in); + tag_data.left_product *= value + tag_data.gamma * FF(tag_in); + tag_data.right_product *= value + tag_data.gamma * FF(tag_out); + tag_data.encountered_variables.insert(real_index); + } + }; + + // A lambda function for computing a memory record term of the form w3 * eta^3 + w2 * eta^2 + w1 * eta + auto compute_memory_record_term = [](const FF& w_1, const FF& w_2, const FF& w_3, const FF& eta) { + return ((w_3 * eta + w_2) * eta + w_1) * eta; + }; + + // Set wire values. Wire 4 is treated specially since it may contain memory records + values.w_l = builder.get_variable(block.w_l()[idx]); + values.w_r = builder.get_variable(block.w_r()[idx]); + values.w_o = builder.get_variable(block.w_o()[idx]); + if (memory_data.read_record_gates.contains(idx)) { + values.w_4 = compute_memory_record_term(values.w_l, values.w_r, values.w_o, memory_data.eta); + } else if (memory_data.write_record_gates.contains(idx)) { + values.w_4 = compute_memory_record_term(values.w_l, values.w_r, values.w_o, memory_data.eta) + FF::one(); + } else { + values.w_4 = builder.get_variable(block.w_4()[idx]); + } + + // Set shifted wire values. Again, wire 4 is treated specially. On final row, set shift values to zero + values.w_l_shift = idx < block.size() - 1 ? builder.get_variable(block.w_l()[idx + 1]) : 0; + values.w_r_shift = idx < block.size() - 1 ? builder.get_variable(block.w_r()[idx + 1]) : 0; + values.w_o_shift = idx < block.size() - 1 ? builder.get_variable(block.w_o()[idx + 1]) : 0; + if (memory_data.read_record_gates.contains(idx + 1)) { + values.w_4_shift = + compute_memory_record_term(values.w_l_shift, values.w_r_shift, values.w_o_shift, memory_data.eta); + } else if (memory_data.write_record_gates.contains(idx + 1)) { + values.w_4_shift = + compute_memory_record_term(values.w_l_shift, values.w_r_shift, values.w_o_shift, memory_data.eta) + + FF::one(); + } else { + values.w_4_shift = idx < block.size() - 1 ? builder.get_variable(block.w_4()[idx + 1]) : 0; + } + + // Update tag check data + update_tag_check_data(block.w_l()[idx], values.w_l); + update_tag_check_data(block.w_r()[idx], values.w_r); + update_tag_check_data(block.w_o()[idx], values.w_o); + update_tag_check_data(block.w_4()[idx], values.w_4); + + // Set selector values + values.q_m = block.q_m()[idx]; + values.q_c = block.q_c()[idx]; + values.q_l = block.q_1()[idx]; + values.q_r = block.q_2()[idx]; + values.q_o = block.q_3()[idx]; + values.q_4 = block.q_4()[idx]; + values.q_arith = block.q_arith()[idx]; + values.q_sort = block.q_sort()[idx]; + values.q_elliptic = block.q_elliptic()[idx]; + values.q_aux = block.q_aux()[idx]; + values.q_lookup = block.q_lookup_type()[idx]; + if constexpr (IsGoblinBuilder) { + values.q_poseidon2_internal = block.q_poseidon2_internal()[idx]; + values.q_poseidon2_external = block.q_poseidon2_external()[idx]; + } +} + +// Template method instantiations for each check method +// template bool CircuitChecker::check(const StandardCircuitBuilder_& builder); +// template bool CircuitChecker::check(const StandardCircuitBuilder_& builder); +template bool CircuitChecker::check>>( + const UltraCircuitBuilder_>& builder_in); +template bool CircuitChecker::check>( + const GoblinUltraCircuitBuilder_& builder_in); + +} // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/circuit_checker/circuit_checker.hpp b/barretenberg/cpp/src/barretenberg/circuit_checker/circuit_checker.hpp new file mode 100644 index 000000000000..27e13bdd37a5 --- /dev/null +++ b/barretenberg/cpp/src/barretenberg/circuit_checker/circuit_checker.hpp @@ -0,0 +1,169 @@ +#pragma once +#include "barretenberg/flavor/ultra.hpp" +#include "barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp" +#include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" +#include "barretenberg/relations/auxiliary_relation.hpp" +#include "barretenberg/relations/ecc_op_queue_relation.hpp" +#include "barretenberg/relations/elliptic_relation.hpp" +#include "barretenberg/relations/gen_perm_sort_relation.hpp" +#include "barretenberg/relations/poseidon2_external_relation.hpp" +#include "barretenberg/relations/poseidon2_internal_relation.hpp" +#include "barretenberg/relations/relation_parameters.hpp" +#include "barretenberg/relations/ultra_arithmetic_relation.hpp" + +#include + +namespace bb { + +class CircuitChecker { + public: + using FF = bb::fr; + using Arithmetic = UltraArithmeticRelation; + using Elliptic = EllipticRelation; + using Auxiliary = AuxiliaryRelation; + using GenPermSort = GenPermSortRelation; + using PoseidonExternal = Poseidon2ExternalRelation; + using PoseidonInternal = Poseidon2InternalRelation; + using Params = RelationParameters; + + /** + * @brief Check the correctness of a circuit witness + * @details Ensures that all relations for a given arithmetization are satisfied by the witness for each gate in the + * circuit. + * @note: This method does not check the permutation relation since this fundamentally depends on grand product + * polynomials created by the prover. The lookup relation is also not checked for the same reason, however, we do + * check the correctness of lookup gates by simply ensuring that the inputs to those gates are present in the lookup + * tables attached to the circuit. + * + * @tparam Builder + * @param builder + */ + template static bool check(const Builder& builder); + + /** + * @brief Specialized circuit checker for the Standard builder + * + * @tparam FF Allows for use with scalar field for bn254 or grumpkin + * @param builder + */ + template static bool check(const StandardCircuitBuilder_& builder) + { + const auto& block = builder.blocks.arithmetic; + for (size_t i = 0; i < builder.num_gates; i++) { + FF left = builder.get_variable(block.w_l()[i]); + FF right = builder.get_variable(block.w_r()[i]); + FF output = builder.get_variable(block.w_o()[i]); + FF gate_sum = block.q_m()[i] * left * right + block.q_1()[i] * left + block.q_2()[i] * right + + block.q_3()[i] * output + block.q_c()[i]; + if (!gate_sum.is_zero()) { + info("gate number", i); + return false; + } + } + return true; + } + + private: + struct TagCheckData; + struct MemoryCheckData; + + /** + * @brief Check that a given relation is satisfied for the provided inputs corresponding to a single row + * @note Assumes the relation constraints should evaluate to zero on each row and thus does not apply to linearly + * dependent relations like the log derivative lookup argument. + * + * @tparam Relation + * @param values Values of the relation inputs at a single row + * @param params + */ + template static bool check_relation(auto& values, auto& params); + + /** + * @brief Check whether the values in a lookup gate are contained within a corresponding hash table + * + * @param values Inputs to a lookup gate + * @param lookup_hash_table Preconstructed hash table representing entries of all tables in circuit + */ + static bool check_lookup(auto& values, auto& lookup_hash_table); + + /** + * @brief Check whether the left and right running tag products are equal + * @note By construction, this is in general only true after the last gate has been processed + * + * @param tag_data + */ + static bool check_tag_data(const TagCheckData& tag_data); + + /** + * @brief Helper for initializing an empty AllValues container of the right Flavor based on Builder + * @details We construct a Flavor::AllValues object from each row of circuit data so that we can use the Relations + * to check correctness. UltraFlavor is used for the Ultra builder and GoblinUltraFlavor is used for the GoblinUltra + * builder + * + * @tparam Builder + */ + template static auto init_empty_values(); + + /** + * @brief Populate the values required to check the correctness of a single "row" of the circuit + * @details Populates all wire values (plus shifts) and selectors. Updates running tag product information. + * Populates 4th wire with memory records (as needed). + * + * @tparam Builder + * @param builder + * @param values + * @param tag_data + * @param idx + */ + template + static void populate_values( + Builder& builder, auto& block, auto& values, TagCheckData& tag_data, MemoryCheckData& memory_data, size_t idx); + + /** + * @brief Struct for managing the running tag product data for ensuring tag correctness + */ + struct TagCheckData { + FF left_product = FF::one(); // product of (value + γ ⋅ tag) + FF right_product = FF::one(); // product of (value + γ ⋅ tau[tag]) + const FF gamma = FF::random_element(); // randomness for the tag check + + // We need to include each variable only once + std::unordered_set encountered_variables; + }; + + /** + * @brief Struct for managing memory record data for ensuring RAM/ROM correctness + */ + struct MemoryCheckData { + FF eta = FF::random_element(); // randomness for constructing wire 4 mem records + + std::unordered_set read_record_gates; // row indices for gates containing RAM/ROM read mem record + std::unordered_set write_record_gates; // row indices for gates containing RAM/ROM write mem record + // Construct hash tables for memory read/write indices to efficiently determine if row is a memory record + MemoryCheckData(const auto& builder) + { + for (const auto& gate_idx : builder.memory_read_records) { + read_record_gates.insert(gate_idx); + } + for (const auto& gate_idx : builder.memory_write_records) { + write_record_gates.insert(gate_idx); + } + } + }; + + // Define a hash table for efficiently checking if lookups are present in the set of tables used by the circuit + using Key = std::array; // key value is the four wire inputs for a lookup gates + struct HashFunction { + const FF mult_const = FF(uint256_t(0x1337, 0x1336, 0x1335, 0x1334)); + const FF mc_sqr = mult_const.sqr(); + const FF mc_cube = mult_const * mc_sqr; + + size_t operator()(const Key& entry) const + { + FF result = entry[0] + mult_const * entry[1] + mc_sqr * entry[2] + mc_cube * entry[3]; + return static_cast(result.reduce_once().data[0]); + } + }; + using LookupHashTable = std::unordered_set; +}; +} // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.test.cpp b/barretenberg/cpp/src/barretenberg/circuit_checker/goblin_ultra_circuit_builder.test.cpp similarity index 94% rename from barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.test.cpp rename to barretenberg/cpp/src/barretenberg/circuit_checker/goblin_ultra_circuit_builder.test.cpp index 0c8db203f1df..5608b828bcbe 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.test.cpp +++ b/barretenberg/cpp/src/barretenberg/circuit_checker/goblin_ultra_circuit_builder.test.cpp @@ -1,4 +1,5 @@ -#include "goblin_ultra_circuit_builder.hpp" +#include "barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include using namespace bb; @@ -39,13 +40,13 @@ TEST(GoblinUltraCircuitBuilder, CopyConstructor) circuit_constructor.queue_ecc_mul_accum(P2, z); circuit_constructor.queue_ecc_eq(); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); GoblinUltraCircuitBuilder duplicate_circuit_constructor{ circuit_constructor }; EXPECT_EQ(duplicate_circuit_constructor, circuit_constructor); - EXPECT_TRUE(duplicate_circuit_constructor.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(duplicate_circuit_constructor)); } TEST(GoblinUltraCircuitBuilder, BaseCase) @@ -53,7 +54,7 @@ TEST(GoblinUltraCircuitBuilder, BaseCase) GoblinUltraCircuitBuilder circuit_constructor = GoblinUltraCircuitBuilder(); fr a = fr::one(); circuit_constructor.add_public_variable(a); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.test.cpp b/barretenberg/cpp/src/barretenberg/circuit_checker/standard_circuit_builder.test.cpp similarity index 96% rename from barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.test.cpp rename to barretenberg/cpp/src/barretenberg/circuit_checker/standard_circuit_builder.test.cpp index aec2887e552b..a2ee0e3b2f60 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.test.cpp +++ b/barretenberg/cpp/src/barretenberg/circuit_checker/standard_circuit_builder.test.cpp @@ -1,4 +1,5 @@ -#include "standard_circuit_builder.hpp" +#include "barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/crypto/generators/generator_data.hpp" #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" #include @@ -15,7 +16,7 @@ TEST(standard_circuit_constructor, base_case) fr a = fr::one(); circuit_constructor.add_public_variable(a); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -61,7 +62,7 @@ TEST(standard_circuit_constructor, grumpkin_base_case) grumpkin::fr::neg_one(), grumpkin::fr::zero() }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -114,7 +115,7 @@ TEST(standard_circuit_constructor, test_add_gate) circuit_constructor.create_add_gate({ a_idx, b_idx, c_idx, fr::one(), fr::one(), fr::neg_one(), fr::zero() }); circuit_constructor.create_add_gate({ a_idx, b_idx, c_idx, fr::one(), fr::one(), fr::neg_one(), fr::zero() }); - bool result = circuit_constructor.check_circuit(); // instance, prover.reference_string.SRS_T2); + bool result = CircuitChecker::check(circuit_constructor); // instance, prover.reference_string.SRS_T2); EXPECT_EQ(result, true); } @@ -187,7 +188,7 @@ TEST(standard_circuit_constructor, test_mul_gate_proofs) circuit_constructor.create_add_gate({ a_idx, b_idx, c_idx, q[0], q[1], q[2], q[3] }); circuit_constructor.create_mul_gate({ a_idx, b_idx, d_idx, q[4], q[5], q[6] }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -225,7 +226,7 @@ TEST(standard_circuit_constructor, range_constraint) circuit_constructor.create_big_add_gate( { zero_idx, zero_idx, zero_idx, one_idx, fr::one(), fr::one(), fr::one(), fr::one(), fr::neg_one() }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -239,7 +240,7 @@ TEST(standard_circuit_constructor, range_constraint_fail) circuit_constructor.decompose_into_base4_accumulators(witness_index, 23); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } @@ -307,7 +308,7 @@ TEST(standard_circuit_constructor, and_constraint) circuit_constructor.create_big_add_gate( { zero_idx, zero_idx, zero_idx, one_idx, fr::one(), fr::one(), fr::one(), fr::one(), fr::neg_one() }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -374,7 +375,7 @@ TEST(standard_circuit_constructor, xor_constraint) circuit_constructor.create_big_add_gate( { zero_idx, zero_idx, zero_idx, one_idx, fr::one(), fr::one(), fr::one(), fr::one(), fr::neg_one() }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -411,7 +412,7 @@ TEST(standard_circuit_constructor, big_add_gate_with_bit_extract) generate_constraints(2); generate_constraints(3); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -421,7 +422,7 @@ TEST(standard_circuit_constructor, test_range_constraint_fail) uint32_t witness_index = circuit_constructor.add_variable(fr::neg_one()); circuit_constructor.decompose_into_base4_accumulators(witness_index, 32); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } @@ -442,7 +443,7 @@ TEST(standard_circuit_constructor, test_check_circuit_correct) circuit_constructor.create_add_gate({ d_idx, c_idx, a_idx, fr::one(), fr::neg_one(), fr::neg_one(), fr::zero() }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -462,6 +463,6 @@ TEST(standard_circuit_constructor, test_check_circuit_broken) circuit_constructor.create_add_gate({ d_idx, c_idx, a_idx, fr::one(), fr::neg_one(), fr::neg_one(), fr::zero() }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.test.cpp b/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_builder.test.cpp similarity index 89% rename from barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.test.cpp rename to barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_builder.test.cpp index 5c219d8236fa..57516e1bdf9f 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.test.cpp +++ b/barretenberg/cpp/src/barretenberg/circuit_checker/ultra_circuit_builder.test.cpp @@ -1,4 +1,5 @@ -#include "ultra_circuit_builder.hpp" +#include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" #include @@ -30,13 +31,13 @@ TEST(ultra_circuit_constructor, copy_constructor) } } - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); UltraCircuitBuilder duplicate_circuit_constructor{ circuit_constructor }; EXPECT_EQ(duplicate_circuit_constructor.get_num_gates(), circuit_constructor.get_num_gates()); - EXPECT_TRUE(duplicate_circuit_constructor.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(duplicate_circuit_constructor)); } TEST(ultra_circuit_constructor, create_gates_from_plookup_accumulators) @@ -97,12 +98,8 @@ TEST(ultra_circuit_constructor, create_gates_from_plookup_accumulators) } } - UltraCircuitBuilder circuit_copy{ circuit_builder }; - bool result = circuit_builder.check_circuit(); - + bool result = CircuitChecker::check(circuit_builder); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_builder); } TEST(ultra_circuit_constructor, base_case) @@ -110,7 +107,7 @@ TEST(ultra_circuit_constructor, base_case) UltraCircuitBuilder circuit_constructor = UltraCircuitBuilder(); fr a = fr::one(); circuit_constructor.add_public_variable(a); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } TEST(ultra_circuit_constructor, test_no_lookup_proof) @@ -132,7 +129,7 @@ TEST(ultra_circuit_constructor, test_no_lookup_proof) } } - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -156,16 +153,12 @@ TEST(ultra_circuit_constructor, test_elliptic_gate) circuit_constructor.create_ecc_add_gate({ x1, y1, x2, y2, x3, y3, 1 }); - UltraCircuitBuilder circuit_copy{ circuit_constructor }; - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_constructor); circuit_constructor.create_ecc_add_gate({ x1 + 1, y1, x2, y2, x3, y3, 1 }); - EXPECT_EQ(circuit_constructor.check_circuit(), false); + EXPECT_EQ(CircuitChecker::check(circuit_constructor), false); } TEST(ultra_circuit_constructor, test_elliptic_double_gate) @@ -184,12 +177,8 @@ TEST(ultra_circuit_constructor, test_elliptic_double_gate) circuit_constructor.create_ecc_dbl_gate({ x1, y1, x3, y3 }); - UltraCircuitBuilder circuit_copy{ circuit_constructor }; - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_constructor); } TEST(ultra_circuit_constructor, non_trivial_tag_permutation) @@ -216,16 +205,12 @@ TEST(ultra_circuit_constructor, non_trivial_tag_permutation) circuit_constructor.assign_tag(c_idx, 2); circuit_constructor.assign_tag(d_idx, 2); - UltraCircuitBuilder circuit_copy{ circuit_constructor }; - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_constructor); // Break the tag circuit_constructor.real_variable_tags[circuit_constructor.real_variable_index[a_idx]] = 2; - EXPECT_EQ(circuit_constructor.check_circuit(), false); + EXPECT_EQ(CircuitChecker::check(circuit_constructor), false); } TEST(ultra_circuit_constructor, non_trivial_tag_permutation_and_cycles) @@ -262,16 +247,12 @@ TEST(ultra_circuit_constructor, non_trivial_tag_permutation_and_cycles) circuit_constructor.create_add_gate( { e_idx, f_idx, circuit_constructor.zero_idx, fr::one(), -fr::one(), fr::zero(), fr::zero() }); - UltraCircuitBuilder circuit_copy{ circuit_constructor }; - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_constructor); // Break the tag circuit_constructor.real_variable_tags[circuit_constructor.real_variable_index[a_idx]] = 2; - EXPECT_EQ(circuit_constructor.check_circuit(), false); + EXPECT_EQ(CircuitChecker::check(circuit_constructor), false); } TEST(ultra_circuit_constructor, bad_tag_permutation) { @@ -287,12 +268,8 @@ TEST(ultra_circuit_constructor, bad_tag_permutation) circuit_constructor.create_add_gate({ a_idx, b_idx, circuit_constructor.zero_idx, 1, 1, 0, 0 }); circuit_constructor.create_add_gate({ c_idx, d_idx, circuit_constructor.zero_idx, 1, 1, 0, -1 }); - UltraCircuitBuilder circuit_copy{ circuit_constructor }; - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_constructor); circuit_constructor.create_tag(1, 2); circuit_constructor.create_tag(2, 1); @@ -302,7 +279,7 @@ TEST(ultra_circuit_constructor, bad_tag_permutation) circuit_constructor.assign_tag(c_idx, 2); circuit_constructor.assign_tag(d_idx, 2); - result = circuit_constructor.check_circuit(); + result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } @@ -320,8 +297,7 @@ TEST(ultra_circuit_constructor, sort_widget) auto d_idx = circuit_constructor.add_variable(d); circuit_constructor.create_sort_constraint({ a_idx, b_idx, c_idx, d_idx }); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -356,8 +332,7 @@ TEST(ultra_circuit_constructor, sort_with_edges_gate) auto h_idx = circuit_constructor.add_variable(h); circuit_constructor.create_sort_constraint_with_edges( { a_idx, b_idx, c_idx, d_idx, e_idx, f_idx, g_idx, h_idx }, a, h); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -374,8 +349,7 @@ TEST(ultra_circuit_constructor, sort_with_edges_gate) circuit_constructor.create_sort_constraint_with_edges( { a_idx, b_idx, c_idx, d_idx, e_idx, f_idx, g_idx, h_idx }, a, g); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } { @@ -391,8 +365,7 @@ TEST(ultra_circuit_constructor, sort_with_edges_gate) circuit_constructor.create_sort_constraint_with_edges( { a_idx, b_idx, c_idx, d_idx, e_idx, f_idx, g_idx, h_idx }, b, h); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } { @@ -407,8 +380,7 @@ TEST(ultra_circuit_constructor, sort_with_edges_gate) auto b2_idx = circuit_constructor.add_variable(fr(15)); circuit_constructor.create_sort_constraint_with_edges( { a_idx, b2_idx, c_idx, d_idx, e_idx, f_idx, g_idx, h_idx }, b, h); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } { @@ -416,8 +388,7 @@ TEST(ultra_circuit_constructor, sort_with_edges_gate) auto idx = add_variables(circuit_constructor, { 1, 2, 5, 6, 7, 10, 11, 13, 16, 17, 20, 22, 22, 25, 26, 29, 29, 32, 32, 33, 35, 38, 39, 39, 42, 42, 43, 45 }); circuit_constructor.create_sort_constraint_with_edges(idx, 1, 45); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } { @@ -426,8 +397,7 @@ TEST(ultra_circuit_constructor, sort_with_edges_gate) 26, 29, 29, 32, 32, 33, 35, 38, 39, 39, 42, 42, 43, 45 }); circuit_constructor.create_sort_constraint_with_edges(idx, 1, 29); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } } @@ -442,8 +412,7 @@ TEST(ultra_circuit_constructor, range_constraint) } // auto ind = {a_idx,b_idx,c_idx,d_idx,e_idx,f_idx,g_idx,h_idx}; circuit_constructor.create_sort_constraint(indices); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } { @@ -454,8 +423,7 @@ TEST(ultra_circuit_constructor, range_constraint) } // auto ind = {a_idx,b_idx,c_idx,d_idx,e_idx,f_idx,g_idx,h_idx}; circuit_constructor.create_dummy_constraints(indices); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } { @@ -465,8 +433,7 @@ TEST(ultra_circuit_constructor, range_constraint) circuit_constructor.create_new_range_constraint(indices[i], 8); } circuit_constructor.create_sort_constraint(indices); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } { @@ -477,8 +444,7 @@ TEST(ultra_circuit_constructor, range_constraint) circuit_constructor.create_new_range_constraint(indices[i], 128); } circuit_constructor.create_dummy_constraints(indices); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } { @@ -489,8 +455,7 @@ TEST(ultra_circuit_constructor, range_constraint) circuit_constructor.create_new_range_constraint(indices[i], 79); } circuit_constructor.create_dummy_constraints(indices); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } { @@ -501,8 +466,7 @@ TEST(ultra_circuit_constructor, range_constraint) circuit_constructor.create_new_range_constraint(indices[i], 79); } circuit_constructor.create_dummy_constraints(indices); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } } @@ -523,8 +487,7 @@ TEST(ultra_circuit_constructor, range_with_gates) { idx[4], idx[5], circuit_constructor.zero_idx, fr::one(), fr::one(), fr::zero(), -11 }); circuit_constructor.create_add_gate( { idx[6], idx[7], circuit_constructor.zero_idx, fr::one(), fr::one(), fr::zero(), -15 }); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -544,8 +507,7 @@ TEST(ultra_circuit_constructor, range_with_gates_where_range_is_not_a_power_of_t { idx[4], idx[5], circuit_constructor.zero_idx, fr::one(), fr::one(), fr::zero(), -11 }); circuit_constructor.create_add_gate( { idx[6], idx[7], circuit_constructor.zero_idx, fr::one(), fr::one(), fr::zero(), -15 }); - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -560,7 +522,7 @@ TEST(ultra_circuit_constructor, sort_widget_complex) ind.emplace_back(circuit_constructor.add_variable(a[i])); circuit_constructor.create_sort_constraint(ind); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } { @@ -572,7 +534,7 @@ TEST(ultra_circuit_constructor, sort_widget_complex) ind.emplace_back(circuit_constructor.add_variable(a[i])); circuit_constructor.create_sort_constraint(ind); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } } @@ -590,7 +552,7 @@ TEST(ultra_circuit_constructor, sort_widget_neg) auto d_idx = circuit_constructor.add_variable(d); circuit_constructor.create_sort_constraint({ a_idx, b_idx, c_idx, d_idx }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, false); } @@ -605,7 +567,7 @@ TEST(ultra_circuit_constructor, composed_range_constraint) { a_idx, circuit_constructor.zero_idx, circuit_constructor.zero_idx, 1, 0, 0, -fr(e) }); circuit_constructor.decompose_into_default_range(a_idx, 134); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -661,13 +623,8 @@ TEST(ultra_circuit_constructor, non_native_field_multiplication) const auto [lo_1_idx, hi_1_idx] = circuit_constructor.evaluate_non_native_field_multiplication(inputs); circuit_constructor.range_constrain_two_limbs(lo_1_idx, hi_1_idx, 70, 70); - UltraCircuitBuilder circuit_copy{ circuit_constructor }; - - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_constructor); } TEST(ultra_circuit_constructor, rom) @@ -708,7 +665,7 @@ TEST(ultra_circuit_constructor, rom) 0, }); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -743,7 +700,7 @@ TEST(ultra_circuit_constructor, ram_simple) builder.get_variable(ram_value_idx), }); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } TEST(ultra_circuit_constructor, ram) @@ -807,19 +764,14 @@ TEST(ultra_circuit_constructor, ram) }, false); - UltraCircuitBuilder circuit_copy{ circuit_constructor }; - bool result = circuit_constructor.check_circuit(); - + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); - // Ensure that check_circuit did not alter the circuit - EXPECT_EQ(circuit_copy, circuit_constructor); - // Test the builder copy constructor for a circuit with RAM gates UltraCircuitBuilder duplicate_circuit_constructor{ circuit_constructor }; EXPECT_EQ(duplicate_circuit_constructor.get_num_gates(), circuit_constructor.get_num_gates()); - EXPECT_TRUE(duplicate_circuit_constructor.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(duplicate_circuit_constructor)); } TEST(ultra_circuit_constructor, range_checks_on_duplicates) @@ -853,7 +805,7 @@ TEST(ultra_circuit_constructor, range_checks_on_duplicates) 0, }, false); - bool result = circuit_constructor.check_circuit(); + bool result = CircuitChecker::check(circuit_constructor); EXPECT_EQ(result, true); } @@ -871,26 +823,26 @@ TEST(ultra_circuit_constructor, check_circuit_showcase) { b, b, circuit_constructor.zero_idx, fr(1), -fr(0xdead) - fr(0xbeef), 0, 0, fr(0xdead) * fr(0xbeef) }); // We can check if this works - EXPECT_EQ(circuit_constructor.check_circuit(), true); + EXPECT_EQ(CircuitChecker::check(circuit_constructor), true); // Now let's create a range constraint for b circuit_constructor.create_new_range_constraint(b, 0xbeef); // We can check if this works - EXPECT_EQ(circuit_constructor.check_circuit(), true); + EXPECT_EQ(CircuitChecker::check(circuit_constructor), true); // But what if we now assert b to be equal to a? circuit_constructor.assert_equal(a, b, "Oh no"); // It fails, because a is 0xdead and it can't fit in the range constraint - EXPECT_EQ(circuit_constructor.check_circuit(), false); + EXPECT_EQ(CircuitChecker::check(circuit_constructor), false); // But if we force them both back to be 0xbeef... uint32_t c = circuit_constructor.add_variable(0xbeef); circuit_constructor.assert_equal(c, b); // The circuit will magically pass again - EXPECT_EQ(circuit_constructor.check_circuit(), true); + EXPECT_EQ(CircuitChecker::check(circuit_constructor), true); } } // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/common/fuzzer.hpp b/barretenberg/cpp/src/barretenberg/common/fuzzer.hpp index 9ffa30975f04..563f711ddba0 100644 --- a/barretenberg/cpp/src/barretenberg/common/fuzzer.hpp +++ b/barretenberg/cpp/src/barretenberg/common/fuzzer.hpp @@ -1,4 +1,5 @@ #pragma once +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/uint256/uint256.hpp" #include "barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp" #include @@ -157,7 +158,7 @@ concept ArithmeticFuzzHelperConstraint = requires { template concept CheckableComposer = requires(T a) { { - a.check_circuit() + CircuitChecker::check(a) } -> std::same_as; }; @@ -642,7 +643,7 @@ class ArithmeticFuzzHelper { } #endif } - bool check_result = composer.check_circuit() && final_value_check; + bool check_result = bb::CircuitChecker::check(composer) && final_value_check; // If the circuit is correct, but it should fail, abort if (check_result && circuit_should_fail) { abort(); diff --git a/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/CMakeLists.txt index 2c48323594be..2e8050d0747c 100644 --- a/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/CMakeLists.txt @@ -1 +1 @@ -barretenberg_module(crypto_merkle_tree stdlib_primitives stdlib_blake3s stdlib_pedersen_hash) +barretenberg_module(crypto_merkle_tree stdlib_primitives stdlib_blake3s stdlib_pedersen_hash circuit_checker) diff --git a/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/membership.test.cpp b/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/membership.test.cpp index 3975c4abccd7..a42df6d712be 100644 --- a/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/membership.test.cpp +++ b/barretenberg/cpp/src/barretenberg/crypto/merkle_tree/membership.test.cpp @@ -5,6 +5,7 @@ #include "memory_tree.hpp" #include "merkle_tree.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" using namespace bb; @@ -43,7 +44,7 @@ TEST(crypto_merkle_tree, test_check_membership) printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(is_member.get_value(), true); EXPECT_EQ(is_member_.get_value(), true); EXPECT_EQ(result, true); @@ -71,7 +72,7 @@ TEST(crypto_merkle_tree, test_batch_update_membership) batch_update_membership(new_root, old_root, old_hash_path_1, values, start_idx); batch_update_membership(new_root, old_root, old_hash_path_2, values, start_idx); printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -88,7 +89,7 @@ TEST(crypto_merkle_tree, test_assert_check_membership) printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -106,7 +107,7 @@ TEST(crypto_merkle_tree, test_assert_check_membership_fail) printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } // To test whether both old hash path and new hash path works for the same Merkle tree @@ -133,7 +134,7 @@ TEST(crypto_merkle_tree, test_update_members) printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } { @@ -157,7 +158,7 @@ TEST(crypto_merkle_tree, test_update_members) printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } } @@ -180,7 +181,7 @@ TEST(crypto_merkle_tree, test_tree) printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -243,6 +244,6 @@ TEST(crypto_merkle_tree, test_update_memberships) update_memberships(old_root_ct, new_roots_ct, new_values_ct, old_values_ct, old_hash_paths_ct, old_indices_ct); printf("num gates = %zu\n", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } diff --git a/barretenberg/cpp/src/barretenberg/dsl/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/dsl/CMakeLists.txt index e93015bdc777..b4f856598912 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/dsl/CMakeLists.txt @@ -10,4 +10,5 @@ barretenberg_module( crypto_merkle_tree stdlib_schnorr crypto_sha256 + circuit_checker ) diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/bigint_constraint.test.cpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/bigint_constraint.test.cpp index 8527d395110c..02cd777e5bcf 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/bigint_constraint.test.cpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/bigint_constraint.test.cpp @@ -1,5 +1,6 @@ #include "bigint_constraint.hpp" #include "acir_format.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/uint256/uint256.hpp" #include "barretenberg/plonk/proof_system/types/proof.hpp" #include "barretenberg/plonk/proof_system/verification_key/verification_key.hpp" @@ -205,7 +206,7 @@ TEST_F(BigIntTests, TestBigIntConstraintMultiple) auto composer = Composer(); auto prover = composer.create_ultra_with_keccak_prover(builder); auto proof = prover.construct_proof(); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); auto verifier = composer.create_ultra_with_keccak_verifier(builder); EXPECT_EQ(verifier.verify_proof(proof), true); } @@ -270,7 +271,7 @@ TEST_F(BigIntTests, TestBigIntConstraintSimple) auto composer = Composer(); auto prover = composer.create_ultra_with_keccak_prover(builder); auto proof = prover.construct_proof(); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); auto verifier = composer.create_ultra_with_keccak_verifier(builder); EXPECT_EQ(verifier.verify_proof(proof), true); } @@ -329,7 +330,7 @@ TEST_F(BigIntTests, TestBigIntConstraintReuse) auto composer = Composer(); auto prover = composer.create_ultra_with_keccak_prover(builder); auto proof = prover.construct_proof(); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); auto verifier = composer.create_ultra_with_keccak_verifier(builder); EXPECT_EQ(verifier.verify_proof(proof), true); } @@ -386,7 +387,7 @@ TEST_F(BigIntTests, TestBigIntConstraintReuse2) auto composer = Composer(); auto prover = composer.create_ultra_with_keccak_prover(builder); auto proof = prover.construct_proof(); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); auto verifier = composer.create_ultra_with_keccak_verifier(builder); EXPECT_EQ(verifier.verify_proof(proof), true); } diff --git a/barretenberg/cpp/src/barretenberg/dsl/acir_format/ec_operations.test.cpp b/barretenberg/cpp/src/barretenberg/dsl/acir_format/ec_operations.test.cpp index 559adcb63401..efcfd7ceacea 100644 --- a/barretenberg/cpp/src/barretenberg/dsl/acir_format/ec_operations.test.cpp +++ b/barretenberg/cpp/src/barretenberg/dsl/acir_format/ec_operations.test.cpp @@ -1,5 +1,6 @@ #include "ec_operations.hpp" #include "acir_format.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/plonk/proof_system/types/proof.hpp" #include "barretenberg/plonk/proof_system/verification_key/verification_key.hpp" @@ -82,7 +83,7 @@ TEST_F(EcOperations, TestECOperations) auto prover = composer.create_prover(builder); auto proof = prover.construct_proof(); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); auto verifier = composer.create_verifier(builder); EXPECT_EQ(verifier.verify_proof(proof), true); } diff --git a/barretenberg/cpp/src/barretenberg/plonk/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/plonk/CMakeLists.txt index bb65163afa88..47fa85ef4cb8 100644 --- a/barretenberg/cpp/src/barretenberg/plonk/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/plonk/CMakeLists.txt @@ -1 +1 @@ -barretenberg_module(plonk proof_system transcript crypto_pedersen_commitment polynomials crypto_sha256 ecc crypto_blake3s srs flavor) \ No newline at end of file +barretenberg_module(plonk proof_system transcript crypto_pedersen_commitment polynomials crypto_sha256 ecc crypto_blake3s srs flavor circuit_checker) \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/plonk/composer/standard_composer.test.cpp b/barretenberg/cpp/src/barretenberg/plonk/composer/standard_composer.test.cpp index 952997d0e00c..bb60fa8c41e0 100644 --- a/barretenberg/cpp/src/barretenberg/plonk/composer/standard_composer.test.cpp +++ b/barretenberg/cpp/src/barretenberg/plonk/composer/standard_composer.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/plonk/composer/standard_composer.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/crypto/generators/generator_data.hpp" #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" #include "barretenberg/plonk/proof_system/proving_key/serialize.hpp" @@ -486,7 +487,7 @@ TEST_F(StandardPlonkComposer, TestCheckCircuitCorrect) builder.create_add_gate({ a_idx, b_idx, c_idx, fr::one(), fr::one(), fr::neg_one(), fr::zero() }); builder.create_add_gate({ d_idx, c_idx, a_idx, fr::one(), fr::neg_one(), fr::neg_one(), fr::zero() }); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -507,6 +508,6 @@ TEST_F(StandardPlonkComposer, TestCheckCircuitBroken) builder.create_add_gate({ a_idx, b_idx, c_idx, fr::one(), fr::one(), fr::neg_one(), fr::zero() }); builder.create_add_gate({ d_idx, c_idx, a_idx, fr::one(), fr::neg_one(), fr::neg_one(), fr::zero() }); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } diff --git a/barretenberg/cpp/src/barretenberg/proof_system/arithmetization/arithmetization.hpp b/barretenberg/cpp/src/barretenberg/proof_system/arithmetization/arithmetization.hpp index a1b962faae76..f5fdf99d8475 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/arithmetization/arithmetization.hpp +++ b/barretenberg/cpp/src/barretenberg/proof_system/arithmetization/arithmetization.hpp @@ -52,7 +52,7 @@ template class ExecutionTr bool operator==(const ExecutionTraceBlock& other) const = default; - size_t size() { return std::get<0>(this->wires).size(); } + size_t size() const { return std::get<0>(this->wires).size(); } void reserve(size_t size_hint) { @@ -85,12 +85,20 @@ template class StandardArith { auto& w_l() { return std::get<0>(this->wires); }; auto& w_r() { return std::get<1>(this->wires); }; auto& w_o() { return std::get<2>(this->wires); }; + const auto& w_l() const { return std::get<0>(this->wires); }; + const auto& w_r() const { return std::get<1>(this->wires); }; + const auto& w_o() const { return std::get<2>(this->wires); }; auto& q_m() { return this->selectors[0]; }; auto& q_1() { return this->selectors[1]; }; auto& q_2() { return this->selectors[2]; }; auto& q_3() { return this->selectors[3]; }; auto& q_c() { return this->selectors[4]; }; + const auto& q_m() const { return this->selectors[0]; }; + const auto& q_1() const { return this->selectors[1]; }; + const auto& q_2() const { return this->selectors[2]; }; + const auto& q_3() const { return this->selectors[3]; }; + const auto& q_c() const { return this->selectors[4]; }; }; struct TraceBlocks { diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.cpp b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.cpp index ef130f79d8a8..61def907060b 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.cpp +++ b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.cpp @@ -303,201 +303,5 @@ void GoblinUltraCircuitBuilder_::create_poseidon2_internal_gate(const poseid ++this->num_gates; } -template -inline FF GoblinUltraCircuitBuilder_::compute_poseidon2_external_identity(FF q_poseidon2_external_value, - FF q_1_value, - FF q_2_value, - FF q_3_value, - FF q_4_value, - FF w_1_value, - FF w_2_value, - FF w_3_value, - FF w_4_value, - FF w_1_shifted_value, - FF w_2_shifted_value, - FF w_3_shifted_value, - FF w_4_shifted_value, - FF alpha_base, - FF alpha) const -{ - // Power of alpha to separate individual sub-relations - // TODO(kesha): This is a repeated computation which can be efficiently optimized - const FF alpha_a = alpha_base; - const FF alpha_b = alpha_a * alpha; - const FF alpha_c = alpha_b * alpha; - const FF alpha_d = alpha_c * alpha; - - FF s1 = w_1_value + q_1_value; - FF s2 = w_2_value + q_2_value; - FF s3 = w_3_value + q_3_value; - FF s4 = w_4_value + q_4_value; - - FF u1 = s1 * s1; - u1 *= u1; - u1 *= s1; - FF u2 = s2 * s2; - u2 *= u2; - u2 *= s2; - FF u3 = s3 * s3; - u3 *= u3; - u3 *= s3; - FF u4 = s4 * s4; - u4 *= u4; - u4 *= s4; - - auto t0 = u1 + u2; - auto t1 = u3 + u4; - auto t2 = u2 + u2; - t2 += t1; - auto t3 = u4 + u4; - t3 += t0; - auto v4 = t1 + t1; - v4 += v4; - v4 += t3; - auto v2 = t0 + t0; - v2 += v2; - v2 += t2; - auto v1 = t3 + v2; - auto v3 = t2 + v4; - - return q_poseidon2_external_value * (alpha_a * (v1 - w_1_shifted_value) + alpha_b * (v2 - w_2_shifted_value) + - alpha_c * (v3 - w_3_shifted_value) + alpha_d * (v4 - w_4_shifted_value)); -} - -template -inline FF GoblinUltraCircuitBuilder_::compute_poseidon2_internal_identity(FF q_poseidon2_internal_value, - FF q_1_value, - FF w_1_value, - FF w_2_value, - FF w_3_value, - FF w_4_value, - FF w_1_shifted_value, - FF w_2_shifted_value, - FF w_3_shifted_value, - FF w_4_shifted_value, - FF alpha_base, - FF alpha) const -{ - // Power of alpha to separate individual sub-relations - // TODO(kesha): This is a repeated computation which can be efficiently optimized - const FF alpha_a = alpha_base; - const FF alpha_b = alpha_a * alpha; - const FF alpha_c = alpha_b * alpha; - const FF alpha_d = alpha_c * alpha; - - auto s1 = w_1_value + q_1_value; - - auto u1 = s1 * s1; - u1 *= u1; - u1 *= s1; - - auto sum = u1 + w_2_value + w_3_value + w_4_value; - auto v1 = u1 * crypto::Poseidon2Bn254ScalarFieldParams::internal_matrix_diagonal[0]; - v1 += sum; - auto v2 = w_2_value * crypto::Poseidon2Bn254ScalarFieldParams::internal_matrix_diagonal[1]; - v2 += sum; - auto v3 = w_3_value * crypto::Poseidon2Bn254ScalarFieldParams::internal_matrix_diagonal[2]; - v3 += sum; - auto v4 = w_4_value * crypto::Poseidon2Bn254ScalarFieldParams::internal_matrix_diagonal[3]; - v4 += sum; - - return q_poseidon2_internal_value * (alpha_a * (v1 - w_1_shifted_value) + alpha_b * (v2 - w_2_shifted_value) + - alpha_c * (v3 - w_3_shifted_value) + alpha_d * (v4 - w_4_shifted_value)); -} - -template bool GoblinUltraCircuitBuilder_::check_circuit() -{ - bool result = true; - if (!UltraCircuitBuilder_>::check_circuit()) { - return false; - } - - const FF poseidon2_external_base = FF::random_element(); - const FF poseidon2_internal_base = FF::random_element(); - const FF alpha = FF::random_element(); - - // For each gate - for (size_t i = 0; i < this->num_gates; i++) { - FF q_poseidon2_external_value; - FF q_poseidon2_internal_value; - FF q_1_value; - FF q_2_value; - FF q_3_value; - FF q_4_value; - FF w_1_value; - FF w_2_value; - FF w_3_value; - FF w_4_value; - // Get the values of selectors and wires and update tag products along the way - q_poseidon2_external_value = this->blocks.main.q_poseidon2_external()[i]; - q_poseidon2_internal_value = this->blocks.main.q_poseidon2_internal()[i]; - q_1_value = this->blocks.main.q_1()[i]; - q_2_value = this->blocks.main.q_2()[i]; - q_3_value = this->blocks.main.q_3()[i]; - q_4_value = this->blocks.main.q_4()[i]; - w_1_value = this->get_variable(this->blocks.main.w_l()[i]); - w_2_value = this->get_variable(this->blocks.main.w_r()[i]); - w_3_value = this->get_variable(this->blocks.main.w_o()[i]); - w_4_value = this->get_variable(this->blocks.main.w_4()[i]); - FF w_1_shifted_value; - FF w_2_shifted_value; - FF w_3_shifted_value; - FF w_4_shifted_value; - if (i < (this->num_gates - 1)) { - w_1_shifted_value = this->get_variable(this->blocks.main.w_l()[i + 1]); - w_2_shifted_value = this->get_variable(this->blocks.main.w_r()[i + 1]); - w_3_shifted_value = this->get_variable(this->blocks.main.w_o()[i + 1]); - w_4_shifted_value = this->get_variable(this->blocks.main.w_4()[i + 1]); - } else { - w_1_shifted_value = FF::zero(); - w_2_shifted_value = FF::zero(); - w_3_shifted_value = FF::zero(); - w_4_shifted_value = FF::zero(); - } - if (!compute_poseidon2_external_identity(q_poseidon2_external_value, - q_1_value, - q_2_value, - q_3_value, - q_4_value, - w_1_value, - w_2_value, - w_3_value, - w_4_value, - w_1_shifted_value, - w_2_shifted_value, - w_3_shifted_value, - w_4_shifted_value, - poseidon2_external_base, - alpha) - .is_zero()) { -#ifndef FUZZING - info("Poseidon2External identity fails at gate ", i); -#endif - result = false; - break; - } - if (!compute_poseidon2_internal_identity(q_poseidon2_internal_value, - q_1_value, - w_1_value, - w_2_value, - w_3_value, - w_4_value, - w_1_shifted_value, - w_2_shifted_value, - w_3_shifted_value, - w_4_shifted_value, - poseidon2_internal_base, - alpha) - .is_zero()) { -#ifndef FUZZING - info("Poseidon2Internal identity fails at gate ", i); -#endif - result = false; - break; - } - } - return result; -} - template class GoblinUltraCircuitBuilder_; } // namespace bb \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp index e412d78e64ca..31f824216f2e 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp +++ b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_ultra_circuit_builder.hpp @@ -140,37 +140,6 @@ template class GoblinUltraCircuitBuilder_ : public UltraCircuitBui void create_poseidon2_external_gate(const poseidon2_external_gate_& in); void create_poseidon2_internal_gate(const poseidon2_internal_gate_& in); - - FF compute_poseidon2_external_identity(FF q_poseidon2_external_value, - FF q_1_value, - FF q_2_value, - FF q_3_value, - FF q_4_value, - FF w_1_value, - FF w_2_value, - FF w_3_value, - FF w_4_value, - FF w_1_shifted_value, - FF w_2_shifted_value, - FF w_3_shifted_value, - FF w_4_shifted_value, - FF alpha_base, - FF alpha) const; - - FF compute_poseidon2_internal_identity(FF q_poseidon2_internal_value, - FF q_1_value, - FF w_1_value, - FF w_2_value, - FF w_3_value, - FF w_4_value, - FF w_1_shifted_value, - FF w_2_shifted_value, - FF w_3_shifted_value, - FF w_4_shifted_value, - FF alpha_base, - FF alpha) const; - - bool check_circuit(); }; using GoblinUltraCircuitBuilder = GoblinUltraCircuitBuilder_; } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.cpp b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.cpp index a3dcd7213bca..44546102f990 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.cpp +++ b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.cpp @@ -513,34 +513,6 @@ void StandardCircuitBuilder_::assert_equal_constant(uint32_t const a_idx, FF this->assert_equal(a_idx, b_idx, msg); } -/** - * Check if all the circuit gates are correct given the witnesses. - * Goes through each gates and checks if the identity holds. - * - * @return true if the circuit is correct. - * */ -template bool StandardCircuitBuilder_::check_circuit() -{ - - FF gate_sum; - FF left, right, output; - for (size_t i = 0; i < this->num_gates; i++) { - - gate_sum = FF::zero(); - left = this->get_variable(blocks.arithmetic.w_l()[i]); - right = this->get_variable(blocks.arithmetic.w_r()[i]); - output = this->get_variable(blocks.arithmetic.w_o()[i]); - gate_sum = blocks.arithmetic.q_m()[i] * left * right + blocks.arithmetic.q_1()[i] * left + - blocks.arithmetic.q_2()[i] * right + blocks.arithmetic.q_3()[i] * output + - blocks.arithmetic.q_c()[i]; - if (!gate_sum.is_zero()) { - info("gate number", i); - return false; - } - } - return true; -} - /** * Export the existing circuit as msgpack compatible buffer. * diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp index 32386b388a7e..ee41b73f7abe 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp +++ b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp @@ -105,8 +105,6 @@ template class StandardCircuitBuilder_ : public CircuitBuilderBase size_t get_num_constant_gates() const override { return 0; } - bool check_circuit(); - msgpack::sbuffer export_circuit() override; private: diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.cpp b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.cpp index efaa464219f2..a470905cc8fd 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.cpp +++ b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.cpp @@ -2659,828 +2659,6 @@ template void UltraCircuitBuilder_:: } } -// Various methods relating to circuit evaluation - -/** - * @brief Arithmetic gate-related methods - * - * @details The whole formula without alpha scaling is: - * - * q_arith * ( ( (-1/2) * (q_arith - 3) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c ) + - * (q_arith - 1)*( α * (q_arith - 2) * (w_1 + w_4 - w_1_omega + q_m) + w_4_omega) ) = 0 - * - * This formula results in several cases depending on q_arith: - * 1. q_arith == 0: Arithmetic gate is completely disabled - * - * 2. q_arith == 1: Everything in the minigate on the right is disabled. The equation is just a standard plonk equation - * with extra wires: q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c = 0 - * - * 3. q_arith == 2: The (w_1 + w_4 - ...) term is disabled. THe equation is: - * (1/2) * q_m * w_1 * w_2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + w_4_omega = 0 - * It allows defining w_4 at next index (w_4_omega) in terms of current wire values - * - * 4. q_arith == 3: The product of w_1 and w_2 is disabled, but a mini addition gate is enabled. α² allows us to split - * the equation into two: - * - * q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + 2 * w_4_omega = 0 - * - * w_1 + w_4 - w_1_omega + q_m = 0 (we are reusing q_m here) - * - * 5. q_arith > 3: The product of w_1 and w_2 is scaled by (q_arith - 3), while the w_4_omega term is scaled by (q_arith - * - 1). The equation can be split into two: - * - * (q_arith - 3)* q_m * w_1 * w_ 2 + q_1 * w_1 + q_2 * w_2 + q_3 * w_3 + q_4 * w_4 + q_c + (q_arith - 1) * w_4_omega = 0 - * - * w_1 + w_4 - w_1_omega + q_m = 0 - * - * The problem that q_m is used both in both equations can be dealt with by appropriately changing selector values at - * the next gate. Then we can treat (q_arith - 1) as a simulated q_6 selector and scale q_m to handle (q_arith - 3) at - * product. - * - * Uses only the alpha challenge - * - */ - -/** - * @brief Compute the arithmetic relation/gate evaluation base on given selector and witness evaluations - * - * @details We need this function because in ultra we have committed and non-committed gates (for example RAM and ROM). - * However, we'd still like to evaluate all of them, so we can't access selectors and witness values directly. - * - * You can scroll up to look at the description of the general logic of this gate - * - * @param q_arith_value - * @param q_1_value - * @param q_2_value - * @param q_3_value - * @param q_4_value - * @param q_m_value - * @param q_c_value - * @param w_1_value - * @param w_2_value - * @param w_3_value - * @param w_4_value - * @param w_1_shifted_value - * @param w_4_shifted_value - * @param alpha_base - * @param alpha - * @return fr - */ -template -inline typename Arithmetization::FF UltraCircuitBuilder_::compute_arithmetic_identity( - FF q_arith_value, - FF q_1_value, - FF q_2_value, - FF q_3_value, - FF q_4_value, - FF q_m_value, - FF q_c_value, - FF w_1_value, - FF w_2_value, - FF w_3_value, - FF w_4_value, - FF w_1_shifted_value, - FF w_4_shifted_value, - FF alpha_base, - FF alpha) const -{ - constexpr FF neg_half = FF(-2).invert(); - // The main arithmetic identity that gets activated for q_arith_value == 1 - FF arithmetic_identity = w_2_value; - arithmetic_identity *= q_m_value; - arithmetic_identity *= (q_arith_value - 3); - arithmetic_identity *= neg_half; - arithmetic_identity += q_1_value; - arithmetic_identity *= w_1_value; - arithmetic_identity += (w_2_value * q_2_value); - arithmetic_identity += (w_3_value * q_3_value); - arithmetic_identity += (w_4_value * q_4_value); - arithmetic_identity += q_c_value; - - // The additional small addition identity - FF extra_small_addition_identity = w_1_value + w_4_value - w_1_shifted_value + q_m_value; - extra_small_addition_identity *= alpha; - extra_small_addition_identity *= (q_arith_value - 2); - - // The concatenation of small addition identity + shifted w_4 value that can be enabled separately + the main - // arithemtic identity - FF final_identity = extra_small_addition_identity + w_4_shifted_value; - final_identity *= (q_arith_value - 1); - final_identity += arithmetic_identity; - final_identity *= q_arith_value; - final_identity *= alpha_base; - return final_identity; -} - -/** - * @brief General permutation sorting identity - * - * @details This identity binds together the values of witnesses on the same row (w_1, w_2, w_3, w_4) and the w_1 - * witness on the next row (w_1_shifted) so that the difference between 2 consecutive elements is in the set {0,1,2,3} - * - */ - -/** - * @brief Compute a single general permutation sorting identity - * - * @param w_1_value - * @param w_2_value - * @param w_3_value - * @param w_4_value - * @param w_1_shifted_value - * @param alpha_base - * @param alpha - * @return fr - */ -template -inline typename Arithmetization::FF UltraCircuitBuilder_::compute_genperm_sort_identity( - FF q_sort_value, - FF w_1_value, - FF w_2_value, - FF w_3_value, - FF w_4_value, - FF w_1_shifted_value, - FF alpha_base, - FF alpha) const -{ - // Power of alpha to separate individual delta relations - // TODO(kesha): This is a repeated computation which can be efficiently optimized - const FF alpha_a = alpha_base; - const FF alpha_b = alpha_a * alpha; - const FF alpha_c = alpha_b * alpha; - const FF alpha_d = alpha_c * alpha; - - // (second - first)*(second - first - 1)*(second - first - 2)*(second - first - 3) - auto neighbour_difference = [](const FF first, const FF second) { - constexpr FF minus_two(-2); - constexpr FF minus_three(-3); - const FF delta = second - first; - return (delta.sqr() - delta) * (delta + minus_two) * (delta + minus_three); - }; - - return q_sort_value * (alpha_a * neighbour_difference(w_1_value, w_2_value) + - alpha_b * neighbour_difference(w_2_value, w_3_value) + - alpha_c * neighbour_difference(w_3_value, w_4_value) + - alpha_d * neighbour_difference(w_4_value, w_1_shifted_value)); -} - -/** - * @brief Elliptic curve identity gate methods implement elliptic curve point addition. - * - * - * @details The basic equation for the elliptic curve in short weierstrass form is y^2 == x^3 + a * x + b. - * - * The addition formulas are: - * λ = (y_2 - y_1) / (x_2 - x_1) - * x_3 = λ^2 - x_2 - x_1 = (y_2 - y_1)^2 / (x_2 - x_1)^2 - x_2 - x_1 = ((y_2 - y_1)^2 - (x_2 - x_1) * (x_2^2 - - * x_1^2)) / (x_2 - x_1)^2 - * - * If we assume that the points being added are distinct and not invereses of each other (so their x coordinates - * differ), then we can rephrase this equality: - * x_3 * (x_2 - x_1)^2 = ((y_2 - y_1)^2 - (x_2 - x_1) * (x_2^2 - x_1^2)) - */ - -/** - * @brief Compute the identity of the arithmetic gate given all coefficients - * - * @param q_1_value 1 or -1 (the sign). Controls whether we are subtracting or adding the second point - * @param w_2_value x₁ - * @param w_3_value y₁ - * @param w_1_shifted_value x₂ - * @param w_2_shifted_value y₂ - * @param w_3_shifted_value x₃ - * @param w_4_shifted_value y₃ - * @return fr - */ -template -inline typename Arithmetization::FF UltraCircuitBuilder_::compute_elliptic_identity( - FF q_elliptic_value, - FF q_1_value, - FF q_m_value, - FF w_2_value, - FF w_3_value, - FF w_1_shifted_value, - FF w_2_shifted_value, - FF w_3_shifted_value, - FF w_4_shifted_value, - FF alpha_base, - FF alpha) const -{ - const FF x_1 = w_2_value; - const FF y_1 = w_3_value; - const FF x_2 = w_1_shifted_value; - const FF y_2 = w_4_shifted_value; - const FF x_3 = w_2_shifted_value; - const FF y_3 = w_3_shifted_value; - const FF q_sign = q_1_value; - const FF q_is_double = q_m_value; - constexpr FF curve_b = CircuitBuilderBase>::EmbeddedCurve::Group::curve_b; - static_assert(CircuitBuilderBase>::EmbeddedCurve::Group::curve_a == 0); - - FF x_diff = x_2 - x_1; - FF y1_sqr = y_1.sqr(); - FF y2_sqr = y_2.sqr(); - FF y1y2 = y_1 * y_2 * q_sign; - FF x_relation_add = (x_3 + x_2 + x_1) * x_diff.sqr() - y1_sqr - y2_sqr + y1y2 + y1y2; - FF y_relation_add = (y_3 + y_1) * x_diff + (x_3 - x_1) * (y_2 * q_sign - y_1); - - x_relation_add *= (-q_is_double + 1) * alpha_base * alpha; - y_relation_add *= (-q_is_double + 1) * alpha_base * alpha; - - // x-coordinate relation - // (x3 + 2x1)(4y^2) - (9x^4) = 0 - // This is degree 4...but - // we can use x^3 = y^2 - b - // (x3 + 2x1)(4y ^ 2) - (9x(y ^ 2 - b)) is degree 3 - const FF x_pow_4 = (y_1 * y_1 - curve_b) * x_1; - FF x_relation_double = (x_3 + x_1 + x_1) * (y_1 + y_1) * (y_1 + y_1) - x_pow_4 * FF(9); - - // Y relation: (x1 - x3)(3x^2) - (2y1)(y1 + y3) = 0 - const FF x_pow_2 = (x_1 * x_1); - FF y_relation_double = x_pow_2 * (x_1 - x_3) * 3 - (y_1 + y_1) * (y_1 + y_3); - - x_relation_double *= q_is_double * alpha_base; - y_relation_double *= q_is_double * alpha_base * alpha; - - return q_elliptic_value * (x_relation_add + y_relation_add + x_relation_double + y_relation_double); -} - -/** - * @brief Plookup Auxiliary Gate Identity - * - * @details Evaluates polynomial identities associated with the following Ultra custom gates: - * * RAM/ROM read-write consistency check - * * RAM timestamp difference consistency check - * * RAM/ROM index difference consistency check - * * Bigfield product evaluation (3 in total) - * * Bigfield limb accumulation (2 in total) - * - * Multiple selectors are used to 'switch' aux gates on/off according to the following pattern: - * - * | gate type | q_aux | q_1 | q_2 | q_3 | q_4 | q_m | q_c | q_arith | - * | ---------------------------- | ----- | --- | --- | --- | --- | --- | --- | ------ | - * | Bigfield Limb Accumulation 1 | 1 | 0 | 0 | 1 | 1 | 0 | --- | 0 | - * | Bigfield Limb Accumulation 2 | 1 | 0 | 0 | 1 | 0 | 1 | --- | 0 | - * | Bigfield Product 1 | 1 | 0 | 1 | 1 | 0 | 0 | --- | 0 | - * | Bigfield Product 2 | 1 | 0 | 1 | 0 | 1 | 0 | --- | 0 | - * | Bigfield Product 3 | 1 | 0 | 1 | 0 | 0 | 1 | --- | 0 | - * | RAM/ROM access gate | 1 | 1 | 0 | 0 | 0 | 1 | --- | 0 | - * | RAM timestamp check | 1 | 1 | 0 | 0 | 1 | 0 | --- | 0 | - * | ROM consistency check | 1 | 1 | 1 | 0 | 0 | 0 | --- | 0 | - * | RAM consistency check | 1 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | - * - * N.B. The RAM consistency check identity is degree 3. To keep the overall quotient degree at <=5, only 2 selectors can - * be used to select it. - * - * N.B.2 The q_c selector is used to store circuit-specific values in the RAM/ROM access gate - * - */ - -template -inline typename Arithmetization::FF UltraCircuitBuilder_::compute_auxilary_identity( - FF q_aux_value, - FF q_arith_value, - FF q_1_value, - FF q_2_value, - FF q_3_value, - FF q_4_value, - FF q_m_value, - FF q_c_value, - FF w_1_value, - FF w_2_value, - FF w_3_value, - FF w_4_value, - FF w_1_shifted_value, - FF w_2_shifted_value, - FF w_3_shifted_value, - FF w_4_shifted_value, - FF alpha_base, - FF alpha, - FF eta) const -{ - constexpr FF LIMB_SIZE(uint256_t(1) << DEFAULT_NON_NATIVE_FIELD_LIMB_BITS); - // TODO(kesha): Replace with a constant defined in header - constexpr FF SUBLIMB_SHIFT(uint256_t(1) << 14); - - // Non-native field arithmetic gate relations - // a{a_0, ..., a_3}⋅b{b_0,...,b_3} + q{q_0,..., q_3}⋅neg_p{neg_p_0,...,neg_p_3} - r{r_0,...,r_3} = 0 mod 2²⁷² - // neg_p and limb shifts are constants, so we can use big addition gates for them. - // Activated with q_2 & (q_3 | q_4 | q_m) - first, second, third appropriately - // For native gate_1: limb_subproduct = a_1 ⋅ b_0 + a_0 ⋅ b_1 - // For native gate_2: limb_subproduct = a_0 ⋅ b_2 + a_2 ⋅ b_0 - // For native gate_3: limb_subproduct = a_2 ⋅ b_1 + a_1 ⋅ b_2 - FF limb_subproduct = w_1_value * w_2_shifted_value + w_1_shifted_value * w_2_value; - - // ( a_0 ⋅ b_3 + a_3 ⋅ b_0 - r_3 ) - FF non_native_field_gate_2 = (w_1_value * w_4_value + w_2_value * w_3_value - w_3_shifted_value); - // ( a_0 ⋅ b_3 + a_3 ⋅ b_0 - r_3 ) << 68 - non_native_field_gate_2 *= LIMB_SIZE; - // ( a_0 ⋅ b_3 + a_3 ⋅ b_0 - r_3 ) << 68 - hi_0 - non_native_field_gate_2 -= w_4_shifted_value; - // ( a_0 ⋅ b_3 + a_3 ⋅ b_0 - r_3 ) << 68 - hi_0 + a_0 ⋅ b_2 + a_2 ⋅ b_0 - non_native_field_gate_2 += limb_subproduct; - non_native_field_gate_2 *= q_4_value; - - limb_subproduct *= LIMB_SIZE; - - // ( a_1 ⋅ b_0 + a_0 ⋅ b_1 ) << 68 + ( a_0 ⋅ b_0 ) - limb_subproduct += (w_1_shifted_value * w_2_shifted_value); - FF non_native_field_gate_1 = limb_subproduct; - // ( a_1 ⋅ b_0 + a_0 ⋅ b_1 ) << 68 + ( a_0 ⋅ b_0 ) - non_native_field_gate_1 -= (w_3_value + w_4_value); - non_native_field_gate_1 *= q_3_value; - - // ( a_2 ⋅ b_1 + a_1 ⋅ b_2 ) << 68 + ( a_1 ⋅ b_1 ) - FF non_native_field_gate_3 = limb_subproduct; - // ( a_2 ⋅ b_1 + a_1 ⋅ b_2 ) << 68 + ( a_1 ⋅ b_1 ) + hi_0 - non_native_field_gate_3 += w_4_value; - // ( a_2 ⋅ b_1 + a_1 ⋅ b_2 ) << 68 + ( a_1 ⋅ b_1 ) + hi_0 - r_2 - hi_1 - non_native_field_gate_3 -= (w_3_shifted_value + w_4_shifted_value); - non_native_field_gate_3 *= q_m_value; - - // Accumulate the 3 gates and multiply by q_2 - FF non_native_field_identity = non_native_field_gate_1 + non_native_field_gate_2 + non_native_field_gate_3; - non_native_field_identity *= q_2_value; - - // Accummulator limbs. These are activated with (q_3)&( q_4 | q_m). - // The limbs are configured in such a way as to take 3 gates to process a decomposition of 2 at maximum 70-bit - // elements into 5 14-bit limbs each. Then through set permutation we can range constrain each - // - // w_4 == (w_2_shifted << 56) | (w_1_shifted << 42) | (w_3 << 28) | (w_2 << 14) | - // w_1 - FF limb_accumulator_1 = w_2_shifted_value; - limb_accumulator_1 *= SUBLIMB_SHIFT; - limb_accumulator_1 += w_1_shifted_value; - limb_accumulator_1 *= SUBLIMB_SHIFT; - limb_accumulator_1 += w_3_value; - limb_accumulator_1 *= SUBLIMB_SHIFT; - limb_accumulator_1 += w_2_value; - limb_accumulator_1 *= SUBLIMB_SHIFT; - limb_accumulator_1 += w_1_value; - limb_accumulator_1 -= w_4_value; - limb_accumulator_1 *= q_4_value; - - // w_4_shifted == (w_3_shifted << 56) | (w_2_shifted << 42) | (w_1_shifted << 28) | (w_4 << 14) | w_3 - FF limb_accumulator_2 = w_3_shifted_value; - limb_accumulator_2 *= SUBLIMB_SHIFT; - limb_accumulator_2 += w_2_shifted_value; - limb_accumulator_2 *= SUBLIMB_SHIFT; - limb_accumulator_2 += w_1_shifted_value; - limb_accumulator_2 *= SUBLIMB_SHIFT; - limb_accumulator_2 += w_4_value; - limb_accumulator_2 *= SUBLIMB_SHIFT; - limb_accumulator_2 += w_3_value; - limb_accumulator_2 -= w_4_shifted_value; - limb_accumulator_2 *= q_m_value; - - FF limb_accumulator_identity = limb_accumulator_1 + limb_accumulator_2; - limb_accumulator_identity *= q_3_value; - - /** - * MEMORY - * - * A RAM memory record contains a tuple of the following fields: - * * i: `index` of memory cell being accessed - * * t: `timestamp` of memory cell being accessed (used for RAM, set to 0 for ROM) - * * v: `value` of memory cell being accessed - * * a: `access` type of record. read: 0 = read, 1 = write - * * r: `record` of memory cell. record = access + index * eta + timestamp * eta^2 + value * eta^3 - * - * A ROM memory record contains a tuple of the following fields: - * * i: `index` of memory cell being accessed - * * v: `value1` of memory cell being accessed (ROM tables can store up to 2 values per index) - * * v2:`value2` of memory cell being accessed (ROM tables can store up to 2 values per index) - * * r: `record` of memory cell. record = index * eta + value2 * eta^2 + value1 * eta^3 - * - * When performing a read/write access, the values of i, t, v, v2, a, r are stored in the following wires + - * selectors, depending on whether the gate is a RAM read/write or a ROM read - * - * | gate type | i | v2/t | v | a | r | - * | --------- | -- | ----- | -- | -- | -- | - * | ROM | w1 | w2 | w3 | -- | w4 | - * | RAM | w1 | w2 | w3 | qc | w4 | - * - * (for accesses where `index` is a circuit constant, it is assumed the circuit will apply a copy constraint on - * `w2` to fix its value) - * - **/ - - /** - * Memory Record Check - * - * Memory record check is needed to generate a 4 ~ 1 correspondence between the record of the memory cell and all - * the other values. It allows us to use set equivalence for whole cells, since we only need to take care of - * 1 witness per cell - * - * A ROM/ROM access gate can be evaluated with the identity: - * - * qc + w1 \eta + w2 \eta^2 + w3 \eta^3 - w4 = 0 - * - * For ROM gates, qc = 0 - */ - - FF memory_record_check = w_3_value; - memory_record_check *= eta; - memory_record_check += w_2_value; - memory_record_check *= eta; - memory_record_check += w_1_value; - memory_record_check *= eta; - memory_record_check += q_c_value; - FF partial_record_check = memory_record_check; // used in RAM consistency check - memory_record_check = memory_record_check - w_4_value; - - /** - * ROM Consistency Check - * - * For every ROM read, a set equivalence check is applied between the record witnesses, and a second set of - * records that are sorted. - * - * We apply the following checks for the sorted records: - * - * 1. w1, w2, w3 correctly map to 'index', 'v1, 'v2' for a given record value at w4 - * 2. index values for adjacent records are monotonically increasing - * 3. if, at gate i, index_i == index_{i + 1}, then value1_i == value1_{i + 1} and value2_i == value2_{i + 1} - * - */ - - FF index_delta = w_1_shifted_value - w_1_value; - FF record_delta = w_4_shifted_value - w_4_value; - - // (index_delta - 1) ⋅ (index_delta) - FF index_is_monotonically_increasing = index_delta.sqr() - index_delta; - // (1 - index_delta) ⋅ (record_delta) - FF adjacent_values_match_if_adjacent_indices_match = (FF(1) - index_delta) * record_delta; - - FF ROM_consistency_check_identity = adjacent_values_match_if_adjacent_indices_match; - ROM_consistency_check_identity *= alpha; - ROM_consistency_check_identity += index_is_monotonically_increasing; - ROM_consistency_check_identity *= alpha; - // α²⋅(1 - index_delta) ⋅ record_delta + α ⋅ (index_delta - 1) ⋅ index_delta + (q_c + η ⋅ w_1 + η ⋅ w_2 + η ⋅ w_3 - - // w_4) - ROM_consistency_check_identity += memory_record_check; - - /** - * RAM Consistency Check - * - * The 'access' type of the record is extracted with the expression `w_4 - partial_record_check` - * (i.e. for an honest Prover `w1 * eta + w2 * eta^2 + w3 * eta^3 - w4 = access`. - * This is validated by requiring `access` to be boolean - * - * For two adjacent entries in the sorted list if _both_ - * A) index values match - * B) adjacent access value is 0 (i.e. next gate is a READ) - * then - * C) both values must match. - * The gate boolean check is - * (A && B) => C === !(A && B) || C === !A || !B || C - * - * N.B. it is the responsibility of the circuit writer to ensure that every RAM cell is initialized - * with a WRITE operation. - */ - FF access_type = (w_4_value - partial_record_check); // will be 0 or 1 for honest Prover - FF access_check = access_type.sqr() - access_type; // check value is 0 or 1 - - // TODO: oof nasty compute here. If we sorted in reverse order we could re-use `partial_record_check` - FF next_gate_access_type = w_3_shifted_value; - next_gate_access_type *= eta; - next_gate_access_type += w_2_shifted_value; - next_gate_access_type *= eta; - next_gate_access_type += w_1_shifted_value; - next_gate_access_type *= eta; - next_gate_access_type = w_4_shifted_value - next_gate_access_type; - - FF value_delta = w_3_shifted_value - w_3_value; - FF adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation = - (FF(1) - index_delta) * value_delta * (FF(1) - next_gate_access_type); - - // We can't apply the RAM consistency check identity on the final entry in the sorted list (the wires in the - // next gate would make the identity fail). - // We need to validate that its 'access type' bool is correct. Can't do - // with an arithmetic gate because of the `eta` factors. We need to check that the *next* gate's access type is - // correct, to cover this edge case - FF next_gate_access_type_is_boolean = next_gate_access_type.sqr() - next_gate_access_type; - - // Putting it all together... - FF RAM_consistency_check_identity = - adjacent_values_match_if_adjacent_indices_match_and_next_access_is_a_read_operation; - RAM_consistency_check_identity *= alpha; - RAM_consistency_check_identity += index_is_monotonically_increasing; - RAM_consistency_check_identity *= alpha; - RAM_consistency_check_identity += next_gate_access_type_is_boolean; - RAM_consistency_check_identity *= alpha; - RAM_consistency_check_identity += access_check; - - /** - * RAM Timestamp Consistency Check - * - * | w1 | w2 | w3 | w4 | - * | index | timestamp | timestamp_check | -- | - * - * Let delta_index = index_{i + 1} - index_{i} - * - * Iff delta_index == 0, timestamp_check = timestamp_{i + 1} - timestamp_i - * Else timestamp_check = 0 - */ - FF timestamp_delta = w_2_shifted_value - w_2_value; - FF RAM_timestamp_check_identity = (FF(1) - index_delta) * timestamp_delta - w_3_value; - - /** - * The complete RAM/ROM memory identity - * - */ - - FF memory_identity = ROM_consistency_check_identity * q_2_value; - memory_identity += RAM_timestamp_check_identity * q_4_value; - memory_identity += memory_record_check * q_m_value; - memory_identity *= q_1_value; - memory_identity += (RAM_consistency_check_identity * q_arith_value); - - FF auxiliary_identity = memory_identity + non_native_field_identity + limb_accumulator_identity; - auxiliary_identity *= q_aux_value; - auxiliary_identity *= alpha_base; - - return auxiliary_identity; -} - -/** - * @brief Check that the circuit is correct in its current state - * - * @details The method switches the circuit to the "in-the-head" version, finalizes it, checks gates, lookups and - * permutations and then switches it back from the in-the-head version, discarding the updates - * @note We want to check that the whole circuit works, but ultra circuits need to have ram, rom and range gates added - * in the end for the check to be complete as well as the set permutation check, so we finalize the circuit when we - * check it. This structure allows us to restore the circuit to the state before the finalization. - * - * @return true - * @return false - */ -template bool UltraCircuitBuilder_::check_circuit() -{ - bool result = true; - - // Copy prefinalized circuit so that original circuit can be restored prior to return - UltraCircuitBuilder_ prefinalized_circuit = *this; - - // Finalize the circuit - finalize_circuit(); - - // Sample randomness - const FF arithmetic_base = FF::random_element(); - const FF elliptic_base = FF::random_element(); - const FF genperm_sort_base = FF::random_element(); - const FF auxillary_base = FF::random_element(); - const FF alpha = FF::random_element(); - const FF eta = FF::random_element(); - - // We need to get all memory - std::unordered_set memory_read_record_gates; - std::unordered_set memory_write_record_gates; - for (const auto& gate_idx : memory_read_records) { - memory_read_record_gates.insert(gate_idx); - } - for (const auto& gate_idx : memory_write_records) { - memory_write_record_gates.insert(gate_idx); - } - - // A hashing implementation for quick simulation lookups - struct HashFrTuple { - const FF mult_const = FF(uint256_t(0x1337, 0x1336, 0x1335, 0x1334)); - const FF mc_sqr = mult_const.sqr(); - const FF mc_cube = mult_const * mc_sqr; - - size_t operator()(const std::tuple& entry) const - { - return (size_t)((std::get<0>(entry) + mult_const * std::get<1>(entry) + mc_sqr * std::get<2>(entry) + - mc_cube * std::get<3>(entry)) - .reduce_once() - .data[0]); - } - }; - - // Equality checks for lookup tuples - struct EqualFrTuple { - - bool operator()(const std::tuple& entry1, const std::tuple& entry2) const - { - return entry1 == entry2; - } - }; - // The set of all lookup tuples that are in the tables - std::unordered_set, HashFrTuple, EqualFrTuple> table_hash; - // Prepare the lookup set for use in the circuit - for (auto& table : lookup_tables) { - const FF table_index(table.table_index); - for (size_t i = 0; i < table.size; ++i) { - const auto components = - std::make_tuple(table.column_1[i], table.column_2[i], table.column_3[i], table_index); - table_hash.insert(components); - } - } - - // We use a running tag product mechanism to ensure tag correctness - // This is the product of (value + γ ⋅ tag) - FF left_tag_product = FF::one(); - // This is the product of (value + γ ⋅ tau[tag]) - FF right_tag_product = FF::one(); - // Randomness for the tag check - const FF tag_gamma = FF::random_element(); - // We need to include each variable only once - std::unordered_set encountered_variables; - - // Function to quickly update tag products and encountered variable set by index and value - auto update_tag_check_information = [&](size_t variable_index, FF value) { - size_t real_index = this->real_variable_index[variable_index]; - // Check to ensure that we are not including a variable twice - if (encountered_variables.contains(real_index)) { - return; - } - size_t tag_in = this->real_variable_tags[real_index]; - if (tag_in != DUMMY_TAG) { - size_t tag_out = this->tau.at((uint32_t)tag_in); - left_tag_product *= value + tag_gamma * FF(tag_in); - right_tag_product *= value + tag_gamma * FF(tag_out); - encountered_variables.insert(real_index); - } - }; - // For each gate - // TODO(https://github.com/AztecProtocol/barretenberg/issues/867): only checking the main block. check all blocks - for (size_t i = 0; i < this->blocks.main.size(); i++) { - FF q_arith_value; - FF q_aux_value; - FF q_elliptic_value; - FF q_sort_value; - FF q_lookup_type_value; - FF q_1_value; - FF q_2_value; - FF q_3_value; - FF q_4_value; - FF q_m_value; - FF q_c_value; - FF w_1_value; - FF w_2_value; - FF w_3_value; - FF w_4_value; - FF w_4_index; - // Get the values of selectors and wires and update tag products along the way - q_arith_value = blocks.main.q_arith()[i]; - q_aux_value = blocks.main.q_aux()[i]; - q_elliptic_value = blocks.main.q_elliptic()[i]; - q_sort_value = blocks.main.q_sort()[i]; - q_lookup_type_value = blocks.main.q_lookup_type()[i]; - q_1_value = blocks.main.q_1()[i]; - q_2_value = blocks.main.q_2()[i]; - q_3_value = blocks.main.q_3()[i]; - q_4_value = blocks.main.q_4()[i]; - q_m_value = blocks.main.q_m()[i]; - q_c_value = blocks.main.q_c()[i]; - w_1_value = this->get_variable(blocks.main.w_l()[i]); - update_tag_check_information(blocks.main.w_l()[i], w_1_value); - w_2_value = this->get_variable(blocks.main.w_r()[i]); - update_tag_check_information(blocks.main.w_r()[i], w_2_value); - w_3_value = this->get_variable(blocks.main.w_o()[i]); - update_tag_check_information(blocks.main.w_o()[i], w_3_value); - w_4_value = this->get_variable(blocks.main.w_4()[i]); - // We need to wait before updating tag product for w_4 - w_4_index = blocks.main.w_4()[i]; - - // If we are touching a gate with memory access, we need to update the value of the 4th witness - if (memory_read_record_gates.contains(i)) { - w_4_value = ((w_3_value * eta + w_2_value) * eta + w_1_value) * eta; - } - if (memory_write_record_gates.contains(i)) { - w_4_value = ((w_3_value * eta + w_2_value) * eta + w_1_value) * eta + FF::one(); - } - // Now we can update the tag product for w_4 - update_tag_check_information((uint32_t)w_4_index, w_4_value); - FF w_1_shifted_value; - FF w_2_shifted_value; - FF w_3_shifted_value; - FF w_4_shifted_value; - // TODO(https://github.com/AztecProtocol/barretenberg/issues/867): gate index based on block containing ram/rom - if (i < (this->blocks.main.size() - 1)) { - w_1_shifted_value = this->get_variable(blocks.main.w_l()[i + 1]); - w_2_shifted_value = this->get_variable(blocks.main.w_r()[i + 1]); - w_3_shifted_value = this->get_variable(blocks.main.w_o()[i + 1]); - w_4_shifted_value = this->get_variable(blocks.main.w_4()[i + 1]); - } else { - w_1_shifted_value = FF::zero(); - w_2_shifted_value = FF::zero(); - w_3_shifted_value = FF::zero(); - w_4_shifted_value = FF::zero(); - } - if (memory_read_record_gates.contains(i + 1)) { - w_4_shifted_value = ((w_3_shifted_value * eta + w_2_shifted_value) * eta + w_1_shifted_value) * eta; - } - if (memory_write_record_gates.contains(i + 1)) { - w_4_shifted_value = - ((w_3_shifted_value * eta + w_2_shifted_value) * eta + w_1_shifted_value) * eta + FF::one(); - } - if (!compute_arithmetic_identity(q_arith_value, - q_1_value, - q_2_value, - q_3_value, - q_4_value, - q_m_value, - q_c_value, - w_1_value, - w_2_value, - w_3_value, - w_4_value, - w_1_shifted_value, - w_4_shifted_value, - arithmetic_base, - alpha) - .is_zero()) { -#ifndef FUZZING - info("Arithmetic identity fails at gate ", i); -#endif - result = false; - break; - } - if (!compute_auxilary_identity(q_aux_value, - q_arith_value, - q_1_value, - q_2_value, - q_3_value, - q_4_value, - q_m_value, - q_c_value, - w_1_value, - w_2_value, - w_3_value, - w_4_value, - w_1_shifted_value, - w_2_shifted_value, - w_3_shifted_value, - w_4_shifted_value, - auxillary_base, - alpha, - eta) - .is_zero()) { -#ifndef FUZZING - info("Auxilary identity fails at gate ", i); -#endif - - result = false; - break; - } - if (!compute_elliptic_identity(q_elliptic_value, - q_1_value, - q_m_value, - w_2_value, - w_3_value, - w_1_shifted_value, - w_2_shifted_value, - w_3_shifted_value, - w_4_shifted_value, - elliptic_base, - alpha) - .is_zero()) { -#ifndef FUZZING - info("Elliptic identity fails at gate ", i); -#endif - result = false; - break; - } - if (!compute_genperm_sort_identity( - q_sort_value, w_1_value, w_2_value, w_3_value, w_4_value, w_1_shifted_value, genperm_sort_base, alpha) - .is_zero()) { -#ifndef FUZZING - info("Genperm sort identity fails at gate ", i); -#endif - - result = false; - break; - } - if (!q_lookup_type_value.is_zero()) { - if (!table_hash.contains(std::make_tuple(w_1_value + q_2_value * w_1_shifted_value, - w_2_value + q_m_value * w_2_shifted_value, - w_3_value + q_c_value * w_3_shifted_value, - q_3_value))) { -#ifndef FUZZING - info("Lookup fails at gate ", i); -#endif - - result = false; - break; - } - } - } - if (left_tag_product != right_tag_product) { -#ifndef FUZZING - if (result) { - info("Tag permutation failed"); - } -#endif - - result = false; - } - - // Restore the circuit to its pre-finalized state - *this = prefinalized_circuit; - - return result; -} template class UltraCircuitBuilder_>; template class UltraCircuitBuilder_>; // To enable this we need to template plookup diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp index ee7a85944bc6..f9f873a89733 100644 --- a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp +++ b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp @@ -792,64 +792,6 @@ class UltraCircuitBuilder_ : public CircuitBuilderBase>; } // namespace bb diff --git a/barretenberg/cpp/src/barretenberg/smt_verification/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/smt_verification/CMakeLists.txt index 10c6998530d9..ad7ed03dd4a6 100644 --- a/barretenberg/cpp/src/barretenberg/smt_verification/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/smt_verification/CMakeLists.txt @@ -1,4 +1,4 @@ -barretenberg_module(smt_verification common proof_system stdlib_primitives stdlib_sha256 cvc5) +barretenberg_module(smt_verification common proof_system stdlib_primitives stdlib_sha256 cvc5 circuit_checker) set(CVC5_INCLUDE $ENV{HOME}/cvc5/tmp-lib/include) set(CVC5_LIB $ENV{HOME}/cvc5/tmp-lib/lib) @@ -11,4 +11,4 @@ target_include_directories(smt_verification_test_objects PUBLIC ${CVC5_INCLUDE}) target_link_directories(smt_verification PUBLIC ${CVC5_LIB}) target_link_directories(smt_verification_objects PUBLIC ${CVC5_LIB}) target_link_directories(smt_verification_tests PUBLIC ${CVC5_LIB}) -target_link_directories(smt_verification_test_objects PUBLIC ${CVC5_LIB}) \ No newline at end of file +target_link_directories(smt_verification_test_objects PUBLIC ${CVC5_LIB}) diff --git a/barretenberg/cpp/src/barretenberg/smt_verification/smt_examples.test.cpp b/barretenberg/cpp/src/barretenberg/smt_verification/smt_examples.test.cpp index 81e31bec0f93..ae74b2681bc5 100644 --- a/barretenberg/cpp/src/barretenberg/smt_verification/smt_examples.test.cpp +++ b/barretenberg/cpp/src/barretenberg/smt_verification/smt_examples.test.cpp @@ -1,3 +1,4 @@ +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp" #include #include @@ -29,7 +30,7 @@ TEST(circuit_verification, multiplication_true) builder.set_variable_name(a.witness_index, "a"); builder.set_variable_name(b.witness_index, "b"); builder.set_variable_name(c.witness_index, "c"); - ASSERT_TRUE(builder.check_circuit()); + ASSERT_TRUE(CircuitChecker::check(builder)); auto buf = builder.export_circuit(); @@ -60,7 +61,7 @@ TEST(circuit_verification, multiplication_true_kind) builder.set_variable_name(a.witness_index, "a"); builder.set_variable_name(b.witness_index, "b"); builder.set_variable_name(c.witness_index, "c"); - ASSERT_TRUE(builder.check_circuit()); + ASSERT_TRUE(CircuitChecker::check(builder)); auto buf = builder.export_circuit(); @@ -91,7 +92,7 @@ TEST(circuit_verification, multiplication_false) builder.set_variable_name(a.witness_index, "a"); builder.set_variable_name(b.witness_index, "b"); builder.set_variable_name(c.witness_index, "c"); - ASSERT_TRUE(builder.check_circuit()); + ASSERT_TRUE(CircuitChecker::check(builder)); auto buf = builder.export_circuit(); diff --git a/barretenberg/cpp/src/barretenberg/stdlib/commitment/pedersen/pedersen.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/commitment/pedersen/pedersen.test.cpp index bced7a462562..e0b7f4a19d7e 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/commitment/pedersen/pedersen.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/commitment/pedersen/pedersen.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/crypto/pedersen_commitment/c_bind.hpp" #include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp" @@ -47,7 +48,7 @@ template class StdlibPedersen : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); auto commit_native = crypto::pedersen_commitment::commit_native({ left.get_value(), right.get_value() }); diff --git a/barretenberg/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp index 76b52fbc27e3..2ee2add3d29b 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/encryption/aes128/aes128.test.cpp @@ -1,4 +1,5 @@ #include "aes128.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/crypto/aes128/aes128.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" @@ -55,6 +56,6 @@ TEST(stdlib_aes128, encrypt_64_bytes) std::cout << "num gates = " << builder.get_num_gates() << std::endl; - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.test.cpp index 93191f8f8ccd..5f3458416f04 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/encryption/ecdsa/ecdsa.test.cpp @@ -3,6 +3,7 @@ #include "../../primitives/biggroup/biggroup.hpp" #include "../../primitives/curves/secp256k1.hpp" #include "../../primitives/curves/secp256r1.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "ecdsa.hpp" @@ -51,7 +52,7 @@ TEST(stdlib_ecdsa, verify_signature) std::cerr << "num gates = " << builder.get_num_gates() << std::endl; benchmark_info(Builder::NAME_STRING, "ECDSA", "Signature Verification Test", "Gate Count", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -92,7 +93,7 @@ TEST(stdlib_ecdsa, verify_r1_signature) std::cerr << "num gates = " << builder.get_num_gates() << std::endl; benchmark_info(Builder::NAME_STRING, "ECDSA", "Signature Verification Test", "Gate Count", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -136,7 +137,7 @@ TEST(stdlib_ecdsa, ecdsa_verify_signature_noassert_succeed) std::cerr << "num gates = " << builder.get_num_gates() << std::endl; benchmark_info(Builder::NAME_STRING, "ECDSA", "Signature Verification Test", "Gate Count", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -180,6 +181,6 @@ TEST(stdlib_ecdsa, ecdsa_verify_signature_noassert_fail) std::cerr << "num gates = " << builder.get_num_gates() << std::endl; benchmark_info(Builder::NAME_STRING, "ECDSA", "Signature Verification Test", "Gate Count", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp index add048b26f7a..f43bf940caee 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/encryption/schnorr/schnorr.test.cpp @@ -1,5 +1,6 @@ #include +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" #include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" @@ -49,7 +50,7 @@ TEST(stdlib_schnorr, schnorr_verify_signature) schnorr_verify_signature(message, pub_key, sig); info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } } @@ -92,7 +93,7 @@ TEST(stdlib_schnorr, verify_signature_failure) info("num gates = ", builder.get_num_gates()); - bool verification_result = builder.check_circuit(); + bool verification_result = CircuitChecker::check(builder); EXPECT_EQ(verification_result, false); } @@ -127,7 +128,7 @@ TEST(stdlib_schnorr, schnorr_signature_verification_result) info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -170,6 +171,6 @@ TEST(stdlib_schnorr, signature_verification_result_failure) info("num gates = ", builder.get_num_gates()); - bool verification_result = builder.check_circuit(); + bool verification_result = CircuitChecker::check(builder); EXPECT_EQ(verification_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp index f5a8b37f24dc..9ef976a3f9e0 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/hash/blake2s/blake2s.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/crypto/blake2s/blake2s.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" #include "blake2s.hpp" #include "blake2s_plookup.hpp" @@ -30,7 +31,7 @@ using public_witness_t = public_witness_t; // info("num gates = %zu\n", builder.get_num_gates()); -// bool proof_result = builder.check_circuit(); +// bool proof_result = CircuitChecker::check(builder); // EXPECT_EQ(proof_result, true); // } @@ -49,7 +50,7 @@ TEST(stdlib_blake2s, test_single_block_plookup) info("builder gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -68,7 +69,7 @@ TEST(stdlib_blake2s, test_single_block_plookup) // info("num gates = %zu\n", builder.get_num_gates()); -// bool proof_result = builder.check_circuit(); +// bool proof_result = CircuitChecker::check(builder); // EXPECT_EQ(proof_result, true); // } @@ -87,6 +88,6 @@ TEST(stdlib_blake2s, test_double_block_plookup) info("builder gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp index 9e054605e3a0..6e1b22e87522 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/hash/blake3s/blake3s.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/crypto/blake3s/blake3s.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/streams.hpp" #include "blake3s.hpp" #include "blake3s_plookup.hpp" @@ -28,7 +29,7 @@ TEST(stdlib_blake3s, test_single_block) info("builder gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -47,7 +48,7 @@ TEST(stdlib_blake3s, test_single_block_plookup) info("builder gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -66,7 +67,7 @@ TEST(stdlib_blake3s, test_double_block) info("builder gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -85,6 +86,6 @@ TEST(stdlib_blake3s, test_double_block_plookup) info("builder gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/hash/keccak/keccak.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/hash/keccak/keccak.test.cpp index 49409098b2fc..cdb5e6fdf6eb 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/hash/keccak/keccak.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/hash/keccak/keccak.test.cpp @@ -1,5 +1,6 @@ #include "barretenberg/crypto/keccak/keccak.hpp" #include "../../primitives/plookup/plookup.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "keccak.hpp" #include @@ -27,7 +28,7 @@ TEST(stdlib_keccak, keccak_format_input_table) stdlib::plookup_read::read_from_1_to_2_table(plookup::KECCAK_FORMAT_INPUT, limb); } - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -41,7 +42,7 @@ TEST(stdlib_keccak, keccak_format_output_table) field_ct limb(witness_ct(&builder, extended_native)); stdlib::plookup_read::read_from_1_to_2_table(plookup::KECCAK_FORMAT_OUTPUT, limb); } - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -59,7 +60,7 @@ TEST(stdlib_keccak, keccak_theta_output_table) field_ct limb(witness_ct(&builder, extended_native)); stdlib::plookup_read::read_from_1_to_2_table(plookup::KECCAK_THETA_OUTPUT, limb); } - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -94,7 +95,7 @@ TEST(stdlib_keccak, keccak_rho_output_table) }); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -130,7 +131,7 @@ TEST(stdlib_keccak, keccak_chi_output_table) EXPECT_EQ(static_cast(msb.get_value()), binary_native >> 63); } info("num gates = n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -170,7 +171,7 @@ TEST(stdlib_keccak, test_format_input_lanes) } } - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -189,7 +190,7 @@ TEST(stdlib_keccak, test_single_block) builder.print_num_gates(); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -211,7 +212,7 @@ TEST(stdlib_keccak, test_double_block) builder.print_num_gates(); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -238,7 +239,7 @@ TEST(stdlib_keccak, test_double_block_variable_length) EXPECT_EQ(output.get_value(), expected); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -265,7 +266,7 @@ TEST(stdlib_keccak, test_variable_length_nonzero_input_greater_than_byte_array_s byte_array output = stdlib::keccak::hash(input_arr, length); EXPECT_EQ(output.get_value(), expected); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -285,7 +286,7 @@ TEST(stdlib_keccak, test_permutation_opcode_single_block) builder.print_num_gates(); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -308,6 +309,6 @@ TEST(stdlib_keccak, test_permutation_opcode_double_block) builder.print_num_gates(); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/hash/pedersen/pedersen.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/hash/pedersen/pedersen.test.cpp index 71787e0a8de4..dc47b68f5ffe 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/hash/pedersen/pedersen.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/hash/pedersen/pedersen.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/ecc/curves/grumpkin/grumpkin.hpp" #include "barretenberg/numeric/random/engine.hpp" @@ -46,7 +47,7 @@ template class StdlibPedersen : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); fr hash_native = crypto::pedersen_hash::hash({ left.get_value(), right.get_value() }); @@ -77,7 +78,7 @@ template class StdlibPedersen : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); EXPECT_EQ(bool(out_1_with_zero.get_value() == out_1_with_r.get_value()), true); @@ -120,7 +121,7 @@ template class StdlibPedersen : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -145,7 +146,7 @@ template class StdlibPedersen : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -196,7 +197,7 @@ template class StdlibPedersen : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -252,7 +253,7 @@ TYPED_TEST(StdlibPedersen, TestHash) using Builder = TypeParam; using field_ct = stdlib::field_t; using witness_ct = stdlib::witness_t; - auto composer = Builder(); + auto builder = Builder(); const size_t num_inputs = 10; @@ -262,7 +263,7 @@ TYPED_TEST(StdlibPedersen, TestHash) for (size_t i = 0; i < num_inputs; ++i) { const auto element = fr::random_element(&engine); inputs_native.emplace_back(element); - inputs.emplace_back(field_ct(witness_ct(&composer, element))); + inputs.emplace_back(field_ct(witness_ct(&builder, element))); } auto result = stdlib::pedersen_hash::hash(inputs); @@ -270,7 +271,7 @@ TYPED_TEST(StdlibPedersen, TestHash) EXPECT_EQ(result.get_value(), expected); - bool proof_result = composer.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/hash/poseidon2/poseidon2.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/hash/poseidon2/poseidon2.test.cpp index 6d5e4bb1cdf3..10f43f038ff4 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/hash/poseidon2/poseidon2.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/hash/poseidon2/poseidon2.test.cpp @@ -1,4 +1,5 @@ #include "poseidon2.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/crypto/poseidon2/poseidon2.hpp" #include "barretenberg/numeric/random/engine.hpp" @@ -45,7 +46,7 @@ template class StdlibPoseidon2 : public testing::Test { EXPECT_EQ(result.get_value(), expected); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -73,7 +74,7 @@ template class StdlibPoseidon2 : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } /** @@ -100,7 +101,7 @@ template class StdlibPoseidon2 : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp index 14311725e741..009a8a821355 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/hash/sha256/sha256.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/crypto/sha256/sha256.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/proof_system/circuit_builder/standard_circuit_builder.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" @@ -139,7 +140,7 @@ std::array inner_block(std::array& w) // auto verifier = composer.create_verifier(); // plonk::proof proof = prover.construct_proof(); -// bool proof_result = builder.check_circuit(); +// bool proof_result = CircuitChecker::check(builder); // EXPECT_EQ(proof_result, true); // } @@ -167,7 +168,7 @@ TEST(stdlib_sha256, test_plookup_55_bytes) EXPECT_EQ(uint256_t(output[7].get_value()), 0x93791fc7U); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -192,7 +193,7 @@ TEST(stdlib_sha256, test_55_bytes) EXPECT_EQ(output[7].get_value(), fr(0x93791fc7ULL)); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -216,7 +217,7 @@ TEST(stdlib_sha256, test_NIST_vector_one_packed_byte_array) EXPECT_EQ(uint256_t(output[7].get_value()).data[0], (uint64_t)0xF20015ADU); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -243,7 +244,7 @@ TEST(stdlib_sha256, test_NIST_vector_one) EXPECT_EQ(output[7].get_value(), fr(0xF20015ADULL)); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -267,7 +268,7 @@ TEST(stdlib_sha256, test_NIST_vector_two) EXPECT_EQ(output[7].get_value(), 0x19DB06C1ULL); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -292,7 +293,7 @@ TEST(stdlib_sha256, test_NIST_vector_three) EXPECT_EQ(output[7].get_value(), 0x8ffe732bULL); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -318,7 +319,7 @@ TEST(stdlib_sha256, test_NIST_vector_four) info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -357,7 +358,7 @@ HEAVY_TEST(stdlib_sha256, test_NIST_vector_five) info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/stdlib/primitives/CMakeLists.txt index d81cfbdf28a4..f006512b79c2 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/CMakeLists.txt @@ -1 +1 @@ -barretenberg_module(stdlib_primitives proof_system plonk) \ No newline at end of file +barretenberg_module(stdlib_primitives proof_system plonk circuit_checker) \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp index cc03446d73f2..0b247fd02693 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bigfield/bigfield.test.cpp @@ -9,6 +9,7 @@ #include "../byte_array/byte_array.hpp" #include "../field/field.hpp" #include "./bigfield.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/plonk/proof_system/prover/prover.hpp" #include "barretenberg/plonk/proof_system/verifier/verifier.hpp" #include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" @@ -52,7 +53,7 @@ template class stdlib_bigfield : public testing::Test { fq_ct tval1 = tval - tval; fq_ct tval2 = tval1 / tval; (void)tval2; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -64,7 +65,7 @@ template class stdlib_bigfield : public testing::Test { fq_ct tval1 = tval - tval; fq_ct tval2 = tval1 / tval; (void)tval2; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -125,7 +126,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -163,7 +164,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -209,7 +210,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -278,7 +279,7 @@ template class stdlib_bigfield : public testing::Test { if (builder.failed()) { info("Builder failed with error: ", builder.err()); }; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -333,7 +334,7 @@ template class stdlib_bigfield : public testing::Test { if (builder.failed()) { info("Builder failed with error: ", builder.err()); }; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -377,7 +378,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -419,7 +420,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -456,7 +457,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -490,7 +491,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -527,7 +528,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result.hi.data[2], 0ULL); EXPECT_EQ(result.hi.data[3], 0ULL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -550,7 +551,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result_ct.get_value().lo, uint256_t(expected)); EXPECT_EQ(result_ct.get_value().hi, uint256_t(0)); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } } @@ -593,7 +594,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result_d, expected_d); EXPECT_EQ(result_e, fq(0)); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -640,7 +641,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result_y.lo.data[2], expected_y.data[2]); EXPECT_EQ(result_y.lo.data[3], expected_y.data[3]); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -671,7 +672,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result, expected); EXPECT_EQ(c.get_value().get_msb() < 254, true); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -702,7 +703,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result, uint256_t(expected)); EXPECT_EQ(c.get_value().get_msb() < 254, true); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -738,7 +739,7 @@ template class stdlib_bigfield : public testing::Test { EXPECT_EQ(result, uint256_t(expected)); EXPECT_EQ(c.get_value().get_msb() < num_bits, true); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); // Checking edge conditions fq random_input = fq::random_element(); @@ -747,10 +748,10 @@ template class stdlib_bigfield : public testing::Test { fr(uint256_t(random_input).slice(fq_ct::NUM_LIMB_BITS * 2, fq_ct::NUM_LIMB_BITS * 4)))); a.assert_less_than(random_input + 1); - EXPECT_EQ(builder.check_circuit(), true); + EXPECT_EQ(CircuitChecker::check(builder), true); a.assert_less_than(random_input); - EXPECT_EQ(builder.check_circuit(), false); + EXPECT_EQ(CircuitChecker::check(builder), false); } static void test_byte_array_constructors() @@ -777,7 +778,7 @@ template class stdlib_bigfield : public testing::Test { uint256_t result = (c.get_value().lo); EXPECT_EQ(result, uint256_t(expected)); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -819,7 +820,7 @@ template class stdlib_bigfield : public testing::Test { auto f = fq_ct::mult_madd({ a4 }, { a4 }, {}, false); (void)f; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp index 1dad1d6a38cc..44201423b282 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup.test.cpp @@ -2,6 +2,7 @@ #include "../bigfield/bigfield.hpp" #include "../bool/bool.hpp" #include "../field/field.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" @@ -43,7 +44,7 @@ template class stdlib_biggroup : public testing::Test { static constexpr auto EXPECT_CIRCUIT_CORRECTNESS = [](Builder& builder, bool expected_result = true) { info("num gates = ", builder.get_num_gates()); - EXPECT_EQ(builder.check_circuit(), expected_result); + EXPECT_EQ(CircuitChecker::check(builder), expected_result); }; public: diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_goblin.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_goblin.test.cpp index 1753d04de84f..1ac09c4e69d6 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_goblin.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/biggroup/biggroup_goblin.test.cpp @@ -2,6 +2,7 @@ #include #include "../biggroup/biggroup.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" #include "barretenberg/stdlib/primitives/curves/bn254.hpp" @@ -29,7 +30,7 @@ template class stdlib_biggroup_goblin : public testing::Test { static constexpr auto EXPECT_CIRCUIT_CORRECTNESS = [](Builder& builder, bool expected_result = true) { info("builder gates = ", builder.get_num_gates()); - EXPECT_EQ(builder.check_circuit(), expected_result); + EXPECT_EQ(CircuitChecker::check(builder), expected_result); }; public: diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp index d9f87cd59ab4..4f83f0bae341 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/bool/bool.test.cpp @@ -1,4 +1,5 @@ #include "bool.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/stdlib/primitives/byte_array/byte_array.cpp" #include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" #include @@ -44,7 +45,7 @@ TYPED_TEST(BoolTest, TestBasicOperations) d = (!f) & a; // d = 1 EXPECT_EQ(d.get_value(), 1); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); auto gates_after = builder.get_num_gates(); @@ -69,7 +70,7 @@ TYPED_TEST(BoolTest, Xor) EXPECT_EQ(c.get_value(), a.get_value() ^ b.get_value()); } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -95,7 +96,7 @@ TYPED_TEST(BoolTest, XorConstants) } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -123,7 +124,7 @@ TYPED_TEST(BoolTest, XorTwinConstants) } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -136,7 +137,7 @@ TYPED_TEST(BoolTest, LogicalAnd) bool_ct b = witness_ct(&builder, 1); (!a) && (!b); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -151,7 +152,7 @@ TYPED_TEST(BoolTest, And) a& b; } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -177,7 +178,7 @@ TYPED_TEST(BoolTest, AndConstants) } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -192,7 +193,7 @@ TYPED_TEST(BoolTest, or) a | b; } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -218,7 +219,7 @@ TYPED_TEST(BoolTest, OrConstants) } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -268,7 +269,7 @@ TYPED_TEST(BoolTest, Eq) EXPECT_EQ(d[i].get_value(), d_alt[i]); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -291,7 +292,7 @@ TYPED_TEST(BoolTest, Implies) } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -314,7 +315,7 @@ TYPED_TEST(BoolTest, ImpliesBothWays) } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -340,7 +341,7 @@ TYPED_TEST(BoolTest, MustImply) } } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -405,7 +406,7 @@ TYPED_TEST(BoolTest, MustImplyMultiple) if (builder.failed()) { EXPECT_EQ(builder.err(), "multi implication fail: g(x) is a multiple of 6"); } else { - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } } @@ -467,7 +468,7 @@ TYPED_TEST(BoolTest, ConditionalAssign) EXPECT_EQ(result.get_value(), condition ? left : right); } info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -499,7 +500,7 @@ TYPED_TEST(BoolTest, TestSimpleProof) f = b; } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -524,6 +525,6 @@ TYPED_TEST(BoolTest, Normalize) generate_constraints(true, true, false); generate_constraints(true, true, true); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp index 0985b61aad51..850179470a65 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/byte_array/byte_array.test.cpp @@ -1,5 +1,6 @@ #include +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/stdlib/primitives/bool/bool.hpp" #include "barretenberg/stdlib/primitives/field/field.hpp" #include "barretenberg/stdlib/primitives/witness/witness.hpp" @@ -82,7 +83,7 @@ TYPED_TEST(ByteArrayTest, test_byte_array_input_output_consistency) EXPECT_EQ(a_result.get_value(), a_expected); EXPECT_EQ(b_result.get_value(), b_expected); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, true); } @@ -113,7 +114,7 @@ TYPED_TEST(ByteArrayTest, get_bit) EXPECT_EQ(arr.size(), 4UL); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -134,6 +135,6 @@ TYPED_TEST(ByteArrayTest, set_bit) EXPECT_EQ(out[1], uint8_t(7)); EXPECT_EQ(out[3], uint8_t(5)); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp index 70b7e8fee188..13f906116405 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/array.test.cpp @@ -1,5 +1,6 @@ #include "array.hpp" #include "../bool/bool.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" #include "field.hpp" @@ -38,7 +39,7 @@ template class stdlib_array : public testing::Test { EXPECT_EQ(filled_len.get_value(), filled); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -52,7 +53,7 @@ template class stdlib_array : public testing::Test { EXPECT_TRUE(filled_len.is_constant()); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -97,7 +98,7 @@ template class stdlib_array : public testing::Test { EXPECT_EQ(popped.get_value(), values[filled - 1]); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); }; @@ -149,7 +150,7 @@ template class stdlib_array : public testing::Test { EXPECT_EQ(value_ct.get_value(), values_ct[filled].get_value()); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -189,7 +190,7 @@ template class stdlib_array : public testing::Test { EXPECT_EQ(num_pushes, ARRAY_LEN); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -246,7 +247,7 @@ template class stdlib_array : public testing::Test { EXPECT_EQ(is_empty.get_value(), true); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); }; @@ -278,7 +279,7 @@ template class stdlib_array : public testing::Test { bool proof_result = false; if (!builder.failed()) { info("num gates = ", builder.get_num_gates()); - proof_result = builder.check_circuit(); + proof_result = CircuitChecker::check(builder); } return std::make_pair(proof_result, builder.err()); @@ -566,7 +567,7 @@ template class stdlib_array : public testing::Test { EXPECT_EQ(arr[2].get_values().second.get_value(), 30); info("num gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp index da806c978ef6..9505de039ab5 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/field/field.test.cpp @@ -1,6 +1,7 @@ #include "field.hpp" #include "../bool/bool.hpp" #include "array.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/streams.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/plonk/proof_system/constants.hpp" @@ -91,7 +92,7 @@ template class stdlib_field : public testing::Test { field_ct a(witness_ct(&builder, elt)); a.create_range_constraint(num_bits, "field_tests: range_constraint on a fails"); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, expect_verified); if (verified != expect_verified) { info("Range constraint malfunction on ", elt, " with num_bits ", num_bits); @@ -164,7 +165,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(x.get_value(), 1); EXPECT_EQ(y.get_value(), 1); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, expected_result); }; @@ -187,7 +188,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(builder.get_variable(builder.blocks.main.w_o()[gates_after - 1]), fr(expected)); } info("Number of gates added", gates_after - gates_before); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -219,7 +220,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(out.get_value(), 0); EXPECT_EQ(out.is_constant(), true); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -234,7 +235,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(b.get_value(), 10); EXPECT_EQ(a.get_value(), 11); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -249,7 +250,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(b.get_value(), 11); EXPECT_EQ(a.get_value(), 11); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -267,7 +268,7 @@ template class stdlib_field : public testing::Test { } EXPECT_EQ(gates_after - gates_before, 18UL); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -288,7 +289,7 @@ template class stdlib_field : public testing::Test { // builder.assert_equal(sum_sqrs.witness_index, c_sqr.witness_index, "triple is not pythagorean"); c_sqr.assert_equal(sum_sqrs); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); for (size_t i = 0; i < builder.variables.size(); i++) { info(i, builder.variables[i]); @@ -318,7 +319,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(gates_after - gates_before, 4UL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -346,7 +347,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(gates_after - gates_before, 4UL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -375,7 +376,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(gates_after - gates_before, 7UL); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -386,7 +387,7 @@ template class stdlib_field : public testing::Test { generate_test_plonk_circuit(builder, n); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -426,7 +427,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(d_zero.get_value(), true); EXPECT_EQ(e_zero.get_value(), false); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -475,7 +476,7 @@ template class stdlib_field : public testing::Test { n = n.normalize(); EXPECT_EQ(m.get_value(), n.get_value()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -502,7 +503,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result_c.get_value(), c.get_value()); EXPECT_EQ(result_d.get_value(), d.get_value()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -522,7 +523,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(slice_data[1].get_value(), fr(169)); EXPECT_EQ(slice_data[2].get_value(), fr(61)); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -542,7 +543,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(slice_data[1].get_value(), fr(1)); EXPECT_EQ(slice_data[2].get_value(), fr(986)); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -565,7 +566,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(slice[1].get_value(), fr(expected1)); EXPECT_EQ(slice[2].get_value(), fr(expected2)); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -604,7 +605,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result_g.get_value(), g.get_value()); EXPECT_EQ(result_h.get_value(), h.get_value()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -643,7 +644,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(bit_sum, a_expected); }; - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); ASSERT_TRUE(verified); }; @@ -671,7 +672,7 @@ template class stdlib_field : public testing::Test { field_ct a = witness_ct(&builder, a_expected); std::vector c = a.decompose_into_bits(256, witness_supplier); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); ASSERT_FALSE(verified); }; @@ -694,7 +695,7 @@ template class stdlib_field : public testing::Test { a.assert_is_in_set(set); info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -713,7 +714,7 @@ template class stdlib_field : public testing::Test { f.assert_is_in_set(set); info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } @@ -732,7 +733,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result.get_value(), expected); info("num gates = ", builder.get_num_gates()); - bool check_result = builder.check_circuit(); + bool check_result = CircuitChecker::check(builder); EXPECT_EQ(check_result, true); } @@ -750,7 +751,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result.get_value(), bb::fr(1)); info("num gates = ", builder.get_num_gates()); - bool check_result = builder.check_circuit(); + bool check_result = CircuitChecker::check(builder); EXPECT_EQ(check_result, true); } @@ -768,7 +769,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result.get_value(), base_val); info("num gates = ", builder.get_num_gates()); - bool check_result = builder.check_circuit(); + bool check_result = CircuitChecker::check(builder); EXPECT_EQ(check_result, true); } @@ -807,7 +808,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result.get_value(), expected); info("num gates = ", builder.get_num_gates()); - bool check_result = builder.check_circuit(); + bool check_result = CircuitChecker::check(builder); EXPECT_EQ(check_result, true); } @@ -826,7 +827,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result.get_value(), expected); info("num gates = ", builder.get_num_gates()); - bool check_result = builder.check_circuit(); + bool check_result = CircuitChecker::check(builder); EXPECT_EQ(check_result, true); }; @@ -866,7 +867,7 @@ template class stdlib_field : public testing::Test { info("num gates = ", builder.get_num_gates()); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -910,7 +911,7 @@ template class stdlib_field : public testing::Test { EXPECT_EQ(result.get_value(), expected); } - bool check_result = builder.check_circuit(); + bool check_result = CircuitChecker::check(builder); EXPECT_EQ(check_result, true); } }; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/group/cycle_group.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/group/cycle_group.test.cpp index 71a88d52db30..37048a0c8c2a 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/group/cycle_group.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/group/cycle_group.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/stdlib/primitives/group/cycle_group.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/crypto/pedersen_commitment/pedersen.hpp" #include "barretenberg/crypto/pedersen_hash/pedersen.hpp" #include "barretenberg/numeric/random/engine.hpp" @@ -61,7 +62,7 @@ TYPED_TEST(CycleGroupTest, TestValidateOnCurveSucceed) cycle_group_ct a = cycle_group_ct::from_witness(&builder, lhs); a.validate_is_on_curve(); EXPECT_FALSE(builder.failed()); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } /** @@ -80,7 +81,7 @@ TYPED_TEST(CycleGroupTest, TestValidateOnCurveInfinitySucceed) cycle_group_ct a(x, y, /*_is_infinity=*/true); // marks this point as the point at infinity a.validate_is_on_curve(); EXPECT_FALSE(builder.failed()); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } /** @@ -99,7 +100,7 @@ TYPED_TEST(CycleGroupTest, TestValidateOnCurveFail) cycle_group_ct a(x, y, /*_is_infinity=*/false); a.validate_is_on_curve(); EXPECT_TRUE(builder.failed()); - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } TYPED_TEST(CycleGroupTest, TestDbl) @@ -119,7 +120,7 @@ TYPED_TEST(CycleGroupTest, TestDbl) AffineElement result = c.get_value(); EXPECT_EQ(result, expected); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -143,7 +144,7 @@ TYPED_TEST(CycleGroupTest, TestUnconditionalAdd) add(TestFixture::generators[0], TestFixture::generators[1], true, false); add(TestFixture::generators[0], TestFixture::generators[1], true, true); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -163,7 +164,7 @@ TYPED_TEST(CycleGroupTest, TestConstrainedUnconditionalAddSucceed) AffineElement result = c.get_value(); EXPECT_EQ(result, expected); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -182,7 +183,7 @@ TYPED_TEST(CycleGroupTest, TestConstrainedUnconditionalAddFail) EXPECT_TRUE(builder.failed()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, false); } @@ -253,7 +254,7 @@ TYPED_TEST(CycleGroupTest, TestAdd) EXPECT_EQ(result, expected); } - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -277,7 +278,7 @@ TYPED_TEST(CycleGroupTest, TestUnconditionalSubtract) add(TestFixture::generators[0], TestFixture::generators[1], true, false); add(TestFixture::generators[0], TestFixture::generators[1], true, true); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -297,7 +298,7 @@ TYPED_TEST(CycleGroupTest, TestConstrainedUnconditionalSubtractSucceed) AffineElement result = c.get_value(); EXPECT_EQ(result, expected); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -316,7 +317,7 @@ TYPED_TEST(CycleGroupTest, TestConstrainedUnconditionalSubtractFail) EXPECT_TRUE(builder.failed()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, false); } @@ -389,7 +390,7 @@ TYPED_TEST(CycleGroupTest, TestSubtract) EXPECT_TRUE(c.get_value().is_point_at_infinity()); } - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -576,7 +577,7 @@ TYPED_TEST(CycleGroupTest, TestBatchMul) EXPECT_EQ(result.is_point_at_infinity().get_value(), true); } - bool check_result = builder.check_circuit(); + bool check_result = CircuitChecker::check(builder); EXPECT_EQ(check_result, true); } @@ -616,7 +617,7 @@ TYPED_TEST(CycleGroupTest, TestMul) } } - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } #pragma GCC diagnostic pop diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp index d0ac7d4f1b2f..ac48c222104d 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/logic/logic.test.cpp @@ -2,6 +2,7 @@ #include "../bool/bool.hpp" #include "../circuit_builders/circuit_builders.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/numeric/uint256/uint256.hpp" #include "barretenberg/proof_system/types/circuit_type.hpp" @@ -80,7 +81,7 @@ TYPED_TEST(LogicTest, TestCorrectLogic) for (size_t i = 8; i < 248; i += 8) { run_test(i, builder); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -108,7 +109,7 @@ TYPED_TEST(LogicTest, LargeOperands) EXPECT_EQ(uint256_t(and_result.get_value()), and_expected); EXPECT_EQ(uint256_t(xor_result.get_value()), xor_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -140,7 +141,7 @@ TYPED_TEST(LogicTest, DifferentWitnessSameResult) field_ct xor_result = stdlib::logic::create_logic_constraint(x, y, 32, true, get_bad_chunk); EXPECT_EQ(uint256_t(xor_result.get_value()), xor_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp index ff419207d4f4..456edaf8f7ab 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/dynamic_array.test.cpp @@ -6,6 +6,7 @@ #include "../bool/bool.hpp" #include "../circuit_builders/circuit_builders.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" using namespace bb; @@ -59,6 +60,6 @@ TEST(DynamicArray, DynamicArrayReadWriteConsistency) array.conditional_pop(true); EXPECT_EQ(array.native_size(), max_size - 1); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/ram_table.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/ram_table.test.cpp index 4c58de3300b1..0027949679c5 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/ram_table.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/ram_table.test.cpp @@ -1,5 +1,6 @@ #include +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" #include "ram_table.hpp" @@ -45,7 +46,7 @@ TEST(ram_table, ram_table_init_read_consistency) EXPECT_EQ(result.get_value(), expected); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, true); } @@ -95,6 +96,6 @@ TEST(ram_table, ram_table_read_write_consistency) EXPECT_EQ(result.get_value(), expected); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/rom_table.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/rom_table.test.cpp index dbbb9b099375..79f12192d7f4 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/rom_table.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/memory/rom_table.test.cpp @@ -1,6 +1,7 @@ #include +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/proof_system/circuit_builder/ultra_circuit_builder.hpp" #include "rom_table.hpp" @@ -58,6 +59,6 @@ TEST(rom_table, rom_table_read_write_consistency) EXPECT_EQ(result.get_value(), expected); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp index 81552258c9b8..ccfd1a90dd43 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/packed_byte_array/packed_byte_array.test.cpp @@ -1,5 +1,6 @@ #include +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/stdlib/primitives/byte_array/byte_array.hpp" #include "barretenberg/stdlib/primitives/circuit_builders/circuit_builders.hpp" @@ -34,7 +35,7 @@ TYPED_TEST(PackedByteArrayTest, string_constructor_and_get_value_consistency) EXPECT_EQ(input, output); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } TYPED_TEST(PackedByteArrayTest, byte_array_constructor_consistency) @@ -49,7 +50,7 @@ TYPED_TEST(PackedByteArrayTest, byte_array_constructor_consistency) EXPECT_EQ(input, output); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } TYPED_TEST(PackedByteArrayTest, byte_array_cast_consistency) @@ -63,7 +64,7 @@ TYPED_TEST(PackedByteArrayTest, byte_array_cast_consistency) std::string output = converted.get_string(); EXPECT_EQ(input, output); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } TYPED_TEST(PackedByteArrayTest, TestUnverifiedByteSlices) @@ -92,7 +93,7 @@ TYPED_TEST(PackedByteArrayTest, TestUnverifiedByteSlices) EXPECT_EQ(result, uint32s[i]); } - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } TYPED_TEST(PackedByteArrayTest, TestAppendUint8) @@ -142,7 +143,7 @@ TYPED_TEST(PackedByteArrayTest, TestAppendUint8) EXPECT_EQ(result, bytes[i]); } - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } TYPED_TEST(PackedByteArrayTest, TestAppendUint32) @@ -191,5 +192,5 @@ TYPED_TEST(PackedByteArrayTest, TestAppendUint32) EXPECT_EQ(result, uint32s[i]); } - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp index 00d2b6846eed..8103f159e34f 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/plookup/plookup.test.cpp @@ -1,5 +1,6 @@ #include "plookup.hpp" #include "../byte_array/byte_array.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/bitop/rotate.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/stdlib/primitives/bigfield/bigfield.hpp" @@ -94,7 +95,7 @@ auto& engine = numeric::get_debug_randomness(); // EXPECT_EQ(lookup_hi[ColumnIdx::C3][i].get_value(), expected_y[i + num_lookups_lo]); // } -// bool result = builder.check_circuit(); +// bool result = CircuitChecker::check(builder); // EXPECT_EQ(result, true); // } @@ -171,7 +172,7 @@ auto& engine = numeric::get_debug_randomness(); // EXPECT_EQ(lookup_hi[ColumnIdx::C3][i].get_value(), expected_y[i + num_lookups_lo]); // } -// bool result = builder.check_circuit(); +// bool result = CircuitChecker::check(builder); // EXPECT_EQ(result, true); // } @@ -215,7 +216,7 @@ TEST(stdlib_plookup, uint32_xor) EXPECT_EQ(lookup[ColumnIdx::C3][i].get_value(), bb::fr(out_expected[i])); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -284,7 +285,7 @@ TEST(stdlib_plookup, blake2s_xor_rotate_16) uint32_t xor_rotate_output = numeric::rotate32(uint32_t(left_value) ^ uint32_t(right_value), 16); EXPECT_EQ(fr(uint256_t(xor_rotate_output)), lookup_output); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -342,7 +343,7 @@ TEST(stdlib_plookup, blake2s_xor_rotate_8) uint32_t xor_rotate_output = numeric::rotate32(uint32_t(left_value) ^ uint32_t(right_value), 8); EXPECT_EQ(fr(uint256_t(xor_rotate_output)), lookup_output); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -400,7 +401,7 @@ TEST(stdlib_plookup, blake2s_xor_rotate_7) uint32_t xor_rotate_output = numeric::rotate32(uint32_t(left_value) ^ uint32_t(right_value), 7); EXPECT_EQ(fr(uint256_t(xor_rotate_output)), lookup_output); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -463,7 +464,7 @@ TEST(stdlib_plookup, blake2s_xor) EXPECT_EQ(lookup[ColumnIdx::C3][i].get_value(), bb::fr(out_expected[i])); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -505,7 +506,7 @@ TEST(stdlib_plookup, uint32_and) EXPECT_EQ(lookup[ColumnIdx::C3][i].get_value(), bb::fr(out_expected[i])); } - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -601,6 +602,6 @@ TEST(stdlib_plookup, secp256k1_generator) curve::g1::affine_element expected(curve::g1::one * input_value); EXPECT_EQ(result, expected); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp index 93c167cbde62..63aa1d77549f 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/safe_uint/safe_uint.test.cpp @@ -1,6 +1,7 @@ #include "safe_uint.hpp" #include "../byte_array/byte_array.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include "barretenberg/stdlib/primitives/bool/bool.hpp" #include "barretenberg/stdlib/primitives/witness/witness.hpp" @@ -45,7 +46,7 @@ TYPED_TEST(SafeUintTest, TestConstructorWithValueOutOfRangeFails) field_ct a(witness_ct(&builder, 100)); suint_ct b(a, 2, "b"); - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } TYPED_TEST(SafeUintTest, TestConstructorWithValueInRange) @@ -56,7 +57,7 @@ TYPED_TEST(SafeUintTest, TestConstructorWithValueInRange) field_ct a(witness_ct(&builder, 100)); suint_ct b(a, 7); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } // * OPERATOR @@ -79,13 +80,13 @@ TYPED_TEST(SafeUintTest, TestMultiplyOperationOutOfRangeFails) for (auto i = 0; i < 159; i++) { c = c * d; } - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); try { // should throw an overflow error on the 160th iteration c = c * d; FAIL() << "Expected out of range error"; } catch (std::runtime_error const& err) { - EXPECT_TRUE(builder.check_circuit()); // no failing constraints should be created from multiply + EXPECT_TRUE(CircuitChecker::check(builder)); // no failing constraints should be created from multiply EXPECT_EQ(err.what(), std::string("exceeded modulus in safe_uint class")); } catch (...) { FAIL() << "Expected std::runtime_error modulus in safe_uint class"; @@ -110,7 +111,7 @@ TYPED_TEST(SafeUintTest, TestMultiplyOperationOnConstantsOutOfRangeFails) for (auto i = 0; i < 252; i++) { c = c * d; } - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); // Below we should exceed r, and expect a throw try { @@ -118,7 +119,7 @@ TYPED_TEST(SafeUintTest, TestMultiplyOperationOnConstantsOutOfRangeFails) c = c * d; FAIL() << "Expected out of range error"; } catch (std::runtime_error const& err) { - EXPECT_TRUE(builder.check_circuit()); // no failing constraint from multiply + EXPECT_TRUE(CircuitChecker::check(builder)); // no failing constraint from multiply EXPECT_EQ(err.what(), std::string("exceeded modulus in safe_uint class")); } catch (...) { FAIL() << "Expected std::runtime_error modulus in safe_uint class"; @@ -141,13 +142,13 @@ TYPED_TEST(SafeUintTest, TestAddOperationOutOfRangeFails) for (auto i = 0; i < 159; i++) { c = c * d; } - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); try { // should fail when we add and exceed the modulus c = c + c; FAIL() << "Expected out of range error"; } catch (std::runtime_error const& err) { - EXPECT_TRUE(builder.check_circuit()); // no failing constraints from add or multiply + EXPECT_TRUE(CircuitChecker::check(builder)); // no failing constraints from add or multiply EXPECT_EQ(err.what(), std::string("exceeded modulus in safe_uint class")); } catch (...) { FAIL() << "Expected std::runtime_error modulus in safe_uint class"; @@ -171,7 +172,7 @@ TYPED_TEST(SafeUintTest, TestSubtract) suint_ct d(b, 4); c = d.subtract(c, 3); // result is 7, which fits in 3 bits and does not fail the range constraint - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } /** @@ -190,7 +191,7 @@ TYPED_TEST(SafeUintTest, TestSubtractResultOutOfRange) suint_ct d(b, 4, "d"); c = d.subtract(c, 2, "d - c"); // we can't be sure that 4-bits minus 2-bits is 2-bits. - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } /** @@ -209,7 +210,7 @@ TYPED_TEST(SafeUintTest, TestSubtractUnderflowGeneral) suint_ct c(a, 0); suint_ct d(b, 1); c = c.subtract(d, suint_ct::MAX_BIT_NUM); - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } #endif @@ -231,7 +232,7 @@ TYPED_TEST(SafeUintTest, TestSubtractUnderflowSpecial) c = c.subtract(d, suint_ct::MAX_BIT_NUM); FAIL() << "Expected out of range error"; } catch (std::runtime_error const& err) { - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); EXPECT_EQ(err.what(), std::string("maximum value exceeded in safe_uint subtract")); } catch (...) { FAIL() << "Expected std::runtime_error modulus in safe_uint class"; @@ -255,7 +256,7 @@ TYPED_TEST(SafeUintTest, TestMinusOperator) suint_ct d(b, 2); c = c - d; // 9 - 2 = 7 should not underflow - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } /** @@ -272,7 +273,7 @@ TYPED_TEST(SafeUintTest, TestMinusOperatorValidOnZero) suint_ct c(a, 2); suint_ct d(b, 3); c = c - d; // 2 - 2 = 0 should not overflow, even if d has more bits than c. - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } #endif @@ -291,7 +292,7 @@ TYPED_TEST(SafeUintTest, TestMinusUnderflowGeneral1) suint_ct c(a, 2); suint_ct d(b, suint_ct::MAX_BIT_NUM); c = c - d; // generates range constraint that the difference is in [0, 3], which it is not with these witness values - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } #endif @@ -310,7 +311,7 @@ TYPED_TEST(SafeUintTest, TestMinusUnderflowGeneral2) suint_ct c(a, 2); suint_ct d(b, 3); c = c - d; - EXPECT_FALSE(builder.check_circuit()); // underflow should cause range constraint to fail + EXPECT_FALSE(CircuitChecker::check(builder)); // underflow should cause range constraint to fail } #endif @@ -335,7 +336,7 @@ TYPED_TEST(SafeUintTest, TestMinusUnderflowSpecial1) // the sum of maxes exceeds MAX_VALUE so we must throw an error FAIL() << "Expected error to be thrown"; } catch (std::runtime_error const& err) { - EXPECT_TRUE(builder.check_circuit()); // no incorrect constraints + EXPECT_TRUE(CircuitChecker::check(builder)); // no incorrect constraints EXPECT_EQ(err.what(), std::string("maximum value exceeded in safe_uint minus operator")); // possible underflow is detected // with check on maxes @@ -365,7 +366,7 @@ TYPED_TEST(SafeUintTest, TestMinusUnderflowSpecial2) c = c - d; // underflow and error should be thrown FAIL() << "Expected error to be thrown"; } catch (std::runtime_error const& err) { - EXPECT_FALSE(builder.check_circuit()); // underflow causes failing constraint + EXPECT_FALSE(CircuitChecker::check(builder)); // underflow causes failing constraint EXPECT_EQ(err.what(), std::string("maximum value exceeded in safe_uint minus operator")); // possible underflow is detected // with check on maxes @@ -394,7 +395,7 @@ TYPED_TEST(SafeUintTest, TestDivideMethod) suint_ct d2(b2, 32); c2 = d2.divide(c2, 32, 8); - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } TYPED_TEST(SafeUintTest, TestDivideMethodQuotientRangeTooSmallFails) @@ -408,7 +409,7 @@ TYPED_TEST(SafeUintTest, TestDivideMethodQuotientRangeTooSmallFails) suint_ct d(b, 6); d = d.divide(c, 4, 1, "d/c"); - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } #if !defined(__wasm__) @@ -438,7 +439,7 @@ TYPED_TEST(SafeUintTest, TestDivideMethodQuotientRemainderIncorrectFails) suint_ct d(b, 5); d = d.divide(c, 3, 2, "d/c", [](uint256_t, uint256_t) { return std::make_pair(2, 3); }); - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } TYPED_TEST(SafeUintTest, TestDivideMethodQuotientRemainderModRFails) @@ -455,7 +456,7 @@ TYPED_TEST(SafeUintTest, TestDivideMethodQuotientRemainderModRFails) // 19 / 5 in the field is 0x1d08fbde871dc67f6e96903a4db401d17e858b5eaf6f438a5bedf9bf2999999e, so the quotient // should fail the range check of 3-bits. - EXPECT_FALSE(builder.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(builder)); } TYPED_TEST(SafeUintTest, TestDivOperator) @@ -468,7 +469,7 @@ TYPED_TEST(SafeUintTest, TestDivOperator) a = a / b; - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } // / OPERATOR @@ -492,7 +493,7 @@ TYPED_TEST(SafeUintTest, TestDivideOperator) suint_ct d2(b2, 32); d2 / c2; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } // test failure when range for quotient too small @@ -503,7 +504,7 @@ TYPED_TEST(SafeUintTest, TestDivideOperator) suint_ct c(a, 2); suint_ct d(b, 5); d = d / c; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } // test failure when range for remainder too small @@ -514,7 +515,7 @@ TYPED_TEST(SafeUintTest, TestDivideOperator) suint_ct c(a, 2); suint_ct d(b, 5); d = d / c; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } // test failure when quotient and remainder values are wrong @@ -525,7 +526,7 @@ TYPED_TEST(SafeUintTest, TestDivideOperator) suint_ct c(a, 2); suint_ct d(b, 5); d = d / c; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } // test failure when quotient and remainder are only correct mod r @@ -536,7 +537,7 @@ TYPED_TEST(SafeUintTest, TestDivideOperator) suint_ct c(a, 2); suint_ct d(b, 5); d = d / c; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } } @@ -561,7 +562,7 @@ TYPED_TEST(SafeUintTest, TestSlice) EXPECT_EQ(slice_data[1].get_value(), fr(169)); EXPECT_EQ(slice_data[2].get_value(), fr(61)); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_TRUE(result); } @@ -583,7 +584,7 @@ TYPED_TEST(SafeUintTest, TestSliceEqualMsbLsb) EXPECT_EQ(slice_data[1].get_value(), fr(1)); EXPECT_EQ(slice_data[2].get_value(), fr(986)); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_TRUE(result); } @@ -607,7 +608,7 @@ TYPED_TEST(SafeUintTest, TestSliceRandom) EXPECT_EQ(slice[1].get_value(), fr(expected1)); EXPECT_EQ(slice[2].get_value(), fr(expected2)); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_TRUE(result); } @@ -661,7 +662,7 @@ TYPED_TEST(SafeUintTest, TestOperatorDivRemainderConstraint) a.assert_equal(int_val); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } @@ -687,7 +688,7 @@ TYPED_TEST(SafeUintTest, TestDivRemainderConstraint) a.divide(b, 32, 32, "", supply_bad_witnesses); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/primitives/uint/uint.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/primitives/uint/uint.test.cpp index 73a4ac6c6dda..8192e36a02f2 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/primitives/uint/uint.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/primitives/uint/uint.test.cpp @@ -1,4 +1,5 @@ #include "uint.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/numeric/random/engine.hpp" #include #include @@ -120,7 +121,7 @@ template class stdlib_uint : public testing::Test { }; EXPECT_EQ(uint256_t(expected), a.get_value()); - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, true); }; @@ -232,7 +233,7 @@ template class stdlib_uint : public testing::Test { } }; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -266,7 +267,7 @@ template class stdlib_uint : public testing::Test { } }; - bool verified = builder.check_circuit(); + bool verified = CircuitChecker::check(builder); EXPECT_EQ(verified, true); } @@ -303,7 +304,7 @@ template class stdlib_uint : public testing::Test { EXPECT_EQ(result[i].get_value(), expected[i]); } - bool proof_valid = builder.check_circuit(); + bool proof_valid = CircuitChecker::check(builder); EXPECT_EQ(proof_valid, true); } @@ -352,7 +353,7 @@ template class stdlib_uint : public testing::Test { } }; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -366,7 +367,7 @@ template class stdlib_uint : public testing::Test { uint_ct b = a; uint_ct c = a * b; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -401,7 +402,7 @@ template class stdlib_uint : public testing::Test { EXPECT_EQ(a_result, a_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -452,7 +453,7 @@ template class stdlib_uint : public testing::Test { uint_native c_result = static_cast(builder.get_variable(c_witness_index).from_montgomery_form().data[0]); EXPECT_EQ(c_result, c_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -489,7 +490,7 @@ template class stdlib_uint : public testing::Test { uint_native c_result = static_cast(builder.get_variable(c_witness_index).from_montgomery_form().data[0]); EXPECT_EQ(c_result, c_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -523,7 +524,7 @@ template class stdlib_uint : public testing::Test { static_cast(builder.get_variable(a.get_witness_index()).from_montgomery_form().data[0]); EXPECT_EQ(a_result, a_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -557,7 +558,7 @@ template class stdlib_uint : public testing::Test { static_cast(builder.get_variable(a.get_witness_index()).from_montgomery_form().data[0]); EXPECT_EQ(a_result, a_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -610,7 +611,7 @@ template class stdlib_uint : public testing::Test { bool c_result = static_cast(c.get_value()); EXPECT_EQ(c_result, c_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); }; @@ -665,7 +666,7 @@ template class stdlib_uint : public testing::Test { static_cast(builder.get_variable(a.get_witness_index()).from_montgomery_form().data[0]); EXPECT_EQ(a_result, a_expected); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -819,7 +820,7 @@ template class stdlib_uint : public testing::Test { EXPECT_EQ(g_result, g_alt); EXPECT_EQ(h_result, h_alt); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -851,7 +852,7 @@ template class stdlib_uint : public testing::Test { add_integers(true, false); add_integers(true, true); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -883,7 +884,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -919,7 +920,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -975,7 +976,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1026,7 +1027,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1054,7 +1055,7 @@ template class stdlib_uint : public testing::Test { uint_ct e = c / d; e = e.normalize(); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, false); }; @@ -1092,7 +1093,7 @@ template class stdlib_uint : public testing::Test { } }; - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -1169,7 +1170,7 @@ template class stdlib_uint : public testing::Test { builder.create_range_constraint( remainder_idx, uint_native_width, "remainder range constraint fails in div_remainder_constraint test"); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, false); } @@ -1204,7 +1205,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1239,7 +1240,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1278,7 +1279,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1308,7 +1309,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1347,7 +1348,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1388,7 +1389,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1428,7 +1429,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1469,7 +1470,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1510,7 +1511,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1551,7 +1552,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1579,7 +1580,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1607,7 +1608,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1635,7 +1636,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1667,7 +1668,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1699,7 +1700,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } @@ -1732,7 +1733,7 @@ template class stdlib_uint : public testing::Test { printf("builder gates = %zu\n", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } }; @@ -1936,6 +1937,6 @@ TEST(stdlib_uint32, test_accumulators_plookup_uint32) info("builder gates = ", builder.get_num_gates()); - bool proof_result = builder.check_circuit(); + bool proof_result = CircuitChecker::check(builder); EXPECT_EQ(proof_result, true); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/CMakeLists.txt b/barretenberg/cpp/src/barretenberg/stdlib/recursion/CMakeLists.txt index 09dd4c932a33..5a24c0ff3f09 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/CMakeLists.txt +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/CMakeLists.txt @@ -1 +1 @@ -barretenberg_module(stdlib_recursion ecc proof_system stdlib_primitives stdlib_pedersen_commitment stdlib_blake3s ultra_honk eccvm translator_vm stdlib_poseidon2) \ No newline at end of file +barretenberg_module(stdlib_recursion ecc proof_system stdlib_primitives stdlib_pedersen_commitment stdlib_blake3s ultra_honk eccvm translator_vm stdlib_poseidon2 circuit_checker) \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/aggregation_state/aggregation_state.hpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/aggregation_state/aggregation_state.hpp index a3da3e09af11..32ce433ad66b 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/aggregation_state/aggregation_state.hpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/aggregation_state/aggregation_state.hpp @@ -1,5 +1,6 @@ #pragma once #include "../../primitives/field/field.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" namespace bb::stdlib::recursion { @@ -68,7 +69,7 @@ template struct aggregation_state { auto* context = P0.get_context(); - context->check_circuit(); + CircuitChecker::check(*context); info("checked circuit before add_recursive_proof"); context->add_recursive_proof(proof_witness_indices); } diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/transcript/transcript.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/transcript/transcript.test.cpp index f34292c12523..fff2164b4409 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/transcript/transcript.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/transcript/transcript.test.cpp @@ -1,5 +1,6 @@ #include +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/ecc/curves/bn254/fr.hpp" #include "barretenberg/ecc/curves/bn254/g1.hpp" #include "barretenberg/flavor/ultra.hpp" @@ -116,7 +117,7 @@ TEST(RecursiveHonkTranscript, InterfacesMatch) // TODO(#1351): The Honk stdlib transcript does not currently lay down contraints for fiat-shamir hashing so // check_circuit has limited value. - EXPECT_TRUE(builder.check_circuit()); + EXPECT_TRUE(CircuitChecker::check(builder)); } /** diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp index ddde25cf774f..242977c212ba 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/goblin_verifier.test.cpp @@ -1,3 +1,4 @@ +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/flavor/ultra_recursive.hpp" #include "barretenberg/stdlib/hash/blake3s/blake3s.hpp" @@ -123,7 +124,8 @@ template class GoblinRecursiveVerifierTest : public testi { auto inner_circuit = create_inner_circuit(); - bool result = inner_circuit.check_circuit(); + bool result = CircuitChecker::check(inner_circuit); + EXPECT_EQ(result, true); } @@ -241,7 +243,7 @@ template class GoblinRecursiveVerifierTest : public testi verifier.verify_proof(inner_proof); // We expect the circuit check to fail due to the bad proof - EXPECT_FALSE(outer_circuit.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(outer_circuit)); } }; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/protogalaxy_recursive_verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/protogalaxy_recursive_verifier.test.cpp index 5876c226d469..4563f3d34c91 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/protogalaxy_recursive_verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/protogalaxy_recursive_verifier.test.cpp @@ -1,4 +1,5 @@ #include "barretenberg/stdlib/recursion/honk/verifier/protogalaxy_recursive_verifier.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/flavor/ultra_recursive.hpp" #include "barretenberg/protogalaxy/decider_prover.hpp" @@ -136,7 +137,7 @@ template class ProtoGalaxyRecursiveTests : public tes create_function_circuit(builder); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); }; @@ -337,7 +338,7 @@ template class ProtoGalaxyRecursiveTests : public tes info("Decider Recursive Verifier: num gates = ", decider_circuit.num_gates); // We expect the decider circuit check to fail due to the bad proof - EXPECT_FALSE(decider_circuit.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(decider_circuit)); }; static void test_tampered_accumulator() diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/verifier.test.cpp index 44f79b69401d..90d627de8ab5 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/honk/verifier/verifier.test.cpp @@ -1,3 +1,4 @@ +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/flavor/ultra_recursive.hpp" #include "barretenberg/stdlib/hash/blake3s/blake3s.hpp" @@ -108,7 +109,7 @@ template class HonkRecursiveVerifierTest : public testing create_inner_circuit(builder); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } @@ -228,7 +229,7 @@ template class HonkRecursiveVerifierTest : public testing verifier.verify_proof(inner_proof); // We expect the circuit check to fail due to the bad proof - EXPECT_FALSE(outer_circuit.check_circuit()); + EXPECT_FALSE(CircuitChecker::check(outer_circuit)); } }; diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/transcript/transcript.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/transcript/transcript.test.cpp index 78acde2d5f76..6a24bd4da13e 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/transcript/transcript.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/transcript/transcript.test.cpp @@ -1,5 +1,6 @@ #include +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/ecc/curves/bn254/fr.hpp" #include "barretenberg/ecc/curves/bn254/g1.hpp" #include "barretenberg/transcript/transcript.hpp" @@ -271,6 +272,6 @@ TEST(stdlib_transcript, validate_transcript) info("builder gates = ", builder.get_num_gates()); - auto result = builder.check_circuit(); + auto result = CircuitChecker::check(builder); EXPECT_EQ(result, true); } \ No newline at end of file diff --git a/barretenberg/cpp/src/barretenberg/stdlib/recursion/verifier/verifier.test.cpp b/barretenberg/cpp/src/barretenberg/stdlib/recursion/verifier/verifier.test.cpp index 6901e9016f96..181cdd85c5cd 100644 --- a/barretenberg/cpp/src/barretenberg/stdlib/recursion/verifier/verifier.test.cpp +++ b/barretenberg/cpp/src/barretenberg/stdlib/recursion/verifier/verifier.test.cpp @@ -1,6 +1,7 @@ #include "verifier.hpp" #include "program_settings.hpp" +#include "barretenberg/circuit_checker/circuit_checker.hpp" #include "barretenberg/common/test.hpp" #include "barretenberg/ecc/curves/bn254/fq12.hpp" #include "barretenberg/ecc/curves/bn254/pairing.hpp" @@ -346,7 +347,7 @@ template class stdlib_verifier : public testing::Test { static void check_recursive_verification_circuit(OuterBuilder& outer_circuit, bool expected_result) { info("number of gates in recursive verification circuit = ", outer_circuit.get_num_gates()); - bool result = outer_circuit.check_circuit(); + bool result = CircuitChecker::check(outer_circuit); EXPECT_EQ(result, expected_result); auto g2_lines = srs::get_bn254_crs_factory()->get_verifier_crs()->get_precomputed_g2_lines(); EXPECT_EQ(check_recursive_proof_public_inputs(outer_circuit, g2_lines), true); @@ -364,7 +365,7 @@ template class stdlib_verifier : public testing::Test { create_inner_circuit(builder, inputs); - bool result = builder.check_circuit(); + bool result = CircuitChecker::check(builder); EXPECT_EQ(result, true); }