From 1733b7213d5a94a595efcdeb8e332c1c077db816 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Fri, 3 Feb 2023 00:02:16 +0000 Subject: [PATCH 01/13] Removed all files in rollup/ not necessary for join split tests --- cpp/src/aztec/CMakeLists.txt | 6 - cpp/src/aztec/rollup/CMakeLists.txt | 12 +- .../aztec/rollup/ci_failsafe/CMakeLists.txt | 1 - .../rollup/ci_failsafe/failsafe.test.cpp | 13 - cpp/src/aztec/rollup/db_cli/CMakeLists.txt | 11 - cpp/src/aztec/rollup/db_cli/get.hpp | 28 - cpp/src/aztec/rollup/db_cli/main.cpp | 164 -- cpp/src/aztec/rollup/db_cli/put.hpp | 32 - .../fixtures/compute_or_load_fixture.hpp | 47 - .../aztec/rollup/fixtures/test_context.hpp | 204 --- cpp/src/aztec/rollup/keygen/CMakeLists.txt | 11 - cpp/src/aztec/rollup/keygen/main.cpp | 84 - cpp/src/aztec/rollup/proofs/CMakeLists.txt | 5 - .../rollup/proofs/account/CMakeLists.txt | 11 - .../aztec/rollup/proofs/account/account.cpp | 282 --- .../rollup/proofs/account/account.test.cpp | 453 ----- .../rollup/proofs/account/account_tx.cpp | 47 - .../rollup/proofs/account/account_tx.test.cpp | 39 - .../proofs/account/account_tx_factory.hpp | 77 - .../aztec/rollup/proofs/account/c_bind.cpp | 113 -- cpp/src/aztec/rollup/proofs/account/c_bind.h | 26 - .../proofs/account/compute_signing_data.cpp | 28 - .../proofs/account/compute_signing_data.hpp | 12 - .../rollup/proofs/account/create_proof.hpp | 34 - cpp/src/aztec/rollup/proofs/account/index.hpp | 8 - .../aztec/rollup/proofs/account/verify.cpp | 32 - .../aztec/rollup/proofs/account/verify.hpp | 19 - .../aztec/rollup/proofs/claim/CMakeLists.txt | 11 - .../aztec/rollup/proofs/claim/claim.test.cpp | 1584 ----------------- .../rollup/proofs/claim/claim_circuit.cpp | 216 --- .../rollup/proofs/claim/claim_circuit.hpp | 15 - .../aztec/rollup/proofs/claim/claim_tx.hpp | 117 -- .../rollup/proofs/claim/claim_tx.test.cpp | 43 - .../rollup/proofs/claim/claim_tx_factory.hpp | 48 - .../rollup/proofs/claim/create_proof.hpp | 27 - .../rollup/proofs/claim/get_circuit_data.hpp | 35 - cpp/src/aztec/rollup/proofs/claim/index.hpp | 8 - .../aztec/rollup/proofs/claim/ratio_check.hpp | 160 -- .../rollup/proofs/claim/ratio_check.test.cpp | 271 --- cpp/src/aztec/rollup/proofs/claim/verify.cpp | 45 - cpp/src/aztec/rollup/proofs/claim/verify.hpp | 22 - .../aztec/rollup/proofs/join_split/c_bind.h | 17 - .../aztec/rollup/proofs/join_split/index.hpp | 1 - .../proofs/join_split/join_split_tx.test.cpp | 1 - .../join_split/join_split_tx_factory.hpp | 204 --- .../aztec/rollup/proofs/rollup/CMakeLists.txt | 5 - .../proofs/rollup/compute_circuit_data.hpp | 85 - .../rollup/proofs/rollup/create_rollup_tx.hpp | 270 --- cpp/src/aztec/rollup/proofs/rollup/index.hpp | 6 - .../rollup/proofs/rollup/rollup_circuit.cpp | 444 ----- .../rollup/proofs/rollup/rollup_circuit.hpp | 28 - .../proofs/rollup/rollup_circuit.test.cpp | 1336 -------------- .../rollup/rollup_circuit_full.test.cpp | 259 --- .../proofs/rollup/rollup_proof_data.cpp | 95 - .../proofs/rollup/rollup_proof_data.hpp | 137 -- .../aztec/rollup/proofs/rollup/rollup_tx.hpp | 160 -- .../rollup/proofs/rollup/rollup_tx.test.cpp | 57 - cpp/src/aztec/rollup/proofs/rollup/verify.cpp | 46 - cpp/src/aztec/rollup/proofs/rollup/verify.hpp | 17 - .../rollup/proofs/root_rollup/CMakeLists.txt | 1 - .../root_rollup/compute_circuit_data.cpp | 88 - .../root_rollup/compute_circuit_data.hpp | 27 - .../root_rollup/create_root_rollup_tx.hpp | 63 - .../aztec/rollup/proofs/root_rollup/index.hpp | 7 - .../proofs/root_rollup/root_rollup.test.cpp | 383 ---- .../root_rollup_broadcast_data.cpp | 81 - .../root_rollup_broadcast_data.hpp | 159 -- .../root_rollup/root_rollup_circuit.cpp | 380 ---- .../root_rollup/root_rollup_circuit.hpp | 27 - .../root_rollup/root_rollup_full.test.cpp | 245 --- .../root_rollup/root_rollup_proof_data.cpp | 45 - .../root_rollup/root_rollup_proof_data.hpp | 27 - .../proofs/root_rollup/root_rollup_tx.hpp | 135 -- .../root_rollup/root_rollup_tx.test.cpp | 51 - .../rollup/proofs/root_rollup/verify.cpp | 57 - .../rollup/proofs/root_rollup/verify.hpp | 23 - .../proofs/root_verifier/CMakeLists.txt | 1 - .../root_verifier/compute_circuit_data.hpp | 65 - .../root_verifier/create_root_verifier_tx.hpp | 38 - .../rollup/proofs/root_verifier/index.hpp | 7 - .../root_verifier/root_verifier.test.cpp | 135 -- .../root_verifier/root_verifier_circuit.cpp | 41 - .../root_verifier/root_verifier_circuit.hpp | 33 - .../root_verifier/root_verifier_full.test.cpp | 153 -- .../root_verifier_proof_data.cpp | 33 - .../root_verifier_proof_data.hpp | 27 - .../proofs/root_verifier/root_verifier_tx.hpp | 44 - .../root_verifier/root_verifier_tx.test.cpp | 15 - .../rollup/proofs/root_verifier/verify.cpp | 52 - .../rollup/proofs/root_verifier/verify.hpp | 20 - .../aztec/rollup/rollup_cli/CMakeLists.txt | 11 - cpp/src/aztec/rollup/rollup_cli/main.cpp | 306 ---- .../aztec/rollup/tx_factory/CMakeLists.txt | 9 - cpp/src/aztec/rollup/tx_factory/main.cpp | 124 -- .../aztec/rollup/world_state/world_state.hpp | 69 - 95 files changed, 2 insertions(+), 10549 deletions(-) delete mode 100644 cpp/src/aztec/rollup/ci_failsafe/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/ci_failsafe/failsafe.test.cpp delete mode 100644 cpp/src/aztec/rollup/db_cli/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/db_cli/get.hpp delete mode 100644 cpp/src/aztec/rollup/db_cli/main.cpp delete mode 100644 cpp/src/aztec/rollup/db_cli/put.hpp delete mode 100644 cpp/src/aztec/rollup/fixtures/compute_or_load_fixture.hpp delete mode 100644 cpp/src/aztec/rollup/fixtures/test_context.hpp delete mode 100644 cpp/src/aztec/rollup/keygen/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/keygen/main.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/proofs/account/account.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/account.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/account_tx.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/account_tx.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/account_tx_factory.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/c_bind.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/c_bind.h delete mode 100644 cpp/src/aztec/rollup/proofs/account/compute_signing_data.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/compute_signing_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/create_proof.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/index.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/verify.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/verify.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/proofs/claim/claim.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/claim_circuit.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/claim_circuit.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/claim_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/claim_tx.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/claim_tx_factory.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/create_proof.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/get_circuit_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/index.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/ratio_check.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/ratio_check.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/verify.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/claim/verify.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/join_split/join_split_tx_factory.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/compute_circuit_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/create_rollup_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/index.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_circuit_full.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/rollup_tx.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/verify.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/rollup/verify.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/create_root_rollup_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/index.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_full.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/verify.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_rollup/verify.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/compute_circuit_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/create_root_verifier_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/index.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_full.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/verify.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/root_verifier/verify.hpp delete mode 100644 cpp/src/aztec/rollup/rollup_cli/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/rollup_cli/main.cpp delete mode 100644 cpp/src/aztec/rollup/tx_factory/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/tx_factory/main.cpp delete mode 100644 cpp/src/aztec/rollup/world_state/world_state.hpp diff --git a/cpp/src/aztec/CMakeLists.txt b/cpp/src/aztec/CMakeLists.txt index eac67df28c..a1c4b6e3ac 100644 --- a/cpp/src/aztec/CMakeLists.txt +++ b/cpp/src/aztec/CMakeLists.txt @@ -63,12 +63,6 @@ if(WASM) $ $ $ - # TODO: remove all except those needed for testing (join_split) - $ - $ - $ - $ - $ ) # With binaryen installed, it seems its wasm backend optimiser gets invoked automatically. diff --git a/cpp/src/aztec/rollup/CMakeLists.txt b/cpp/src/aztec/rollup/CMakeLists.txt index 56600568f8..62bba1c3d9 100644 --- a/cpp/src/aztec/rollup/CMakeLists.txt +++ b/cpp/src/aztec/rollup/CMakeLists.txt @@ -1,12 +1,4 @@ -if(NOT WASM) +if(NOT WASM) link_libraries(leveldb) - if (NOT FUZZING) - add_subdirectory(db_cli) - add_subdirectory(keygen) - add_subdirectory(rollup_cli) - add_subdirectory(tx_factory) - endif() endif() - -add_subdirectory(proofs) -add_subdirectory(ci_failsafe) \ No newline at end of file +add_subdirectory(proofs) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/ci_failsafe/CMakeLists.txt b/cpp/src/aztec/rollup/ci_failsafe/CMakeLists.txt deleted file mode 100644 index 2f84ba21ad..0000000000 --- a/cpp/src/aztec/rollup/ci_failsafe/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -barretenberg_module(ci_failsafe) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/ci_failsafe/failsafe.test.cpp b/cpp/src/aztec/rollup/ci_failsafe/failsafe.test.cpp deleted file mode 100644 index 6e9cba7b2d..0000000000 --- a/cpp/src/aztec/rollup/ci_failsafe/failsafe.test.cpp +++ /dev/null @@ -1,13 +0,0 @@ -#include "../constants.hpp" -#include - -/** - * @brief This test detects if the circuit change expected constant is disabled. It is used so that developers can - * safely change stuff in circuits and run tests in PRs, but there is one last failsafe that doesn't allow them to merge - * it. - * - */ -TEST(ci_failsafe, detect_circuit_change_disabled) -{ - EXPECT_EQ(rollup::circuit_gate_count::is_circuit_change_expected, 0); -} \ No newline at end of file diff --git a/cpp/src/aztec/rollup/db_cli/CMakeLists.txt b/cpp/src/aztec/rollup/db_cli/CMakeLists.txt deleted file mode 100644 index 933c2f86c9..0000000000 --- a/cpp/src/aztec/rollup/db_cli/CMakeLists.txt +++ /dev/null @@ -1,11 +0,0 @@ -add_executable( - db_cli - main.cpp -) - -target_link_libraries( - db_cli - PRIVATE - stdlib_merkle_tree - env -) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/db_cli/get.hpp b/cpp/src/aztec/rollup/db_cli/get.hpp deleted file mode 100644 index f1c9c60677..0000000000 --- a/cpp/src/aztec/rollup/db_cli/get.hpp +++ /dev/null @@ -1,28 +0,0 @@ -#pragma once -#include -#include - -struct GetRequest { - uint8_t tree_id; - uint256_t index; -}; - -struct GetResponse { - barretenberg::fr value; -}; - -void read(std::istream& s, GetRequest& r) -{ - read(s, r.tree_id); - read(s, r.index); -} - -void write(std::ostream& s, GetResponse const& r) -{ - write(s, r.value); -} - -std::ostream& operator<<(std::ostream& os, GetRequest const& get_request) -{ - return os << "GET (tree:" << (int)get_request.tree_id << " index:" << get_request.index << ")"; -} diff --git a/cpp/src/aztec/rollup/db_cli/main.cpp b/cpp/src/aztec/rollup/db_cli/main.cpp deleted file mode 100644 index c532325fff..0000000000 --- a/cpp/src/aztec/rollup/db_cli/main.cpp +++ /dev/null @@ -1,164 +0,0 @@ -#include "get.hpp" -#include "put.hpp" -#include -#include -#include - -using namespace plonk::stdlib::merkle_tree; - -char const* DB_PATH = "./world_state.db"; - -enum Command { - GET, - PUT, - COMMIT, - ROLLBACK, - GETPATH, - BATCH_PUT, -}; - -class WorldStateDb { - public: - WorldStateDb(std::string const& db_path) - : store_(db_path) - , data_tree_(store_, rollup::DATA_TREE_DEPTH, 0) - , nullifier_tree_(store_, rollup::NULL_TREE_DEPTH, 1) - , root_tree_(store_, rollup::ROOT_TREE_DEPTH, 2) - , defi_tree_(store_, rollup::DEFI_TREE_DEPTH, 3) - , trees_({ &data_tree_, &nullifier_tree_, &root_tree_, &defi_tree_ }) - { - if (root_tree_.size() == 0) { - root_tree_.update_element(0, data_tree_.root()); - store_.commit(); - } - - std::cerr << "Data root: " << data_tree_.root() << " size: " << data_tree_.size() << std::endl; - std::cerr << "Null root: " << nullifier_tree_.root() << " size: " << nullifier_tree_.size() << std::endl; - std::cerr << "Root root: " << root_tree_.root() << " size: " << root_tree_.size() << std::endl; - std::cerr << "Defi root: " << defi_tree_.root() << " size: " << defi_tree_.size() << std::endl; - } - - void write_metadata(std::ostream& os) - { - write(os, data_tree_.root()); - write(os, nullifier_tree_.root()); - write(os, root_tree_.root()); - write(os, defi_tree_.root()); - write(os, data_tree_.size()); - write(os, nullifier_tree_.size()); - write(os, root_tree_.size()); - write(os, defi_tree_.size()); - } - - void get(std::istream& is, std::ostream& os) - { - GetRequest get_request; - read(is, get_request); - // std::cerr << get_request << std::endl; - auto tree = trees_[get_request.tree_id]; - auto path = tree->get_hash_path(get_request.index); - auto leaf = get_request.index & 0x1 ? path[0].second : path[0].first; - write(os, leaf); - } - - void get_path(std::istream& is, std::ostream& os) - { - GetRequest get_request; - read(is, get_request); - // std::cerr << get_request << std::endl; - auto tree = trees_[get_request.tree_id]; - auto path = tree->get_hash_path(get_request.index); - write(os, path); - } - - void put(std::istream& is, std::ostream& os) - { - PutRequest put_request; - read(is, put_request); - // std::cerr << put_request << std::endl; - PutResponse put_response; - put_response.root = trees_[put_request.tree_id]->update_element(put_request.index, put_request.value); - write(os, put_response); - } - - void batch_put(std::istream& is, std::ostream& os) - { - std::vector put_requests; - read(is, put_requests); - for (auto& put_request : put_requests) { - trees_[put_request.tree_id]->update_element(put_request.index, put_request.value); - } - write_metadata(os); - } - - void commit(std::ostream& os) - { - // std::cerr << "COMMIT" << std::endl; - store_.commit(); - write_metadata(os); - } - - void rollback(std::ostream& os) - { - // std::cerr << "ROLLBACK" << std::endl; - store_.rollback(); - write_metadata(os); - } - - private: - LevelDbStore store_; - LevelDbTree data_tree_; - LevelDbTree nullifier_tree_; - LevelDbTree root_tree_; - LevelDbTree defi_tree_; - std::array trees_; -}; - -int main(int argc, char** argv) -{ - std::vector args(argv, argv + argc); - - if (args.size() > 1 && args[1] == "reset") { - LevelDbStore::destroy(args.size() > 2 ? args[2] : DB_PATH); - std::cout << "Erased db." << std::endl; - return 0; - } - - WorldStateDb world_state_db(args.size() > 1 ? args[1] : DB_PATH); - - world_state_db.write_metadata(std::cout); - - // Read commands from stdin. - while (true) { - uint8_t command; - - if (!std::cin.good() || std::cin.peek() == std::char_traits::eof()) { - break; - } - - read(std::cin, command); - - switch (command) { - case GET: - world_state_db.get(std::cin, std::cout); - break; - case GETPATH: - world_state_db.get_path(std::cin, std::cout); - break; - case PUT: - world_state_db.put(std::cin, std::cout); - break; - case BATCH_PUT: - world_state_db.batch_put(std::cin, std::cout); - break; - case COMMIT: - world_state_db.commit(std::cout); - break; - case ROLLBACK: - world_state_db.rollback(std::cout); - break; - } - } - - return 0; -} diff --git a/cpp/src/aztec/rollup/db_cli/put.hpp b/cpp/src/aztec/rollup/db_cli/put.hpp deleted file mode 100644 index b708f8d194..0000000000 --- a/cpp/src/aztec/rollup/db_cli/put.hpp +++ /dev/null @@ -1,32 +0,0 @@ -#pragma once -#include -#include -#include - -struct PutRequest { - uint8_t tree_id; - uint256_t index; - barretenberg::fr value; -}; - -struct PutResponse { - barretenberg::fr root; -}; - -void read(std::istream& s, PutRequest& r) -{ - read(s, r.tree_id); - read(s, r.index); - read(s, r.value); -} - -void write(std::ostream& s, PutResponse const& r) -{ - write(s, r.root); -} - -std::ostream& operator<<(std::ostream& os, PutRequest const& put_request) -{ - return os << "PUT (tree:" << (int)put_request.tree_id << " index:" << put_request.index - << " value:" << put_request.value << ")"; -} diff --git a/cpp/src/aztec/rollup/fixtures/compute_or_load_fixture.hpp b/cpp/src/aztec/rollup/fixtures/compute_or_load_fixture.hpp deleted file mode 100644 index c34deb4f31..0000000000 --- a/cpp/src/aztec/rollup/fixtures/compute_or_load_fixture.hpp +++ /dev/null @@ -1,47 +0,0 @@ -#pragma once -#include -#include -#include -#include -#include -#include -#include - -namespace rollup { -namespace fixtures { - -inline bool exists(std::string const& path) -{ - struct stat st; - return (stat(path.c_str(), &st) != -1); -} - -inline std::vector compute_or_load_fixture(std::string const& path, - std::string const& name, - std::function()> const& f) -{ - // Tests are being run from build directory. - auto filename = path + "/" + name; - if (exists(filename)) { - auto stream = std::ifstream(filename); - std::vector data; - read(stream, data); - info("Loaded fixture: ", filename); - return data; - } else { - info("Computing fixture: ", name, "..."); - auto data = f(); - if (data.size()) { - std::filesystem::create_directories(path.c_str()); - auto stream = std::ofstream(filename); - write(stream, data); - if (!stream.good()) { - throw_or_abort(format("Failed to write: ", filename)); - } - } - return data; - } -} - -} // namespace fixtures -} // namespace rollup diff --git a/cpp/src/aztec/rollup/fixtures/test_context.hpp b/cpp/src/aztec/rollup/fixtures/test_context.hpp deleted file mode 100644 index 9cd2e3681c..0000000000 --- a/cpp/src/aztec/rollup/fixtures/test_context.hpp +++ /dev/null @@ -1,204 +0,0 @@ -#pragma once -#include "user_context.hpp" -#include "../world_state/world_state.hpp" -#include "../proofs/notes/native/index.hpp" -#include "../proofs/join_split/index.hpp" -#include "../proofs/account/index.hpp" -#include "../proofs/claim/index.hpp" -#include - -namespace rollup { -namespace fixtures { - -using namespace plonk::stdlib::merkle_tree; -using namespace ::rollup::proofs; -using namespace ::rollup::proofs::notes; -using WorldState = world_state::WorldState; - -class TestContext { - public: - TestContext(join_split::circuit_data const& js_cd, - account::circuit_data const& account_cd, - claim::circuit_data const& claim_cd) - : rand_engine(&numeric::random::get_debug_engine(true)) - , user(fixtures::create_user_context(rand_engine)) - , js_tx_factory(world_state, user) - , account_tx_factory(world_state, user) - , claim_tx_factory(world_state, user) - , js_cd(js_cd) - , account_cd(account_cd) - , claim_cd(claim_cd) - , extra_key_pairs{ - fixtures::create_key_pair(rand_engine), fixtures::create_key_pair(rand_engine), - fixtures::create_key_pair(rand_engine), fixtures::create_key_pair(rand_engine), - fixtures::create_key_pair(rand_engine), - } - {} - - void append_value_notes(std::vector const& values, uint32_t asset_id = 0) - { - for (auto v : values) { - // Use the insertion index (data_tree.size()) as the input_nullifier. - // This ensures consistent commitments in tests which is important when leveraging fixtures. - native::value::value_note note = { - v, asset_id, 0, user.owner.public_key, user.note_secret, 0, world_state.data_tree.size() - }; - world_state.append_data_note(note); - } - } - - void append_account_notes() - { - native::account::account_note note1 = { - .alias_hash = user.alias_hash, - .owner_key = user.owner.public_key, - .signing_key = user.signing_keys[0].public_key, - }; - native::account::account_note note2 = { - .alias_hash = user.alias_hash, - .owner_key = user.owner.public_key, - .signing_key = user.signing_keys[1].public_key, - }; - world_state.append_data_note(note1); - world_state.append_data_note(note2); - } - - void nullify_account_alias_hash(fr const& account_alias_hash) - { - world_state.nullify(native::account::compute_account_alias_hash_nullifier(account_alias_hash)); - } - - void nullify_account_public_key(grumpkin::g1::affine_element const& account_public_key) - { - world_state.nullify(native::account::compute_account_public_key_nullifier(account_public_key)); - } - - std::vector create_join_split_proof(std::vector in_note_idx, - std::vector in_note_value, - std::array out_note_value, - uint256_t public_input = 0, - uint256_t public_output = 0, - uint32_t account_note_idx = 0, - uint32_t asset_id = 0, - bool account_required = false) - { - auto tx = js_tx_factory.create_join_split_tx(in_note_idx, - in_note_value, - out_note_value, - public_input, - public_output, - account_note_idx, - asset_id, - account_required); - auto signer = account_required ? user.signing_keys[0] : user.owner; - js_tx_factory.finalise_and_sign_tx(tx, signer); - return join_split::create_proof(tx, js_cd); - } - - std::vector create_defi_proof(std::vector in_note_indices, - std::vector in_note_values, - std::array out_note_values, - uint256_t bridge_call_data, - uint32_t asset_id = 0, - bool account_required = false, - uint32_t virtual_asset_id = 0) - { - - auto tx = js_tx_factory.create_defi_deposit_tx( - in_note_indices, in_note_values, out_note_values, bridge_call_data, asset_id, virtual_asset_id); - auto signer = account_required ? user.signing_keys[0] : user.owner; - js_tx_factory.finalise_and_sign_tx(tx, signer); - return join_split::create_proof(tx, js_cd); - } - - std::vector create_new_account_proof(uint32_t account_note_idx = 0) - { - auto tx = account_tx_factory.create_new_account_tx(account_note_idx); - return account::create_proof(tx, user.owner, account_cd); - } - - std::vector create_add_signing_keys_to_account_proof(uint32_t account_note_idx = 0) - { - grumpkin::g1::affine_element new_signing_keys[2] = { extra_key_pairs[0].public_key, - extra_key_pairs[1].public_key }; - auto tx = account_tx_factory.create_add_signing_keys_to_account_tx(new_signing_keys, account_note_idx); - return account::create_proof(tx, user.signing_keys[0], account_cd); - } - - std::vector create_migrate_account_proof(uint32_t account_note_idx = 0) - { - grumpkin::g1::affine_element new_owner_key = extra_key_pairs[0].public_key; - grumpkin::g1::affine_element new_signing_keys[2] = { extra_key_pairs[1].public_key, - extra_key_pairs[2].public_key }; - auto tx = account_tx_factory.create_migrate_account_tx(new_owner_key, new_signing_keys, account_note_idx); - return account::create_proof(tx, user.signing_keys[0], account_cd); - } - - auto create_claim_tx(uint256_t bridge_call_data, - uint256_t deposit_value, - uint32_t claim_note_index, - uint32_t defi_note_index, - uint256_t fee) - { - auto& defi_note = defi_interactions[defi_note_index]; - auto partial_state = - notes::native::value::create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0); - notes::native::claim::claim_note claim_note = { - deposit_value, bridge_call_data, defi_note.interaction_nonce, - fee, partial_state, world_state.input_nullifiers[claim_note_index] - }; - return claim_tx_factory.create_claim_tx( - world_state.defi_tree.root(), claim_note_index, defi_note_index, claim_note, defi_note); - } - - std::vector create_claim_proof(uint256_t bridge_call_data, - uint256_t deposit_value, - uint32_t claim_note_index, - uint32_t defi_note_index, - uint256_t fee) - { - auto tx = create_claim_tx(bridge_call_data, deposit_value, claim_note_index, defi_note_index, fee); - return claim::create_proof(tx, claim_cd); - } - - /** - * Updates the next slot in the root tree with the latest data root. - * Inserts the given defi interaction notes from the previous rollup into the defi tree. - * @param dins_ - defi interaction NOTES (not 'nonce') - */ - uint32_t start_next_root_rollup(std::vector const& dins_ = {}) - { - uint32_t rollup_id = static_cast(world_state.root_tree.size()); - // defi notes go into this rollup, but the nonces were 'generated' in the previous rollup - uint32_t initial_din_insertion_index = rollup_id * NUM_INTERACTION_RESULTS_PER_BLOCK; - uint32_t initial_interaction_nonce = (rollup_id - 1) * NUM_INTERACTION_RESULTS_PER_BLOCK; - world_state.update_root_tree_with_data_root(); - - auto dins = dins_; - defi_interactions.resize(initial_din_insertion_index + dins.size()); - for (size_t i = 0; i < dins.size(); ++i) { - auto din_insertion_index = initial_din_insertion_index + i; - auto interaction_nonce = initial_interaction_nonce + i; - dins[i].interaction_nonce = static_cast(interaction_nonce); - defi_interactions[din_insertion_index] = dins[i]; - } - - world_state.add_defi_notes(dins, initial_din_insertion_index); - return initial_din_insertion_index; - } - - numeric::random::Engine* rand_engine; - WorldState world_state; - fixtures::user_context user; - join_split::JoinSplitTxFactory js_tx_factory; - account::AccountTxFactory account_tx_factory; - claim::ClaimTxFactory claim_tx_factory; - join_split::circuit_data const& js_cd; - account::circuit_data const& account_cd; - claim::circuit_data const& claim_cd; - std::vector defi_interactions; - std::array extra_key_pairs; -}; - -} // namespace fixtures -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/keygen/CMakeLists.txt b/cpp/src/aztec/rollup/keygen/CMakeLists.txt deleted file mode 100644 index 07a3a24b1a..0000000000 --- a/cpp/src/aztec/rollup/keygen/CMakeLists.txt +++ /dev/null @@ -1,11 +0,0 @@ -add_executable( - keygen - main.cpp -) - -target_link_libraries( - keygen - PRIVATE - rollup_proofs_root_verifier - env -) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/keygen/main.cpp b/cpp/src/aztec/rollup/keygen/main.cpp deleted file mode 100644 index 779a23cb02..0000000000 --- a/cpp/src/aztec/rollup/keygen/main.cpp +++ /dev/null @@ -1,84 +0,0 @@ -#include "../proofs/rollup/compute_circuit_data.hpp" -#include "../proofs/root_rollup/compute_circuit_data.hpp" -#include "../proofs/root_verifier/compute_circuit_data.hpp" -#include "../proofs/rollup/rollup_tx.hpp" -#include "../proofs/claim/index.hpp" -#include -#include -#include -#include -#include - -using namespace ::rollup::proofs; -namespace tx_rollup = ::rollup::proofs::rollup; - -int main(int argc, char** argv) -{ - std::vector args(argv, argv + argc); - if (args.size() < 4) { - info( - "usage: ", args[0], " [srs path]"); - return 1; - } - size_t num_inner_tx = (size_t)atoi(args[1].c_str()); - std::string outer_sizes_raw = args[2]; - // parse list of valid outer sizes - std::vector valid_outer_sizes; - std::istringstream is(outer_sizes_raw); - std::string outer_size; - while (std::getline(is, outer_size, ',')) { - valid_outer_sizes.emplace_back(std::stoul(outer_size)); - }; - - const std::string output_path = args[3]; - const bool mock_proof = (args.size() > 4) ? args[4] == "true" : false; - const std::string srs_path = (args.size() > 5) ? args[5] : "../srs_db/ignition"; - - auto srs = std::make_shared(srs_path); - - if (!mock_proof) { - auto account_cd = account::get_circuit_data(srs); - auto join_split_cd = join_split::get_circuit_data(srs); - auto claim_cd = claim::get_circuit_data(srs); - auto rollup_cd = tx_rollup::get_circuit_data( - num_inner_tx, join_split_cd, account_cd, claim_cd, srs, "", true, false, false, true, true); - - // Release memory held by proving key, we don't need it. - rollup_cd.proving_key.reset(); - - std::vector> valid_root_rollup_vks; - root_rollup::circuit_data root_rollup_cd; - root_verifier::circuit_data root_verifier_cd; - for (auto i : valid_outer_sizes) { - root_rollup_cd.proving_key.reset(); - root_rollup_cd = root_rollup::get_circuit_data(i, rollup_cd, srs, "", true, false, false, true, true); - valid_root_rollup_vks.emplace_back(root_rollup_cd.verification_key); - } - - root_verifier_cd = root_verifier::get_circuit_data( - root_rollup_cd, srs, valid_root_rollup_vks, "", true, false, false, true, true); - std::replace(outer_size.begin(), outer_size.end(), ',', '_'); - auto class_name = format(mock_proof ? "Mock" : "", "VerificationKey", num_inner_tx, "x", outer_size); - auto filename = output_path + "/" + class_name + ".sol"; - std::ofstream os(filename); - output_vk_sol(os, root_verifier_cd.verification_key, class_name); - - info("VK contract written to: ", filename); - } else { - // Taking a big shortcut here. Rather than computing all the layers of circuits just to get the number of - // public inputs, we know the root verifier has 17. This is obviously a bit more brittle but is worth - // the speed up. - std::vector public_inputs(17, fr(1)); - waffle::StandardComposer composer(srs); - mock::mock_circuit(composer, public_inputs); - auto vk = composer.compute_verification_key(); - auto class_name = "MockVerificationKey"; - auto filename = output_path + "/" + class_name + ".sol"; - std::ofstream os(filename); - output_vk_sol(os, vk, class_name); - - info("VK contract written to: ", filename); - } - - return 0; -} \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/CMakeLists.txt index 1d6bf27430..efd647023b 100644 --- a/cpp/src/aztec/rollup/proofs/CMakeLists.txt +++ b/cpp/src/aztec/rollup/proofs/CMakeLists.txt @@ -1,12 +1,7 @@ -add_subdirectory(account) -add_subdirectory(claim) add_subdirectory(inner_proof_data) add_subdirectory(join_split) add_subdirectory(notes) if(NOT (WASM OR FUZZING)) - add_subdirectory(rollup) - add_subdirectory(root_rollup) - add_subdirectory(root_verifier) add_subdirectory(standard_example) endif() \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/account/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/account/CMakeLists.txt deleted file mode 100644 index ae0c441f41..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/CMakeLists.txt +++ /dev/null @@ -1,11 +0,0 @@ -barretenberg_module( - rollup_proofs_account - rollup_proofs_inner_proof_data - rollup_proofs_notes - crypto_schnorr - stdlib_blake2s - stdlib_sha256 - stdlib_pedersen - stdlib_schnorr - stdlib_primitives - stdlib_merkle_tree) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/account/account.cpp b/cpp/src/aztec/rollup/proofs/account/account.cpp deleted file mode 100644 index 1270e85556..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/account.cpp +++ /dev/null @@ -1,282 +0,0 @@ -#include "account.hpp" -#include "../notes/circuit/account/account_note.hpp" -#include "../mock/mock_circuit.hpp" -#include "../notes/constants.hpp" -#include "../add_zero_public_inputs.hpp" -#include -#include -#include -#include -#include -#include - -// #pragma GCC diagnostic ignored "-Wunused-variable" -// #pragma GCC diagnostic ignored "-Wunused-parameter" - -namespace rollup { -namespace proofs { -namespace account { - -using namespace plonk; -using namespace plonk::stdlib::types::turbo; -using namespace notes::circuit::account; - -static std::shared_ptr proving_key; -static std::shared_ptr verification_key; -static size_t number_of_gates; - -field_ct compute_account_alias_hash_nullifier(suint_ct const& account_alias_hash) -{ - return pedersen::compress(std::vector{ account_alias_hash.value }, - notes::GeneratorIndex::ACCOUNT_ALIAS_HASH_NULLIFIER); -} - -field_ct compute_account_public_key_nullifier(point_ct const& account_public_key) -{ - return pedersen::compress(std::vector{ account_public_key.x }, - notes::GeneratorIndex::ACCOUNT_PUBLIC_KEY_NULLIFIER); -} -void account_circuit(Composer& composer, account_tx const& tx) -{ - // @dev This has to be a witness because we want to set it as a public input (see set_public() later). However, we - // don't want provers to have freedom to change this value. - const auto proof_id = field_ct(witness_ct(&composer, ProofIds::ACCOUNT)); - proof_id.assert_equal(field_ct(ProofIds::ACCOUNT)); - - // 3 modes - // 1: create (create from scratch) - // 2: update (add a spending_public_key to an existing account) - // 3: migrate (change account_public_key linked to an alias_hash) - - // 1: create: create == 1 && migrate == 0 - // 2: update = create == 0 && migrate == 0 - // 3: migrate = create == 0 && migrate == 1 - - // Extract witnesses - const auto data_tree_root = field_ct(witness_ct(&composer, tx.merkle_root)); - const auto account_public_key = stdlib::create_point_witness(composer, tx.account_public_key); - const auto new_account_public_key = stdlib::create_point_witness(composer, tx.new_account_public_key); - const auto spending_public_key_1 = stdlib::create_point_witness(composer, tx.new_signing_pub_key_1, false); - const auto spending_public_key_2 = stdlib::create_point_witness(composer, tx.new_signing_pub_key_2, false); - const auto alias_hash = suint_ct(witness_ct(&composer, tx.alias_hash), ALIAS_HASH_BIT_LENGTH, "alias_hash"); - const auto migrate = bool_ct(witness_ct(&composer, tx.migrate)); - const auto create = bool_ct(witness_ct(&composer, tx.create)); - - const auto account_note_index = - suint_ct(witness_ct(&composer, tx.account_note_index), DATA_TREE_DEPTH, "account_note_index"); - const auto account_note_path = merkle_tree::create_witness_hash_path(composer, tx.account_note_path); - const auto signing_pub_key = stdlib::create_point_witness(composer, tx.signing_pub_key); - const auto signature = stdlib::schnorr::convert_signature(&composer, tx.signature); - - // Calculations begin: - const auto output_account_alias_hash = alias_hash; - - const auto output_note_1 = - account_note(output_account_alias_hash.value, new_account_public_key, spending_public_key_1); - const auto output_note_2 = - account_note(output_account_alias_hash.value, new_account_public_key, spending_public_key_2); - - // @dev unlimited zero-valued nullifiers are permitted by the rollup circuit (e.g. if create == 0). - const auto nullifier_1 = compute_account_alias_hash_nullifier(alias_hash) * create; - - // If create or migrate, nullifier_2 = nullifier of the account_public_key being registered. - field_ct nullifier_2 = field_ct::conditional_assign( - (create || migrate), compute_account_public_key_nullifier(new_account_public_key), 0); - - // If creating an account from scratch, sign against the account private key, else sign with the spending key of the - // input note - const point_ct signer = point_ct::conditional_assign(create, account_public_key, signing_pub_key); - - // Validate that account public key != account spending key for output notes - new_account_public_key.assert_not_equal(spending_public_key_1, "account note 1: public key matches spending key"); - new_account_public_key.assert_not_equal(spending_public_key_2, "account note 2: public key matches spending key"); - - // Validate that both create and migrate are not set! - (field_ct(create) * field_ct(migrate)).assert_is_zero("cannot both create and migrate an account"); - - // Check signature. - { - bool composerAlreadyFailed = composer.failed; - std::vector to_compress = { alias_hash.value, - account_public_key.x, - new_account_public_key.x, - spending_public_key_1.x, - spending_public_key_2.x, - nullifier_1, - nullifier_2 }; - const byte_array_ct message = pedersen::compress(to_compress); - const bool_ct verified = stdlib::schnorr::verify_signature(message, signer, signature); - verified.assert_equal(true, "verify signature failed"); - if (composer.failed && !composerAlreadyFailed) { - // only assign this error if an error hasn't already been assigned. - composer.err = "verify signature failed"; - } - } - - // Check signing account note exists if create != 0. - { - const auto account_note_data = account_note(alias_hash.value, account_public_key, signer); - const auto account_note_exists = - merkle_tree::check_membership(data_tree_root, - account_note_path, - account_note_data.commitment, - account_note_index.value.decompose_into_bits(DATA_TREE_DEPTH)); - (!create).must_imply(account_note_exists, "account check_membership failed"); - } - - // Check account public key does not change unless migrating. - { - const auto account_key_change = - account_public_key.x != new_account_public_key.x || account_public_key.y != new_account_public_key.y; - account_key_change.must_imply(migrate, "cannot change account keys unless migrating"); - } - - const field_ct public_value = witness_ct(&composer, 0); - const field_ct public_owner = witness_ct(&composer, 0); - const field_ct asset_id = witness_ct(&composer, 0); - const field_ct tx_fee = witness_ct(&composer, 0); - const field_ct tx_fee_asset_id = witness_ct(&composer, 0); - const field_ct bridge_call_data = witness_ct(&composer, 0); - const field_ct defi_deposit_value = witness_ct(&composer, 0); - const field_ct defi_root = witness_ct(&composer, 0); - const field_ct backward_link = witness_ct(&composer, 0); - const field_ct allow_chain = witness_ct(&composer, 0); - public_value.assert_is_zero(); - public_owner.assert_is_zero(); - asset_id.assert_is_zero(); - tx_fee.assert_is_zero(); - tx_fee_asset_id.assert_is_zero(); - bridge_call_data.assert_is_zero(); - defi_deposit_value.assert_is_zero(); - defi_root.assert_is_zero(); - backward_link.assert_is_zero(); - allow_chain.assert_is_zero(); - - // Expose public inputs: - proof_id.set_public(); - output_note_1.commitment.set_public(); - output_note_2.commitment.set_public(); - nullifier_1.set_public(); - nullifier_2.set_public(); - - // Also expose zero-valued public inputs: - public_value.set_public(); - public_owner.set_public(); - asset_id.set_public(); - data_tree_root.set_public(); - tx_fee.set_public(); - tx_fee_asset_id.set_public(); - bridge_call_data.set_public(); - defi_deposit_value.set_public(); - defi_root.set_public(); - backward_link.set_public(); - allow_chain.set_public(); -} - -void init_proving_key(std::shared_ptr const& crs_factory, bool mock) -{ - if (proving_key) { - return; - } - - // Junk data required just to create proving key. - account_tx tx; - tx.account_public_key = grumpkin::g1::affine_one; - tx.new_account_public_key = grumpkin::g1::affine_one; - tx.new_signing_pub_key_1 = grumpkin::g1::affine_one; - tx.new_signing_pub_key_2 = grumpkin::g1::affine_one; - tx.signing_pub_key = grumpkin::g1::affine_one; - tx.account_note_path.resize(32); - - Composer composer(crs_factory); - account_circuit(composer, tx); - if (!mock) { - proving_key = composer.compute_proving_key(); - } else { - Composer mock_proof_composer(crs_factory); - rollup::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); - proving_key = mock_proof_composer.compute_proving_key(); - } -} - -void init_proving_key(std::shared_ptr const& crs, waffle::proving_key_data&& pk_data) -{ - release_key(); - proving_key = std::make_shared(std::move(pk_data), crs); -} - -void release_key() -{ - proving_key.reset(); -} - -void init_verification_key(std::shared_ptr const& crs_factory) -{ - if (!proving_key) { - throw_or_abort("Compute proving key first."); - } else { - // Patch the 'nothing' reference string fed to init_proving_key. - proving_key->reference_string = crs_factory->get_prover_crs(proving_key->n + 1); - } - verification_key = waffle::turbo_composer::compute_verification_key(proving_key, crs_factory->get_verifier_crs()); -} - -void init_verification_key(std::shared_ptr const& crs, - waffle::verification_key_data&& vk_data) -{ - verification_key = std::make_shared(std::move(vk_data), crs); -} - -UnrolledProver new_account_prover(account_tx const& tx, bool mock) -{ - Composer composer(proving_key, nullptr); - account_circuit(composer, tx); - - if (composer.failed) { - std::string error = format("composer logic failed: ", composer.err); - throw_or_abort(error); - } - number_of_gates = composer.get_num_gates(); - - info("composer gates: ", composer.get_num_gates()); - info("public inputs: ", composer.public_inputs.size()); - - if (!mock) { - return composer.create_unrolled_prover(); - } else { - Composer mock_proof_composer(proving_key, nullptr); - rollup::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); - return mock_proof_composer.create_unrolled_prover(); - } -} - -bool verify_proof(waffle::plonk_proof const& proof) -{ - UnrolledVerifier verifier(verification_key, - Composer::create_unrolled_manifest(verification_key->num_public_inputs)); - - std::unique_ptr> kate_commitment_scheme = - std::make_unique>(); - verifier.commitment_scheme = std::move(kate_commitment_scheme); - - return verifier.verify_proof(proof); -} - -std::shared_ptr get_proving_key() -{ - return proving_key; -} - -std::shared_ptr get_verification_key() -{ - return verification_key; -} - -size_t get_number_of_gates() -{ - return number_of_gates; -} - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/account.test.cpp b/cpp/src/aztec/rollup/proofs/account/account.test.cpp deleted file mode 100644 index 12fca78d8f..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/account.test.cpp +++ /dev/null @@ -1,453 +0,0 @@ -#include "account.hpp" - -#include "../../constants.hpp" -#include "../../fixtures/user_context.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../notes/constants.hpp" -#include "../notes/native/index.hpp" - -#include -#include -#include -#include -#include - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; -using namespace plonk::stdlib::merkle_tree; -using namespace rollup; -using namespace rollup::proofs; -using namespace rollup::proofs::account; -using namespace rollup::proofs::notes::native::account; - -class account_tests : public ::testing::Test { - protected: - static void SetUpTestCase() - { - auto crs_factory = std::shared_ptr( - new waffle::FileReferenceStringFactory("../srs_db/ignition")); - init_proving_key(crs_factory, false); - init_verification_key(crs_factory); - } - - virtual void SetUp() - { - store = std::make_unique(); - tree = std::make_unique>(*store, 32); - alice = rollup::fixtures::create_user_context(); - bob = rollup::fixtures::create_user_context(); - } - - /** - * Add two account notes for the user. - */ - void preload_account_notes() - { - tree->update_element( - tree->size(), - create_account_leaf_data(alice.alias_hash, alice.owner.public_key, alice.signing_keys[0].public_key)); - tree->update_element( - tree->size(), - create_account_leaf_data(alice.alias_hash, alice.owner.public_key, alice.signing_keys[1].public_key)); - } - - fr create_account_leaf_data(fr const& account_alias_hash, - grumpkin::g1::affine_element const& owner_key, - grumpkin::g1::affine_element const& signing_key) - { - return account_note{ account_alias_hash, owner_key, signing_key }.commit(); - } - - uint256_t compute_account_alias_hash_nullifier(fr const& account_alias_hash) - { - const std::vector hash_elements{ account_alias_hash }; - auto result = - crypto::pedersen::compress_native(hash_elements, notes::GeneratorIndex::ACCOUNT_ALIAS_HASH_NULLIFIER); - return uint256_t(result); - } - - uint256_t compute_account_public_key_nullifier(grumpkin::g1::affine_element const& account_public_key) - { - return crypto::pedersen::compress_native({ account_public_key.x }, - notes::GeneratorIndex::ACCOUNT_PUBLIC_KEY_NULLIFIER); - } - - account_tx create_new_account_tx(const rollup::fixtures::user_context& user) - { - account_tx tx; - tx.merkle_root = tree->root(); - tx.account_public_key = user.owner.public_key; - tx.new_account_public_key = user.owner.public_key; - tx.new_signing_pub_key_1 = user.signing_keys[0].public_key; - tx.new_signing_pub_key_2 = user.signing_keys[1].public_key; - tx.alias_hash = user.alias_hash; - tx.create = true; - tx.migrate = false; - tx.account_note_index = 0; - tx.signing_pub_key = user.owner.public_key; - tx.account_note_path = tree->get_hash_path(0); - tx.sign(user.owner); - return tx; - } - - account_tx create_migrate_account_tx(const rollup::fixtures::user_context& user, - const rollup::fixtures::grumpkin_key_pair& new_account_key, - const rollup::fixtures::grumpkin_key_pair new_signing_keys[2]) - { - account_tx tx; - tx.merkle_root = tree->root(); - tx.account_public_key = user.owner.public_key; - tx.new_account_public_key = new_account_key.public_key; - tx.new_signing_pub_key_1 = new_signing_keys[0].public_key; - tx.new_signing_pub_key_2 = new_signing_keys[1].public_key; - tx.alias_hash = user.alias_hash; - tx.create = false; - tx.migrate = true; - tx.account_note_index = 0; - tx.signing_pub_key = user.signing_keys[0].public_key; - tx.account_note_path = tree->get_hash_path(0); - tx.sign(user.signing_keys[0]); - return tx; - } - - account_tx create_add_signing_keys_account_tx(const rollup::fixtures::user_context& user, - const rollup::fixtures::grumpkin_key_pair new_signing_keys[2]) - { - account_tx tx; - tx.merkle_root = tree->root(); - tx.account_public_key = user.owner.public_key; - tx.new_account_public_key = user.owner.public_key; - tx.new_signing_pub_key_1 = new_signing_keys[0].public_key; - tx.new_signing_pub_key_2 = new_signing_keys[1].public_key; - tx.alias_hash = user.alias_hash; - tx.create = false; - tx.migrate = false; - tx.account_note_index = 0; - tx.signing_pub_key = user.signing_keys[0].public_key; - tx.account_note_path = tree->get_hash_path(0); - tx.sign(user.signing_keys[0]); - return tx; - } - - bool verify(account_tx& tx) - { - auto prover = new_account_prover(tx, false); - auto proof = prover.construct_proof(); - return verify_proof(proof); - } - - struct verify_logic_result { - bool valid; - std::string err; - }; - - verify_logic_result verify_logic(account_tx& tx) - { - Composer composer(get_proving_key(), nullptr); - account_circuit(composer, tx); - if (composer.failed) { - info("Circuit logic failed: " + composer.err); - } - return { !composer.failed, composer.err }; - } - - rollup::fixtures::user_context alice; - rollup::fixtures::user_context bob; - std::unique_ptr store; - std::unique_ptr> tree; -}; - -TEST_F(account_tests, test_create_account) -{ - auto tx = create_new_account_tx(alice); - EXPECT_TRUE(verify_logic(tx).valid); -} - -TEST_F(account_tests, test_migrate_account) -{ - preload_account_notes(); - auto tx = create_migrate_account_tx(alice, bob.owner, bob.signing_keys); - - EXPECT_TRUE(verify_logic(tx).valid); -} - -// Initial migration - -TEST_F(account_tests, test_account_with_create_and_migrate_fails) -{ - auto tx = create_migrate_account_tx(alice, bob.owner, bob.signing_keys); - tx.create = true; - - auto result = verify_logic(tx); - EXPECT_FALSE(result.valid); - EXPECT_EQ(result.err, "cannot both create and migrate an account"); -} - -// Signature - -TEST_F(account_tests, test_wrong_account_key_pair_fails) -{ - auto tx = create_new_account_tx(bob); - auto keys = rollup::fixtures::create_key_pair(nullptr); - tx.sign(keys); // sign the tx with the wrong signing private key - - EXPECT_FALSE(tx.account_public_key == keys.public_key); - auto result = verify_logic(tx); - EXPECT_FALSE(result.valid); - EXPECT_EQ(result.err, "verify signature failed"); -} - -TEST_F(account_tests, test_migrate_account_with_account_key_fails) -{ - preload_account_notes(); - auto tx = create_migrate_account_tx(alice, bob.owner, bob.signing_keys); - - // Set the signing key to equal the owner public key and sign with the public key. - // The signature will be correct, but the circuit will look for an account note - // with the "wrong" owner public key - tx.signing_pub_key = alice.owner.public_key; - tx.sign(alice.owner); - - auto result = verify_logic(tx); - EXPECT_FALSE(result.valid); - EXPECT_EQ(result.err, "account check_membership failed"); -} - -// Account membership - -TEST_F(account_tests, test_alternative_signing_key_1) -{ - preload_account_notes(); - auto tx = create_add_signing_keys_account_tx(alice, bob.signing_keys); - - EXPECT_TRUE(verify_logic(tx).valid); -} - -TEST_F(account_tests, test_alternative_signing_key_2) -{ - preload_account_notes(); - auto tx = create_add_signing_keys_account_tx(alice, bob.signing_keys); - tx.account_note_index = 1; - tx.account_note_path = tree->get_hash_path(1); - tx.sign(alice.signing_keys[1]); - - EXPECT_TRUE(verify_logic(tx).valid); -} - -TEST_F(account_tests, test_wrong_alias_hash_fails) -{ - preload_account_notes(); - auto tx = create_add_signing_keys_account_tx(alice, bob.signing_keys); - // The circuit will calculate an 'old' account note with the wrong alias, so the membership check should fail. - tx.alias_hash = rollup::fixtures::generate_alias_hash("penguin"); // it's actually "pebble" - tx.sign(alice.signing_keys[0]); - - auto result = verify_logic(tx); - EXPECT_FALSE(result.valid); - EXPECT_EQ(result.err, "account check_membership failed"); -} - -TEST_F(account_tests, test_account_key_equals_spending_key_1_fails) -{ - auto tx = create_new_account_tx(alice); - tx.new_signing_pub_key_1 = alice.owner.public_key; - tx.sign(alice.owner); - - auto result = verify_logic(tx); - EXPECT_FALSE(result.valid); - EXPECT_EQ(result.err, "account note 1: public key matches spending key"); -} - -TEST_F(account_tests, test_account_key_equals_spending_key_2_fails) -{ - auto tx = create_new_account_tx(alice); - tx.new_signing_pub_key_2 = alice.owner.public_key; - tx.sign(alice.owner); - - auto result = verify_logic(tx); - EXPECT_FALSE(result.valid); - EXPECT_EQ(result.err, "account note 2: public key matches spending key"); -} - -// Account public key - -TEST_F(account_tests, test_migrate_to_new_account_public_key) -{ - preload_account_notes(); - auto new_keys = rollup::fixtures::create_key_pair(nullptr); - auto tx = create_migrate_account_tx(alice, new_keys, alice.signing_keys); - - EXPECT_TRUE(verify_logic(tx).valid); -} - -TEST_F(account_tests, test_change_account_public_key_without_migrating_fails) -{ - preload_account_notes(); - auto tx = create_migrate_account_tx(alice, bob.owner, bob.signing_keys); - tx.migrate = false; - // regen signature as `nullifier_1 = 0` if migrate == false - tx.sign(alice.signing_keys[0]); - - auto result = verify_logic(tx); - EXPECT_FALSE(result.valid); - EXPECT_EQ(result.err, "cannot change account keys unless migrating"); -} - -TEST_F(account_tests, test_create_account_when_account_exists_creates_nullifier_collision) -{ - preload_account_notes(); - auto tx = create_new_account_tx(alice); - auto prover = new_account_prover(tx, false); - auto proof = prover.construct_proof(); - auto data = inner_proof_data(proof.proof_data); - - EXPECT_TRUE(verify_logic(tx).valid); - EXPECT_TRUE(verify_proof(proof)); - - auto note1_commitment = account_note{ tx.alias_hash, tx.account_public_key, tx.new_signing_pub_key_1 }.commit(); - auto note2_commitment = account_note{ tx.alias_hash, tx.account_public_key, tx.new_signing_pub_key_2 }.commit(); - - EXPECT_EQ(data.proof_id, ProofIds::ACCOUNT); - EXPECT_EQ(data.note_commitment1, note1_commitment); - EXPECT_EQ(data.note_commitment2, note2_commitment); - EXPECT_EQ(data.nullifier2, compute_account_public_key_nullifier(alice.owner.public_key)); // public key of new acct - EXPECT_EQ(data.public_value, 0); - EXPECT_EQ(data.public_owner, fr(0)); - EXPECT_EQ(data.asset_id, uint256_t(0)); - EXPECT_EQ(data.merkle_root, tx.merkle_root); - EXPECT_EQ(data.tx_fee, uint256_t(0)); - EXPECT_EQ(data.tx_fee_asset_id, uint256_t(0)); - EXPECT_EQ(data.bridge_call_data, uint256_t(0)); - EXPECT_EQ(data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(data.defi_root, fr(0)); - EXPECT_EQ(data.backward_link, fr(0)); - EXPECT_EQ(data.allow_chain, uint256_t(0)); - - // Validate output nullifier = nullifier of alice's alias_hash - EXPECT_EQ(data.nullifier1, compute_account_alias_hash_nullifier(alice.alias_hash)); -} - -TEST_F(account_tests, test_create_account_full_proof_and_detect_circuit_change) -{ - auto tx = create_new_account_tx(alice); - auto prover = new_account_prover(tx, false); - auto proof = prover.construct_proof(); - auto data = inner_proof_data(proof.proof_data); - - auto note1_commitment = account_note{ tx.alias_hash, tx.account_public_key, tx.new_signing_pub_key_1 }.commit(); - auto note2_commitment = account_note{ tx.alias_hash, tx.account_public_key, tx.new_signing_pub_key_2 }.commit(); - - EXPECT_EQ(data.proof_id, ProofIds::ACCOUNT); - EXPECT_EQ(data.note_commitment1, note1_commitment); - EXPECT_EQ(data.note_commitment2, note2_commitment); - EXPECT_EQ(data.nullifier1, compute_account_alias_hash_nullifier(tx.alias_hash)); - EXPECT_EQ(data.nullifier2, compute_account_public_key_nullifier(alice.owner.public_key)); // public key of new acct - EXPECT_EQ(data.public_value, 0); - EXPECT_EQ(data.public_owner, fr(0)); - EXPECT_EQ(data.asset_id, uint256_t(0)); - EXPECT_EQ(data.merkle_root, tx.merkle_root); - EXPECT_EQ(data.tx_fee, uint256_t(0)); - EXPECT_EQ(data.tx_fee_asset_id, uint256_t(0)); - EXPECT_EQ(data.bridge_call_data, uint256_t(0)); - EXPECT_EQ(data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(data.defi_root, fr(0)); - EXPECT_EQ(data.backward_link, fr(0)); - EXPECT_EQ(data.allow_chain, uint256_t(0)); - - EXPECT_TRUE(verify_proof(proof)); - // The below part detects change in the account circuit - size_t number_of_gates_acc = get_number_of_gates(); - auto vk_hash_acc = get_verification_key()->sha256_hash(); - // If the below assertions fail, consider changing the variable is_circuit_change_expected to 1 in - // rollup/constants.hpp and see if atleast the next power of two limit is not exceeded. Please change the constant - // values accordingly and set is_circuit_change_expected to 0 in rollup/constants.hpp before merging. - if (!(circuit_gate_count::is_circuit_change_expected)) { - EXPECT_EQ(number_of_gates_acc, circuit_gate_count::ACCOUNT) - << "The gate count for the account circuit is changed."; - EXPECT_EQ(from_buffer(vk_hash_acc), circuit_vk_hash::ACCOUNT) - << "The verification key hash for the account circuit is changed: " << from_buffer(vk_hash_acc); - // For the next power of two limit, we need to consider that we reserve four gates for adding - // randomness/zero-knowledge - EXPECT_LE(number_of_gates_acc, - circuit_gate_next_power_of_two::ACCOUNT - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the account circuit."; - } else { - EXPECT_LE(number_of_gates_acc, - circuit_gate_next_power_of_two::ACCOUNT - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the account circuit."; - } -} - -TEST_F(account_tests, test_migrate_account_full_proof) -{ - preload_account_notes(); - const auto& new_account_key = bob.owner; - const auto& new_signing_keys = bob.signing_keys; - auto tx = create_migrate_account_tx(alice, new_account_key, new_signing_keys); - auto prover = new_account_prover(tx, false); - auto proof = prover.construct_proof(); - auto data = inner_proof_data(proof.proof_data); - - auto note1_commitment = account_note{ .alias_hash = tx.alias_hash, - .owner_key = new_account_key.public_key, - .signing_key = new_signing_keys[0].public_key } - .commit(); - - auto note2_commitment = account_note{ .alias_hash = tx.alias_hash, - .owner_key = new_account_key.public_key, - .signing_key = new_signing_keys[1].public_key } - .commit(); - - EXPECT_EQ(data.proof_id, ProofIds::ACCOUNT); - EXPECT_EQ(data.note_commitment1, note1_commitment); - EXPECT_EQ(data.note_commitment2, note2_commitment); - EXPECT_EQ(data.nullifier1, 0); - // nullifier2 = public key of new account - EXPECT_EQ(data.nullifier2, compute_account_public_key_nullifier(new_account_key.public_key)); - EXPECT_EQ(data.public_value, 0); - EXPECT_EQ(data.public_owner, fr(0)); - EXPECT_EQ(data.asset_id, uint256_t(0)); - EXPECT_EQ(data.merkle_root, tx.merkle_root); - EXPECT_EQ(data.tx_fee, uint256_t(0)); - EXPECT_EQ(data.tx_fee_asset_id, uint256_t(0)); - EXPECT_EQ(data.bridge_call_data, uint256_t(0)); - EXPECT_EQ(data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(data.defi_root, fr(0)); - EXPECT_EQ(data.backward_link, fr(0)); - EXPECT_EQ(data.allow_chain, uint256_t(0)); - - EXPECT_TRUE(verify_proof(proof)); -} - -TEST_F(account_tests, test_add_signing_keys_to_account_full_proof) -{ - preload_account_notes(); - const auto& new_signing_keys = bob.signing_keys; - auto tx = create_add_signing_keys_account_tx(alice, new_signing_keys); - - auto prover = new_account_prover(tx, false); - auto proof = prover.construct_proof(); - auto data = inner_proof_data(proof.proof_data); - - auto note1_commitment = account_note{ tx.alias_hash, tx.account_public_key, tx.new_signing_pub_key_1 }.commit(); - auto note2_commitment = account_note{ tx.alias_hash, tx.account_public_key, tx.new_signing_pub_key_2 }.commit(); - - EXPECT_EQ(data.proof_id, ProofIds::ACCOUNT); - EXPECT_EQ(data.note_commitment1, note1_commitment); - EXPECT_EQ(data.note_commitment2, note2_commitment); - EXPECT_EQ(data.nullifier1, uint256_t(0)); - EXPECT_EQ(data.nullifier2, uint256_t(0)); - EXPECT_EQ(data.public_value, uint256_t(0)); - EXPECT_EQ(data.public_owner, fr(0)); - EXPECT_EQ(data.asset_id, uint256_t(0)); - EXPECT_EQ(data.merkle_root, tx.merkle_root); - EXPECT_EQ(data.tx_fee, uint256_t(0)); - EXPECT_EQ(data.tx_fee_asset_id, uint256_t(0)); - EXPECT_EQ(data.bridge_call_data, uint256_t(0)); - EXPECT_EQ(data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(data.defi_root, fr(0)); - EXPECT_EQ(data.backward_link, fr(0)); - EXPECT_EQ(data.allow_chain, uint256_t(0)); - - EXPECT_TRUE(verify_proof(proof)); -} diff --git a/cpp/src/aztec/rollup/proofs/account/account_tx.cpp b/cpp/src/aztec/rollup/proofs/account/account_tx.cpp deleted file mode 100644 index 99a44ed448..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/account_tx.cpp +++ /dev/null @@ -1,47 +0,0 @@ -#include "account_tx.hpp" -#include -#include "../notes/constants.hpp" - -namespace rollup { -namespace proofs { -namespace account { - -using namespace barretenberg; -using namespace crypto::schnorr; -using namespace crypto::pedersen; - -fr account_tx::compute_account_alias_hash_nullifier() const -{ - if (create) { - return compress_native({ alias_hash }, rollup::proofs::notes::GeneratorIndex::ACCOUNT_ALIAS_HASH_NULLIFIER); - } - return 0; -} - -fr account_tx::compute_account_public_key_nullifier() const -{ - if (create || migrate) { - return compress_native({ new_account_public_key.x }, - rollup::proofs::notes::GeneratorIndex::ACCOUNT_PUBLIC_KEY_NULLIFIER); - } - return 0; -} - -void account_tx::sign(key_pair const& keys) -{ - auto nullifier_1 = compute_account_alias_hash_nullifier(); - auto nullifier_2 = compute_account_public_key_nullifier(); - std::vector to_compress = { - alias_hash, account_public_key.x, new_account_public_key.x, new_signing_pub_key_1.x, new_signing_pub_key_2.x, - nullifier_1, nullifier_2 - }; - fr compressed = compress_native(to_compress); - auto message = to_buffer(compressed); - signing_pub_key = keys.public_key; - signature = crypto::schnorr::construct_signature( - std::string(message.begin(), message.end()), keys); -} - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/account_tx.test.cpp b/cpp/src/aztec/rollup/proofs/account/account_tx.test.cpp deleted file mode 100644 index e2e0909342..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/account_tx.test.cpp +++ /dev/null @@ -1,39 +0,0 @@ -#include "../../fixtures/user_context.hpp" -#include "c_bind.h" -#include "account.hpp" -#include -#include -#include -#include -#include -#include - -using namespace barretenberg; -using namespace rollup::proofs::account; - -TEST(client_proofs_account_tx, test_serialization) -{ - account_tx tx; - tx.merkle_root = fr::random_element(); - tx.account_public_key = grumpkin::g1::element::random_element(); - tx.new_account_public_key = grumpkin::g1::element::random_element(); - tx.new_signing_pub_key_1 = grumpkin::g1::element::random_element(); - tx.new_signing_pub_key_2 = grumpkin::g1::element::random_element(); - tx.alias_hash = 0; - tx.create = true; - tx.migrate = false; - tx.account_note_index = 123; - tx.signing_pub_key = grumpkin::g1::one * grumpkin::fr::random_element(); - - for (size_t i = 0; i < 32; ++i) { - tx.account_note_path.push_back(std::make_pair(fr::random_element(), fr::random_element())); - } - - memset(&tx.signature.e, 1, 32); - memset(&tx.signature.s, 2, 32); - - auto buffer = to_buffer(tx); - auto tx2 = from_buffer(buffer.data()); - - EXPECT_EQ(tx, tx2); -} \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/account/account_tx_factory.hpp b/cpp/src/aztec/rollup/proofs/account/account_tx_factory.hpp deleted file mode 100644 index 26560f6daf..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/account_tx_factory.hpp +++ /dev/null @@ -1,77 +0,0 @@ -#pragma once -#include "compute_circuit_data.hpp" -#include "../../fixtures/user_context.hpp" - -namespace rollup { -namespace proofs { -namespace account { - -template class AccountTxFactory { - public: - AccountTxFactory(WorldState& world_state, fixtures::user_context const& user) - : world_state(world_state) - , user(user) - {} - - auto create_new_account_tx(uint32_t account_note_idx = 0) - { - account_tx tx; - tx.merkle_root = world_state.data_tree.root(); - tx.account_public_key = user.owner.public_key; - tx.new_account_public_key = user.owner.public_key; - tx.new_signing_pub_key_1 = user.signing_keys[0].public_key; - tx.new_signing_pub_key_2 = user.signing_keys[1].public_key; - tx.alias_hash = user.alias_hash; - tx.create = true; - tx.migrate = false; - tx.account_note_index = account_note_idx; - tx.signing_pub_key = user.signing_keys[0].public_key; - tx.account_note_path = world_state.data_tree.get_hash_path(account_note_idx); - return tx; - } - - auto create_migrate_account_tx(grumpkin::g1::affine_element& new_owner_key, - grumpkin::g1::affine_element new_signing_keys[2], - uint32_t account_note_idx = 0) - { - account_tx tx; - tx.merkle_root = world_state.data_tree.root(); - tx.account_public_key = user.owner.public_key; - tx.new_account_public_key = new_owner_key; - tx.new_signing_pub_key_1 = new_signing_keys[0]; - tx.new_signing_pub_key_2 = new_signing_keys[1]; - tx.alias_hash = user.alias_hash; - tx.create = false; - tx.migrate = true; - tx.account_note_index = account_note_idx; - tx.signing_pub_key = user.signing_keys[0].public_key; - tx.account_note_path = world_state.data_tree.get_hash_path(account_note_idx); - return tx; - } - - auto create_add_signing_keys_to_account_tx(grumpkin::g1::affine_element new_signing_keys[2], - uint32_t account_note_idx = 0) - { - account_tx tx; - tx.merkle_root = world_state.data_tree.root(); - tx.account_public_key = user.owner.public_key; - tx.new_account_public_key = user.owner.public_key; - tx.new_signing_pub_key_1 = new_signing_keys[0]; - tx.new_signing_pub_key_2 = new_signing_keys[1]; - tx.alias_hash = user.alias_hash; - tx.create = false; - tx.migrate = false; - tx.account_note_index = account_note_idx; - tx.signing_pub_key = user.signing_keys[0].public_key; - tx.account_note_path = world_state.data_tree.get_hash_path(account_note_idx); - return tx; - } - - private: - WorldState& world_state; - fixtures::user_context const& user; -}; - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/c_bind.cpp b/cpp/src/aztec/rollup/proofs/account/c_bind.cpp deleted file mode 100644 index 7d8d052e77..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/c_bind.cpp +++ /dev/null @@ -1,113 +0,0 @@ -#include "c_bind.h" -#include "account.hpp" -#include "compute_signing_data.hpp" -#include "../mock/mock_circuit.hpp" -#include -#include -#include -#include -#include -#include -#include - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; -using namespace rollup::proofs::account; - -#define WASM_EXPORT __attribute__((visibility("default"))) - -extern "C" { - -WASM_EXPORT void account__init_proving_key(bool mock) -{ - // We know that we don't actually need any CRS to create a proving key, so just feed in a nothing. - // Hacky, but, right now it needs *something*. - auto crs_factory = std::make_shared(); - init_proving_key(crs_factory, mock); -} - -WASM_EXPORT void account__release_key() -{ - release_key(); -} - -WASM_EXPORT void account__init_proving_key_from_buffer(uint8_t const* pk_buf) -{ - std::shared_ptr crs; - waffle::proving_key_data pk_data; - read(pk_buf, pk_data); - init_proving_key(crs, std::move(pk_data)); -} - -WASM_EXPORT uint32_t account__get_new_proving_key_data(uint8_t** output) -{ - // Computing the size of the serialized key is non trivial. - // Allocate a buffer large enough to hold it, and abort if we overflow. - // This is to keep memory usage down. - size_t total_buf_len = 350 * 1024 * 1024; - auto raw_buf = (uint8_t*)malloc(total_buf_len); - if (!raw_buf) { - info("Failed to alloc."); - std::abort(); - } - auto raw_buf_end = raw_buf; - write(raw_buf_end, *get_proving_key()); - *output = raw_buf; - auto len = static_cast(raw_buf_end - raw_buf); - if (len > total_buf_len) { - info("Buffer overflow serializing proving key."); - std::abort(); - } - return len; -} - -WASM_EXPORT void account__init_verification_key(void* pippenger, uint8_t const* g2x) -{ - auto crs_factory = std::make_unique( - reinterpret_cast(pippenger), g2x); - init_verification_key(std::move(crs_factory)); -} - -WASM_EXPORT void account__init_verification_key_from_buffer(uint8_t const* vk_buf, uint8_t const* g2x) -{ - auto crs = std::make_shared(g2x); - waffle::verification_key_data vk_data; - read(vk_buf, vk_data); - init_verification_key(crs, std::move(vk_data)); -} - -WASM_EXPORT uint32_t account__get_new_verification_key_data(uint8_t** output) -{ - auto buffer = to_buffer(*get_verification_key()); - auto raw_buf = (uint8_t*)malloc(buffer.size()); - memcpy(raw_buf, (void*)buffer.data(), buffer.size()); - *output = raw_buf; - return static_cast(buffer.size()); -} - -WASM_EXPORT void account__compute_signing_data(uint8_t const* account_buf, uint8_t* output) -{ - auto tx = from_buffer(account_buf); - auto signing_data = compute_signing_data(tx); - barretenberg::fr::serialize_to_buffer(signing_data, output); -} - -WASM_EXPORT void* account__new_prover(uint8_t const* account_buf, bool mock) -{ - auto tx = from_buffer(account_buf); - auto prover = new_account_prover(tx, mock); - auto heapProver = new UnrolledProver(std::move(prover)); - return heapProver; -} - -WASM_EXPORT void account__delete_prover(void* prover) -{ - delete reinterpret_cast(prover); -} - -WASM_EXPORT bool account__verify_proof(uint8_t* proof, uint32_t length) -{ - waffle::plonk_proof pp = { std::vector(proof, proof + length) }; - return verify_proof(pp); -} -} diff --git a/cpp/src/aztec/rollup/proofs/account/c_bind.h b/cpp/src/aztec/rollup/proofs/account/c_bind.h deleted file mode 100644 index ad124de8d2..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/c_bind.h +++ /dev/null @@ -1,26 +0,0 @@ -#include - -#define WASM_EXPORT __attribute__((visibility("default"))) - -extern "C" { - -WASM_EXPORT void account__init_proving_key(bool mock); - -WASM_EXPORT void account__init_proving_key_from_buffer(uint8_t const* pk_buf); - -WASM_EXPORT uint32_t account__get_new_proving_key_data(uint8_t** output); - -WASM_EXPORT void account__init_verification_key(void* pippenger, uint8_t const* g2x); - -WASM_EXPORT void account__init_verification_key_from_buffer(uint8_t const* vk_buf, uint8_t const* g2x); - -WASM_EXPORT uint32_t account__get_new_verification_key_data(uint8_t** output); - -WASM_EXPORT void account__compute_signing_data(uint8_t const* account_buf, uint8_t* output); - -WASM_EXPORT void* account__new_prover(uint8_t const* account_buf, bool mock); - -WASM_EXPORT void account__delete_prover(void* prover); - -WASM_EXPORT bool account__verify_proof(uint8_t* proof, uint32_t length); -} diff --git a/cpp/src/aztec/rollup/proofs/account/compute_signing_data.cpp b/cpp/src/aztec/rollup/proofs/account/compute_signing_data.cpp deleted file mode 100644 index b99c288e0e..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/compute_signing_data.cpp +++ /dev/null @@ -1,28 +0,0 @@ -#include "compute_signing_data.hpp" - -namespace rollup { -namespace proofs { -namespace account { - -using namespace crypto::pedersen; - -barretenberg::fr compute_signing_data(account_tx const& tx) -{ - auto nullifier_1 = tx.compute_account_alias_hash_nullifier(); - auto nullifier_2 = tx.compute_account_public_key_nullifier(); - - std::vector to_compress = { - tx.alias_hash, - tx.account_public_key.x, - tx.new_account_public_key.x, - tx.new_signing_pub_key_1.x, - tx.new_signing_pub_key_2.x, - nullifier_1, - nullifier_2, - }; - return compress_native(to_compress); -} - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/compute_signing_data.hpp b/cpp/src/aztec/rollup/proofs/account/compute_signing_data.hpp deleted file mode 100644 index c5d0c75399..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/compute_signing_data.hpp +++ /dev/null @@ -1,12 +0,0 @@ -#pragma once -#include "account_tx.hpp" - -namespace rollup { -namespace proofs { -namespace account { - -barretenberg::fr compute_signing_data(account_tx const& tx); - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/create_proof.hpp b/cpp/src/aztec/rollup/proofs/account/create_proof.hpp deleted file mode 100644 index 1f56ae8fb6..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/create_proof.hpp +++ /dev/null @@ -1,34 +0,0 @@ -#pragma once -#include "compute_circuit_data.hpp" -#include "account.hpp" -#include "../../fixtures/user_context.hpp" - -namespace rollup { -namespace proofs { -namespace account { - -inline std::vector create_proof(account_tx& tx, - fixtures::grumpkin_key_pair const& signer, - circuit_data const& cd, - numeric::random::Engine* rand_engine = nullptr) -{ - tx.sign(signer); - - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - composer.rand_engine = rand_engine; - - account_circuit(composer, tx); - - if (composer.failed) { - info("Account circuit logic failed: ", composer.err); - } - - auto prover = composer.create_unrolled_prover(); - auto proof = prover.construct_proof(); - - return proof.proof_data; -} - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/index.hpp b/cpp/src/aztec/rollup/proofs/account/index.hpp deleted file mode 100644 index de4fd6623f..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/index.hpp +++ /dev/null @@ -1,8 +0,0 @@ -#pragma once -#include "account_tx_factory.hpp" -#include "account_tx.hpp" -#include "account.hpp" -#include "c_bind.h" -#include "compute_circuit_data.hpp" -#include "create_proof.hpp" -#include "verify.hpp" diff --git a/cpp/src/aztec/rollup/proofs/account/verify.cpp b/cpp/src/aztec/rollup/proofs/account/verify.cpp deleted file mode 100644 index 8dfe759211..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/verify.cpp +++ /dev/null @@ -1,32 +0,0 @@ -#include "./verify.hpp" -#include "./account.hpp" -#include "./account_tx.hpp" - -namespace rollup { -namespace proofs { -namespace account { - -namespace { -verify_result build_circuit(Composer& composer, account_tx& tx, circuit_data const&) -{ - verify_result result; - account_circuit(composer, tx); - return result; -} -} // namespace - -verify_result verify_logic(account_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_logic_internal(composer, tx, cd, "account", build_circuit); -} - -verify_result verify(account_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_internal(composer, tx, cd, "account", true, build_circuit); -} - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/verify.hpp b/cpp/src/aztec/rollup/proofs/account/verify.hpp deleted file mode 100644 index ba469c480e..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/verify.hpp +++ /dev/null @@ -1,19 +0,0 @@ -#pragma once -#include "../verify.hpp" -#include "./compute_circuit_data.hpp" -#include "./account.hpp" -#include - -namespace rollup { -namespace proofs { -namespace account { - -using namespace plonk::stdlib::types::turbo; - -verify_result verify_logic(account_tx& tx, circuit_data const& cd); - -verify_result verify(account_tx& tx, circuit_data const& cd); - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/claim/CMakeLists.txt deleted file mode 100644 index e9d882a2f2..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/CMakeLists.txt +++ /dev/null @@ -1,11 +0,0 @@ -barretenberg_module( - rollup_proofs_claim - rollup_proofs_inner_proof_data - rollup_proofs_notes - crypto_schnorr - stdlib_blake2s - stdlib_sha256 - stdlib_pedersen - stdlib_schnorr - stdlib_primitives - stdlib_merkle_tree) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/claim/claim.test.cpp b/cpp/src/aztec/rollup/proofs/claim/claim.test.cpp deleted file mode 100644 index 4c618832c0..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/claim.test.cpp +++ /dev/null @@ -1,1584 +0,0 @@ -#include "../../constants.hpp" -#include "../../fixtures/user_context.hpp" -#include "index.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../notes/native/index.hpp" -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace claim { - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; -using namespace plonk::stdlib::merkle_tree; -using namespace rollup::proofs::notes::native; -using namespace rollup::proofs::notes::native::claim; - -namespace { -std::shared_ptr srs; -circuit_data cd; -auto& engine = numeric::random::get_debug_engine(); -} // namespace - -class claim_tests : public ::testing::Test { - protected: - static void SetUpTestCase() - { - srs = std::make_shared("../srs_db/ignition"); - cd = get_circuit_data(srs); - } - - virtual void SetUp() - { - store = std::make_unique(); - data_tree = std::make_unique>(*store, DATA_TREE_DEPTH, 0); - defi_tree = std::make_unique>(*store, DEFI_TREE_DEPTH, 1); - user = rollup::fixtures::create_user_context(); - } - - template void append_note(T const& note, Tree& tree) - { - tree->update_element(tree->size(), note.commit()); - } - - claim_tx create_claim_tx(claim_note const& claim_note, - uint32_t claim_note_index, - uint32_t defi_note_index, - defi_interaction::note const& interaction_note) - { - claim_tx tx; - tx.data_root = data_tree->root(); - tx.claim_note = claim_note; - tx.claim_note_index = claim_note_index; - tx.claim_note.fee = claim_note.fee; - tx.claim_note_path = data_tree->get_hash_path(claim_note_index); - - tx.defi_root = defi_tree->root(); - tx.defi_note_index = defi_note_index; - tx.defi_interaction_note = interaction_note; - tx.defi_interaction_note_path = defi_tree->get_hash_path(defi_note_index); - - tx.output_value_a = ((uint512_t(claim_note.deposit_value) * uint512_t(interaction_note.total_output_value_a)) / - uint512_t(interaction_note.total_input_value)) - .lo; - tx.output_value_b = ((uint512_t(claim_note.deposit_value) * uint512_t(interaction_note.total_output_value_b)) / - uint512_t(interaction_note.total_input_value)) - .lo; - return tx; - } - - rollup::fixtures::user_context user; - std::unique_ptr store; - std::unique_ptr> data_tree; - std::unique_ptr> defi_tree; - const uint32_t asset_id = 1; - const uint32_t empty_virtual_asset_id = uint32_t(1) << (MAX_NUM_ASSETS_BIT_LENGTH - 1); -}; - -TEST_F(claim_tests, test_claim_and_detect_circuit_change) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - EXPECT_TRUE(verify_logic(tx, cd).logic_verified); - // The below part detects changes in the claim circuit - size_t number_of_gates_claim = get_number_of_gates(); - auto vk_hash_claim = get_verification_key()->sha256_hash(); - // If the below assertions fail, consider changing the variable is_circuit_change_expected to 1 in - // rollup/constants.hpp and see if atleast the next power of two limit is not exceeded. Please change the constant - // values accordingly and set is_circuit_change_expected to 0 in rollup/constants.hpp before merging. - if (!(circuit_gate_count::is_circuit_change_expected)) { - EXPECT_EQ(number_of_gates_claim, circuit_gate_count::CLAIM) - << "The gate count for the claim circuit is changed."; - EXPECT_EQ(from_buffer(vk_hash_claim), circuit_vk_hash::CLAIM) - << "The verification key hash for the claim circuit is changed: " << from_buffer(vk_hash_claim); - // For the next power of two limit, we need to consider that we reserve four gates for adding - // randomness/zero-knowledge - EXPECT_LE(number_of_gates_claim, - circuit_gate_next_power_of_two::CLAIM - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the claim circuit."; - } else { - EXPECT_LE(number_of_gates_claim, - circuit_gate_next_power_of_two::CLAIM - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the claim circuit."; - } -} - -TEST_F(claim_tests, test_theft_via_field_overflow_fails_1) -{ - // Choose values to retain the ratio (deposit * total_output_value_a) == (output_value_a * total_input_value) - // deposit value: 1 - // total_input_value: 2 - // total_output_value_a: 1 - // output_value_a: 10944121435919637611123202872628637544274182200208017171849102093287904247809; // = 2^(-1) - - uint256_t o_v_a( - 0xA1F0FAC9F8000001ULL, 0x9419F4243CDCB848ULL, 0xDC2822DB40C0AC2EULL, 0x183227397098D014ULL); // 2^(-1) - - const claim_note note1 = { .deposit_value = 1, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 2, - .total_output_value_a = 1, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = o_v_a; // choose the cheeky large output value - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: output_value_a"); -} - -TEST_F(claim_tests, test_theft_via_field_overflow_fails_2) -{ - // Choose values to retain the ratio (deposit * total_output_value_a) == (output_value_a * total_input_value) - // deposit value: 1 - // total_input_value: 74 // chosen (by brute force) so that the inverse is under 252 bits. - // total_output_value_a: 1 - // output_value_a: 295787065835665881381708185746719933629031951356973437077002759278051466157 // 74^(-1) - - uint256_t o_v_a( - 0x507c2274294c1badULL, 0x11d7301ca7b2f039ULL, 0x21a0384b1d6cfdbcULL, 0x00a768d809f64ad0ULL); // 74^(-1) - - const claim_note note1 = { .deposit_value = 1, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 74, - .total_output_value_a = 1, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = o_v_a; // choose the cheeky large output value, that flies under the 252-bit radar - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: subtract: output_value_a > total_output_value_a"); -} - -TEST_F(claim_tests, test_integer_division_works) -{ - // Choose a total_output_value_a which is not divisible (in the integers) by the user's share. - // E.g. deposit 3 / 9. Then if the total output is 10, 1/3 * 10 = 3.333333, so should yield '3', rather than some - // giant field element (3^(-1) * 10). - // Tests to ensure the circuit copes with residuals correctly. - - const claim_note note1 = { .deposit_value = 3, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 9, - .total_output_value_a = 10, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(claim_tests, test_outputs_larger_than_252_bits_fails) -{ - uint256_t r( - 0x43E1F593F0000001ULL, 0x2833E84879B97091ULL, 0xB85045B68181585DULL, 0x30644E72E131A029ULL); // field modulus - - const claim_note note1 = { .deposit_value = 1, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 1, - .total_output_value_a = r - 1, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: total_output_value_a"); -} - -TEST_F(claim_tests, test_zero_deposit_fails) -{ - const claim_note note1 = { .deposit_value = 0, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 1, - .total_output_value_a = 1, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "Not supported: zero deposit"); -} - -TEST_F(claim_tests, test_theft_via_zero_equality_fails) -{ - // Choose values so that the both sides are zero: - // (deposit * total_output_value_a) == (output_value_a * total_input_value) - // deposit = 0 - // total_input_value: 1 - // total_output_value_a: 0 - // output_value_a: MAX_252_BIT_VALUE - - uint256_t MAX_252_BIT_VALUE( - 0xffffffffffffffffULL, 0xffffffffffffffffULL, 0xffffffffffffffffULL, 0x00ffffffffffffffULL); - const claim_note note1 = { .deposit_value = 0, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 1, - .total_output_value_a = 1, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = MAX_252_BIT_VALUE; // Try to steal loads of money. - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, - "Not supported: zero deposit"); // This case was already caught by the ratio_check function preventing - // a zero-valued denominator of b2 = total_output_value_a. -} - -TEST_F(claim_tests, test_deposit_greater_than_total_fails) -{ - const claim_note note1 = { .deposit_value = 100, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 10, - .total_output_value_a = 10, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = 100; // Match the malicious ratio of the deposit_value:total_input_value - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: subtract: deposit_value > total_input_value"); -} - -TEST_F(claim_tests, test_output_value_greater_than_total_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 10, - .total_output_value_a = 10, - .total_output_value_b = 0, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = 100; // Cheeky - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: subtract: output_value_a > total_output_value_a"); -} - -TEST_F(claim_tests, test_zero_output_value_fails) -{ - const claim_note note1 = { .deposit_value = 1, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 1, - .total_output_value_a = 1, - .total_output_value_b = 0, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = 0; // We want to test whether a 0 output_value will fail - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "ratio check 1 failed"); -} - -TEST_F(claim_tests, test_zero_total_output_value_fails) -{ - const claim_note note1 = { .deposit_value = 1, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 1, - .total_output_value_a = 0, - .total_output_value_b = 0, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = 1; // We want to test whether a 0 output_value will fail - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ( - result.err, - "safe_uint_t range constraint failure: subtract: output_value_a > total_output_value_a"); // The 'division by - // zero' checks aren't - // even reached, - // because this one - // gets triggered - // first. -} - -TEST_F(claim_tests, test_unmatching_ratio_a_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_a = 10; // Force an unmatching ratio (it should be 20) - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "ratio check 1 failed"); -} - -TEST_F(claim_tests, test_unmatching_ratio_b_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - tx.output_value_b = 10; // Force an unmatching ratio (it should be 20) - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "ratio check 2 failed"); -} - -TEST_F(claim_tests, test_unmatching_bridge_call_datas_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 1, // mismatch - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "note bridge call datas don't match"); -} - -TEST_F(claim_tests, test_unmatching_interaction_nonces_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 1, // mismatch - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "note nonces don't match"); -} - -TEST_F(claim_tests, test_missing_claim_note_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - // Notice: note1 not being appended - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "claim note not a member"); -} - -TEST_F(claim_tests, test_missing_interaction_note_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - append_note(note1, data_tree); - // Notice: note2 not being appended - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "defi interaction note not a member"); -} - -TEST_F(claim_tests, test_defi_note_incorrect_index_fails) -{ - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = 0, - .defi_interaction_nonce = 25, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - append_note(note1, data_tree); - - // add some notes to the defi tree - for (uint32_t i = 0; i < 32; i++) { - const defi_interaction::note empty_note = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 0, - .total_output_value_a = 0, - .total_output_value_b = 0, - .interaction_result = 0 }; - append_note(empty_note, defi_tree); - } - - // create some actual notes - std::vector defi_notes; - for (uint32_t i = 0; i < 32; i++) { - const defi_interaction::note note = { .bridge_call_data = 0, - .interaction_nonce = i, - .total_input_value = 100 + i, - .total_output_value_a = 200 + i, - .total_output_value_b = 300 + i, - .interaction_result = 1 }; - defi_notes.push_back(note); - append_note(note, defi_tree); - } - - claim_tx tx_fail = - create_claim_tx(note1, 0, 25, defi_notes[25]); // interaction index taken from interaction nonce is not correct - auto result = verify_logic(tx_fail, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "defi interaction note not a member"); - - // the defi note is actually at index 31 + 26 - claim_tx tx_pass = create_claim_tx(note1, 0, 57, defi_notes[25]); - result = verify_logic(tx_pass, cd); - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(claim_tests, test_claim_for_virtual_note) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = empty_virtual_asset_id, - .config = - bridge_call_data::bit_config{ - .second_input_in_use = false, - .second_output_in_use = true // <-- - }, - .aux_data = 0 }; - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 300, - .total_output_value_b = 400, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_first_input_note_virtual) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = empty_virtual_asset_id, // <-- - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = 222, - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); -} - -TEST_F(claim_tests, test_first_output_note_virtual) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = empty_virtual_asset_id, // <-- - .output_asset_id_b = 222, - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); -} - -TEST_F(claim_tests, test_second_input_note_nonzero_and_not_in_use_fails) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = empty_virtual_asset_id, // <-- - .output_asset_id_a = 111, - .output_asset_id_b = 222, - .config = - bridge_call_data::bit_config{ .second_input_in_use = false, // <-- - .second_output_in_use = false }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "Expected second_input_in_use, given input_asset_id_b != 0"); -} - -TEST_F(claim_tests, test_second_output_note_nonzero_and_not_in_use_fails) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = empty_virtual_asset_id, // <-- - .config = - bridge_call_data::bit_config{ - .second_input_in_use = false, - .second_output_in_use = false // <-- - }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "Expected second_output_in_use, given output_asset_id_b != 0"); -} - -TEST_F(claim_tests, test_second_input_in_use_means_asset_ids_equal_fails) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, // <-- equal - .output_asset_id_a = 0, - .output_asset_id_b = 0, - .config = - bridge_call_data::bit_config{ .second_input_in_use = true, // <-- - .second_output_in_use = false }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "input asset ids must be different for the second bridge input to be in-use"); -} - -TEST_F(claim_tests, test_second_output_in_use_means_real_output_asset_ids_equal_fails) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = 111, // <-- equal - .config = - bridge_call_data::bit_config{ - .second_input_in_use = false, - .second_output_in_use = true // <-- - }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "real output asset ids must be different for the second bridge output to be in-use"); -} - -TEST_F(claim_tests, test_second_output_in_use_and_virtual_output_asset_ids_equal) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = empty_virtual_asset_id, - .output_asset_id_b = empty_virtual_asset_id, // <-- equal - .config = - bridge_call_data::bit_config{ - .second_input_in_use = false, - .second_output_in_use = true // <-- - }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(claim_tests, test_first_bridge_output_virtual_but_invalid_placeholder_fails) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = empty_virtual_asset_id + 1, // should be 2 ** 29. - .output_asset_id_b = 0, - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = false }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "output_asset_id_a detected as virtual, but has incorrect placeholder value"); -} - -TEST_F(claim_tests, test_second_bridge_output_virtual_but_invalid_placeholder_fails) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = empty_virtual_asset_id, - .output_asset_id_b = empty_virtual_asset_id + 1, // should be 2 ** 29. - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "output_asset_id_b detected as virtual, but has incorrect placeholder value"); -} - -TEST_F(claim_tests, test_claim_2_outputs_full_proof) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = 222, - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 }; - - // Create some values for our circuit that are large enough to properly test the ratio checks. - // The defi deposit value must be atmost 242 bits (since we sum up defi deposits in rollup circuit). - auto random_value = []() { - uint256_t a = engine.get_random_uint256(); - a.data[3] = a.data[3] & 0x0003ffffffffffffULL; - return a; - }; - uint256_t input_value = random_value(); - uint256_t total_input = random_value(); - uint256_t total_output_a = random_value(); - uint256_t total_output_b = random_value(); - - // Check total_in >= user_in. Does not work otherwise because we get integer overflow. - if (input_value > total_input) { - std::swap(input_value, total_input); - } - - // Create and add a claim note, and a defi interaction note, to the data tree. - const claim_note note1 = { .deposit_value = input_value, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = total_input, - .total_output_value_a = total_output_a, - .total_output_value_b = total_output_b, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - - // Construct transaction data. - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - - // Verify proof. - auto result = verify(tx, cd); - ASSERT_TRUE(result.verified); - - uint256_t nullifier1 = compute_nullifier(note1.commit()); - uint256_t nullifier2 = defi_interaction::compute_nullifier(note2.commit(), note1.commit()); - - // Compute expected public inputs. - auto proof_data = inner_proof_data(result.proof_data); - - const value_note expected_output_note1 = { .value = tx.output_value_a, - .asset_id = bridge_call_data.output_asset_id_a, - .account_required = false, - .owner = user.owner.public_key, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = nullifier1 }; - - const value_note expected_output_note2 = { .value = tx.output_value_b, - .asset_id = bridge_call_data.output_asset_id_b, - .account_required = false, - .owner = user.owner.public_key, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = nullifier2 }; - - // Validate public inputs. - EXPECT_EQ(proof_data.proof_id, ProofIds::DEFI_CLAIM); - EXPECT_EQ(proof_data.note_commitment1, expected_output_note1.commit()); - EXPECT_EQ(proof_data.note_commitment2, expected_output_note2.commit()); - EXPECT_EQ(proof_data.nullifier1, nullifier1); - EXPECT_EQ(proof_data.nullifier2, uint256_t(nullifier2)); - EXPECT_EQ(proof_data.public_value, uint256_t(0)); - EXPECT_EQ(proof_data.public_owner, fr(0)); - EXPECT_EQ(proof_data.asset_id, uint256_t(0)); - EXPECT_EQ(proof_data.merkle_root, data_tree->root()); - EXPECT_EQ(proof_data.tx_fee, uint256_t(0)); - EXPECT_EQ(proof_data.tx_fee_asset_id, bridge_call_data.input_asset_id_a); - EXPECT_EQ(proof_data.bridge_call_data, tx.claim_note.bridge_call_data); - EXPECT_EQ(proof_data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(proof_data.defi_root, defi_tree->root()); - EXPECT_EQ(proof_data.backward_link, fr(0)); - EXPECT_EQ(proof_data.allow_chain, uint256_t(0)); -} - -TEST_F(claim_tests, test_claim_1_output_full_proof) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = 0, - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = false }, - .aux_data = 0 }; - const uint32_t claim_fee = 8; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = claim_fee, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - auto result = verify(tx, cd); - - auto proof_data = inner_proof_data(result.proof_data); - - uint256_t nullifier1 = compute_nullifier(note1.commit()); - uint256_t nullifier2 = defi_interaction::compute_nullifier(note2.commit(), note1.commit()); - - const value_note expected_output_note1 = { .value = 20, - .asset_id = bridge_call_data.output_asset_id_a, - .account_required = false, - .owner = user.owner.public_key, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = nullifier1 }; - - EXPECT_EQ(proof_data.proof_id, ProofIds::DEFI_CLAIM); - EXPECT_EQ(proof_data.note_commitment1, expected_output_note1.commit()); - EXPECT_EQ(proof_data.note_commitment2, fr(0)); - EXPECT_EQ(proof_data.nullifier1, nullifier1); - EXPECT_EQ(proof_data.nullifier2, uint256_t(nullifier2)); - EXPECT_EQ(proof_data.public_value, uint256_t(0)); - EXPECT_EQ(proof_data.public_owner, fr(0)); - EXPECT_EQ(proof_data.asset_id, uint256_t(0)); - EXPECT_EQ(proof_data.merkle_root, data_tree->root()); - EXPECT_EQ(proof_data.tx_fee, claim_fee); - EXPECT_EQ(proof_data.tx_fee_asset_id, bridge_call_data.input_asset_id_a); - EXPECT_EQ(proof_data.bridge_call_data, tx.claim_note.bridge_call_data); - EXPECT_EQ(proof_data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(proof_data.defi_root, defi_tree->root()); - EXPECT_EQ(proof_data.backward_link, fr(0)); - EXPECT_EQ(proof_data.allow_chain, uint256_t(0)); - - EXPECT_TRUE(result.verified); -} - -TEST_F(claim_tests, test_claim_1_output_with_virtual_note_full_proof) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = empty_virtual_asset_id, - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 }; - const uint32_t claim_fee = 8; - const uint64_t defi_interaction_nonce = 2; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = defi_interaction_nonce, - .fee = claim_fee, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = defi_interaction_nonce, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - - const defi_interaction::note dummy = { .bridge_call_data = 0, - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 100, - .total_output_value_b = 100, - .interaction_result = 1 }; - - append_note(note1, data_tree); - append_note(dummy, defi_tree); - append_note(dummy, defi_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 2, note2); - auto result = verify(tx, cd); - - auto proof_data = inner_proof_data(result.proof_data); - - uint256_t nullifier1 = compute_nullifier(note1.commit()); - uint256_t nullifier2 = defi_interaction::compute_nullifier(note2.commit(), note1.commit()); - - const value_note expected_output_note1 = { .value = 20, - .asset_id = bridge_call_data.output_asset_id_a, - .account_required = false, - .owner = user.owner.public_key, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = nullifier1 }; - - const value_note expected_output_note2 = { .value = 30, - .asset_id = static_cast(1 << (MAX_NUM_ASSETS_BIT_LENGTH - 1)) + - defi_interaction_nonce, - .account_required = false, - .owner = user.owner.public_key, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = nullifier2 }; - - EXPECT_EQ(proof_data.proof_id, ProofIds::DEFI_CLAIM); - EXPECT_EQ(proof_data.merkle_root, data_tree->root()); - EXPECT_EQ(proof_data.note_commitment1, expected_output_note1.commit()); - EXPECT_EQ(proof_data.note_commitment2, expected_output_note2.commit()); - EXPECT_EQ(proof_data.nullifier1, nullifier1); - EXPECT_EQ(proof_data.nullifier2, nullifier2); - EXPECT_EQ(proof_data.public_value, uint256_t(0)); - EXPECT_EQ(proof_data.public_owner, fr(0)); - EXPECT_EQ(proof_data.bridge_call_data, tx.claim_note.bridge_call_data); - EXPECT_EQ(proof_data.tx_fee, claim_fee); - EXPECT_EQ(proof_data.tx_fee_asset_id, bridge_call_data.input_asset_id_a); - EXPECT_EQ(proof_data.bridge_call_data, tx.claim_note.bridge_call_data); - EXPECT_EQ(proof_data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(proof_data.defi_root, defi_tree->root()); - - EXPECT_TRUE(result.verified); -} - -TEST_F(claim_tests, test_claim_refund_full_proof) -{ - const bridge_call_data bridge_call_data = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = 222, - .config = bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 }; - - const claim_note note1 = { .deposit_value = 10, - .bridge_call_data = bridge_call_data.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - const defi_interaction::note note2 = { .bridge_call_data = bridge_call_data.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 0 }; // <-- refund - - append_note(note1, data_tree); - append_note(note2, defi_tree); - claim_tx tx = create_claim_tx(note1, 0, 0, note2); - auto result = verify(tx, cd); - - auto proof_data = inner_proof_data(result.proof_data); - - uint256_t nullifier1 = compute_nullifier(note1.commit()); - uint256_t nullifier2 = defi_interaction::compute_nullifier(note2.commit(), note1.commit()); - - const value_note expected_output_note1 = { .value = 10, - .asset_id = bridge_call_data.input_asset_id_a, - .account_required = false, - .owner = user.owner.public_key, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = nullifier1 }; - - EXPECT_EQ(proof_data.proof_id, ProofIds::DEFI_CLAIM); - EXPECT_EQ(proof_data.note_commitment1, expected_output_note1.commit()); - EXPECT_EQ(proof_data.note_commitment2, fr(0)); - EXPECT_EQ(proof_data.nullifier1, nullifier1); - EXPECT_EQ(proof_data.nullifier2, uint256_t(nullifier2)); - EXPECT_EQ(proof_data.public_value, uint256_t(0)); - EXPECT_EQ(proof_data.public_owner, fr(0)); - EXPECT_EQ(proof_data.asset_id, uint256_t(0)); - EXPECT_EQ(proof_data.merkle_root, data_tree->root()); - EXPECT_EQ(proof_data.tx_fee, uint256_t(0)); - EXPECT_EQ(proof_data.tx_fee_asset_id, bridge_call_data.input_asset_id_a); - EXPECT_EQ(proof_data.bridge_call_data, tx.claim_note.bridge_call_data); - EXPECT_EQ(proof_data.defi_deposit_value, uint256_t(0)); - EXPECT_EQ(proof_data.defi_root, defi_tree->root()); - EXPECT_EQ(proof_data.backward_link, fr(0)); - EXPECT_EQ(proof_data.allow_chain, uint256_t(0)); - - EXPECT_TRUE(result.verified); -} - -// RANGE CHECK TESTS - -// For less verbose code, we set up some default test data here. Individual elements of the test_data can then be -// modified in each test. -class test_data { - private: - const uint32_t empty_virtual_asset_id = (uint32_t(1) << (MAX_NUM_ASSETS_BIT_LENGTH - 1)); - - public: - bridge_call_data bid; - claim_note note1; - defi_interaction::note note2; - - struct virtual_flags { - bool in1 = false; - bool in2 = false; - bool out1 = false; - bool out2 = false; - }; - - struct in_use_flags { - bool in2 = false; - bool out2 = false; - }; - - test_data(rollup::fixtures::user_context user, - virtual_flags virtual_flags = { false, false, false, false }, - in_use_flags in_use = { false, false }) - { - bid = { .bridge_address_id = 123, - .input_asset_id_a = 456 + (virtual_flags.in1 ? empty_virtual_asset_id : 0), - .input_asset_id_b = (in_use.in2 ? 789 : 0) + (virtual_flags.in2 ? empty_virtual_asset_id : 0), - .output_asset_id_a = virtual_flags.out1 ? empty_virtual_asset_id : 111, - .output_asset_id_b = in_use.out2 ? (virtual_flags.out2 ? empty_virtual_asset_id : 222) : 0, - .config = bridge_call_data::bit_config{ .second_input_in_use = in_use.in2, - .second_output_in_use = in_use.out2 }, - .aux_data = 0 }; - - // claim note: - note1 = { .deposit_value = 10, - .bridge_call_data = bid.to_uint256_t(), - .defi_interaction_nonce = 0, - .fee = 0, - .value_note_partial_commitment = - create_partial_commitment(user.note_secret, user.owner.public_key, 0, 0), - .input_nullifier = fr::random_element(&engine) }; - - // defi interaction note: - note2 = { .bridge_call_data = bid.to_uint256_t(), - .interaction_nonce = 0, - .total_input_value = 100, - .total_output_value_a = 200, - .total_output_value_b = 300, - .interaction_result = 1 }; - }; -}; - -// Elements of bridge_call_data are implicitly range-constrained by the bit-shifting in bridge_call_data.hpp (since bits -// outside of the valid ranges are ignored) - -// Can't create tests which attempt to exceed 32-bit range for values which are 'fed in' as uint32_t - -TEST_F(claim_tests, test_total_input_value_out_of_range_fails) -{ - test_data test_data(user); - uint256_t total_input_value = uint256_t(1) << 253; // <-- - test_data.note2.total_input_value = total_input_value; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: total_input_value"); -} - -TEST_F(claim_tests, test_total_output_value_a_out_of_range_fails) -{ - test_data test_data(user); - uint256_t total_output_value_a = uint256_t(1) << 253; // <-- - test_data.note2.total_output_value_a = total_output_value_a; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: total_output_value_a"); -} - -TEST_F(claim_tests, test_total_output_value_b_out_of_range_fails) -{ - test_data test_data(user); - uint256_t total_output_value_b = uint256_t(1) << 253; // <-- - test_data.note2.total_output_value_b = total_output_value_b; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: total_output_value_b"); -} - -TEST_F(claim_tests, test_deposit_value_out_of_range_fails) -{ - test_data test_data(user); - uint256_t deposit_value = uint256_t(1) << 253; // <-- - test_data.note1.deposit_value = deposit_value; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: deposit_value"); -} - -TEST_F(claim_tests, test_fee_out_of_range_fails) -{ - test_data test_data(user); - uint256_t fee = uint256_t(1) << 253; // <-- - test_data.note1.fee = fee; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "safe_uint_t range constraint failure: fee"); -} - -TEST_F(claim_tests, test_refund_one_virtual) -{ - test_data test_data(user, { .in1 = true }); - test_data.note2.interaction_result = false; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], 0); -} - -TEST_F(claim_tests, test_refund_two_virtual) -{ - test_data test_data(user, { .in1 = true, .in2 = true }, { .in2 = true }); - test_data.note2.interaction_result = false; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_refund_one_real) -{ - test_data test_data(user, {}, { .out2 = true }); - test_data.note2.interaction_result = false; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], 0); -} - -TEST_F(claim_tests, test_refund_two_real) -{ - test_data test_data(user, {}, { .out2 = true }); - test_data.note2.interaction_result = false; - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_refund_virtual_real) -{ - test_data test_data(user, { .in1 = true }, { .in2 = true }); - test_data.note2.interaction_result = false; - - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_refund_real_virtual) -{ - test_data test_data(user, { .in2 = true }, { .in2 = true }); - test_data.note2.interaction_result = false; - - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_one_virtual) -{ - test_data test_data(user, { .out1 = true }); - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], 0); -} - -TEST_F(claim_tests, test_two_virtual) -{ - test_data test_data(user, { .out1 = true, .out2 = true }, { .out2 = true }); - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_one_real) -{ - test_data test_data(user, { .in1 = true }); - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], 0); -} - -TEST_F(claim_tests, test_two_real) -{ - test_data test_data(user, {}, { .out2 = true }); - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_virtual_real) -{ - test_data test_data(user, { .out1 = true, .out2 = true }, { .out2 = true }); - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} - -TEST_F(claim_tests, test_real_virtual) -{ - test_data test_data(user, { .out2 = true }, { .out2 = true }); - append_note(test_data.note1, data_tree); - append_note(test_data.note2, defi_tree); - claim_tx tx = create_claim_tx(test_data.note1, 0, 0, test_data.note2); - - auto result = verify_logic(tx, cd); - EXPECT_TRUE(result.logic_verified); - EXPECT_EQ(tx.get_output_notes()[0], result.public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - EXPECT_EQ(tx.get_output_notes()[1], result.public_inputs[InnerProofFields::NOTE_COMMITMENT2]); -} -} // namespace claim -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/claim/claim_circuit.cpp b/cpp/src/aztec/rollup/proofs/claim/claim_circuit.cpp deleted file mode 100644 index b1fca6f1da..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/claim_circuit.cpp +++ /dev/null @@ -1,216 +0,0 @@ -#include "claim_circuit.hpp" -#include "ratio_check.hpp" -#include "../notes/circuit/index.hpp" -#include - -// #pragma GCC diagnostic ignored "-Wunused-variable" -// #pragma GCC diagnostic ignored "-Wunused-parameter" -namespace rollup { -namespace proofs { -namespace claim { - -using namespace plonk::stdlib::merkle_tree; -using namespace notes; - -void claim_circuit(Composer& composer, claim_tx const& tx) -{ - // Create witnesses. - const auto proof_id = field_ct(witness_ct(&composer, ProofIds::DEFI_CLAIM)); - proof_id.assert_equal(ProofIds::DEFI_CLAIM); - const auto data_root = field_ct(witness_ct(&composer, tx.data_root)); - const auto defi_root = field_ct(witness_ct(&composer, tx.defi_root)); - const auto claim_note_index = - suint_ct(witness_ct(&composer, tx.claim_note_index), DATA_TREE_DEPTH, "claim_note_index"); - const auto claim_note_path = create_witness_hash_path(composer, tx.claim_note_path); - const auto defi_note_index = - suint_ct(witness_ct(&composer, tx.defi_note_index), DEFI_TREE_DEPTH, "defi_note_index"); - /** - * Conversion to `claim_note_witness_data` contains: - * - range constraints on the claim note's attributes - * - expansion of bridge_call_data - * - expansion of the bridge_call_data's bit_config - * - sense checks on the bit_config's values - * (some bits can contradict each other) - */ - const auto claim_note_data = circuit::claim::claim_note_witness_data(composer, tx.claim_note); - const auto claim_note = circuit::claim::claim_note(claim_note_data); - const auto defi_interaction_note_path = create_witness_hash_path(composer, tx.defi_interaction_note_path); - /** - * Implicit conversion to `defi_interaction::witness_data` includes: - * - range constraints on the defi_interaction_note's attributes - * - expansion of bridge_call_data - * - expansion of the bridge_call_data's bit_config - * - sense checks on the bit_config's values - * (some bits can contradict each other) - */ - const auto defi_interaction_note = circuit::defi_interaction::note({ composer, tx.defi_interaction_note }); - const auto output_value_a = - suint_ct(witness_ct(&composer, tx.output_value_a), NOTE_VALUE_BIT_LENGTH, "output_value_a"); - const auto output_value_b = - suint_ct(witness_ct(&composer, tx.output_value_b), NOTE_VALUE_BIT_LENGTH, "output_value_b"); - - const bool_ct first_output_virtual = - circuit::get_asset_id_flag(claim_note_data.bridge_call_data_local.output_asset_id_a); - const bool_ct second_output_virtual = - circuit::get_asset_id_flag(claim_note_data.bridge_call_data_local.output_asset_id_b); - const bool_ct& second_input_in_use = claim_note_data.bridge_call_data_local.config.second_input_in_use; - const bool_ct& second_output_in_use = claim_note_data.bridge_call_data_local.config.second_output_in_use; - - { - // Don't support zero deposits (because they're illogical): - claim_note.deposit_value.value.assert_is_not_zero("Not supported: zero deposit"); - // Ensure deposit_value <= total_input_value - defi_interaction_note.total_input_value.subtract( - claim_note.deposit_value, NOTE_VALUE_BIT_LENGTH, "deposit_value > total_input_value"); - // These checks are superfluous, but included just in case: - // Ensure output_value_a <= total_output_value_a - defi_interaction_note.total_output_value_a.subtract( - output_value_a, NOTE_VALUE_BIT_LENGTH, "output_value_a > total_output_value_a"); - // Ensure output_value_b <= total_output_value_b - defi_interaction_note.total_output_value_b.subtract( - output_value_b, NOTE_VALUE_BIT_LENGTH, "output_value_b > total_output_value_b"); - } - - { - // Ratio checks. - // Note, these ratio_checks also guarantee: - // defi_interaction_note.total_input_value != 0 - // defi_interaction_note.total_output_value_a != 0 (unless output_value_a == 0) - // defi_interaction_note.total_output_value_b != 0 (unless output_value_b == 0) - - // Check that (deposit * total_output_value_a) == (output_value_a * total_input_value) - // Rearranging, this ensures output_value_a == (deposit / total_input_value) * total_output_value_a - const bool_ct rc1 = ratio_check(composer, - { .a1 = claim_note.deposit_value.value, - .a2 = defi_interaction_note.total_input_value.value, - .b1 = output_value_a.value, - .b2 = defi_interaction_note.total_output_value_a.value }); - const bool_ct valid1 = (output_value_a == 0 && defi_interaction_note.total_output_value_a == 0) || rc1; - valid1.assert_equal(true, "ratio check 1 failed"); - - // Check that (deposit * total_output_value_b) == (output_value_b * total_input_value) - // Rearranging, this ensures output_value_b == (deposit / total_input_value) * total_output_value_b - const bool_ct rc2 = ratio_check(composer, - { .a1 = claim_note.deposit_value.value, - .a2 = defi_interaction_note.total_input_value.value, - .b1 = output_value_b.value, - .b2 = defi_interaction_note.total_output_value_b.value }); - const bool_ct valid2 = (output_value_b == 0 && defi_interaction_note.total_output_value_b == 0) || rc2; - valid2.assert_equal(true, "ratio check 2 failed"); - } - - // This nullifier1 is unique because the claim_note.commitment is unique (which itself is unique because it contains - // a unique input_nullifier (from the defi-deposit tx which created it)). - const auto nullifier1 = circuit::claim::compute_nullifier(claim_note.commitment); - - // We 'nullify' this (claim note, defi interaction note) combination. Each owner of a claim note can produce a valid - // nullifier. - const auto nullifier2 = - circuit::defi_interaction::compute_nullifier(defi_interaction_note.commitment, claim_note.commitment); - - field_ct output_note_commitment1; - field_ct output_note_commitment2; - { - // Compute output notes. - const auto virtual_note_flag = suint_ct(uint256_t(1) << (MAX_NUM_ASSETS_BIT_LENGTH - 1)); - - // If the defi interaction was unsuccessful, refund the original defi_deposit_value (which was denominated in - // bridge input_asset_id_a) via output note 1. - const bool_ct& interaction_success = defi_interaction_note.interaction_result; - const auto output_value_1 = - suint_ct::conditional_assign(interaction_success, output_value_a, claim_note_data.deposit_value); - const auto output_asset_id_1_if_success = - suint_ct::conditional_assign(first_output_virtual, - virtual_note_flag + claim_note.defi_interaction_nonce, - claim_note_data.bridge_call_data_local.output_asset_id_a); - const auto output_asset_id_1 = suint_ct::conditional_assign( - interaction_success, output_asset_id_1_if_success, claim_note_data.bridge_call_data_local.input_asset_id_a); - output_note_commitment1 = circuit::value::complete_partial_commitment( - claim_note.value_note_partial_commitment, output_value_1, output_asset_id_1, nullifier1); - - // If the defi interaction was unsuccessful, refund the original defi_deposit_value (which was denominated in - // bridge input_asset_id_b) via output note 2, and only if there was a second input asset to the bridge. - const auto output_value_2 = - suint_ct::conditional_assign(interaction_success, output_value_b, claim_note_data.deposit_value); - const auto output_asset_id_2_if_success = - suint_ct::conditional_assign(second_output_virtual, - virtual_note_flag + claim_note.defi_interaction_nonce, - claim_note_data.bridge_call_data_local.output_asset_id_b); - const auto output_asset_id_2 = suint_ct::conditional_assign( - interaction_success, output_asset_id_2_if_success, claim_note_data.bridge_call_data_local.input_asset_id_b); - output_note_commitment2 = circuit::value::complete_partial_commitment( - claim_note.value_note_partial_commitment, output_value_2, output_asset_id_2, nullifier2); - - // We zero the output_note_commitment2 in two cases: - // - if the bridge interaction succeeded and returned a second output asset; or - // - if the bridge interaction failed and no second asset was ever sent to the bridge. - const bool_ct is_bridge_output_b_in_use = interaction_success && second_output_in_use; - const bool_ct was_bridge_input_b_in_use = !interaction_success && second_input_in_use; - - const bool_ct output_note_2_exists = is_bridge_output_b_in_use || was_bridge_input_b_in_use; - - output_note_commitment2 = output_note_commitment2 * output_note_2_exists; - } - - { - // Check claim note and interaction note are related. - claim_note.bridge_call_data.assert_equal(defi_interaction_note.bridge_call_data, - "note bridge call datas don't match"); - claim_note.defi_interaction_nonce.assert_equal(defi_interaction_note.interaction_nonce, - "note nonces don't match"); - } - - { - // Existence checks - - // Check claim note exists: - const bool_ct claim_exists = check_membership(data_root, - claim_note_path, - claim_note.commitment, - claim_note_index.value.decompose_into_bits(DATA_TREE_DEPTH)); - claim_exists.assert_equal(true, "claim note not a member"); - - // Check defi interaction note exists: - const bool_ct din_exists = check_membership(defi_root, - defi_interaction_note_path, - defi_interaction_note.commitment, - defi_note_index.value.decompose_into_bits(DEFI_TREE_DEPTH)); - din_exists.assert_equal(true, "defi interaction note not a member"); - } - - // Force unused public inputs to 0. - const field_ct public_value = witness_ct(&composer, 0); - const field_ct public_owner = witness_ct(&composer, 0); - const field_ct asset_id = witness_ct(&composer, 0); - const field_ct defi_deposit_value = witness_ct(&composer, 0); - const field_ct backward_link = witness_ct(&composer, 0); - const field_ct allow_chain = witness_ct(&composer, 0); - public_value.assert_is_zero(); - public_owner.assert_is_zero(); - asset_id.assert_is_zero(); - defi_deposit_value.assert_is_zero(); - backward_link.assert_is_zero(); - allow_chain.assert_is_zero(); - - // The following make up the public inputs to the circuit. - proof_id.set_public(); - output_note_commitment1.set_public(); - output_note_commitment2.set_public(); - nullifier1.set_public(); - nullifier2.set_public(); - public_value.set_public(); // 0 - public_owner.set_public(); // 0 - asset_id.set_public(); // 0 - data_root.set_public(); - claim_note.fee.set_public(); - claim_note_data.bridge_call_data_local.input_asset_id_a.set_public(); - claim_note.bridge_call_data.set_public(); - defi_deposit_value.set_public(); // 0 - defi_root.set_public(); - backward_link.set_public(); // 0 - allow_chain.set_public(); // 0 -} - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/claim_circuit.hpp b/cpp/src/aztec/rollup/proofs/claim/claim_circuit.hpp deleted file mode 100644 index 2e2d60ac29..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/claim_circuit.hpp +++ /dev/null @@ -1,15 +0,0 @@ -#pragma once -#include "claim_tx.hpp" -#include - -namespace rollup { -namespace proofs { -namespace claim { - -using namespace plonk::stdlib::types::turbo; - -void claim_circuit(Composer& composer, claim_tx const& tx); - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/claim_tx.hpp b/cpp/src/aztec/rollup/proofs/claim/claim_tx.hpp deleted file mode 100644 index da4f735e84..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/claim_tx.hpp +++ /dev/null @@ -1,117 +0,0 @@ -#pragma once -#include "../notes/native/asset_id.hpp" -#include "../notes/native/value/complete_partial_commitment.hpp" -#include "../notes/native/claim/claim_note.hpp" -#include "../notes/native/claim/compute_nullifier.hpp" -#include "../notes/native/defi_interaction/note.hpp" -#include "../notes/native/defi_interaction/compute_nullifier.hpp" -#include -#include - -namespace rollup { -namespace proofs { -namespace claim { - -using namespace plonk::stdlib::types::turbo; - -struct claim_tx { - fr data_root; - fr defi_root; - - uint32_t claim_note_index; - merkle_tree::fr_hash_path claim_note_path; - notes::native::claim::claim_note claim_note; - - uint32_t defi_note_index; - merkle_tree::fr_hash_path defi_interaction_note_path; - notes::native::defi_interaction::note defi_interaction_note; - - fr output_value_a; - fr output_value_b; - - bool operator==(claim_tx const&) const = default; - - std::array get_output_notes() - { - const auto virtual_flag = static_cast(1 << (MAX_NUM_ASSETS_BIT_LENGTH - 1)); - const auto bridge_call_data = notes::native::bridge_call_data::from_uint256_t(claim_note.bridge_call_data); - - const bool& success = defi_interaction_note.interaction_result; - - const bool first_output_virtual = notes::native::get_asset_id_flag(bridge_call_data.output_asset_id_a); - const bool second_output_virtual = notes::native::get_asset_id_flag(bridge_call_data.output_asset_id_b); - - const auto asset_id_a_good = first_output_virtual ? virtual_flag + defi_interaction_note.interaction_nonce - : bridge_call_data.output_asset_id_a; - const auto asset_id_b_good = second_output_virtual ? virtual_flag + defi_interaction_note.interaction_nonce - : bridge_call_data.output_asset_id_b; - - const auto& asset_id_a_bad = bridge_call_data.input_asset_id_a; - const auto& asset_id_b_bad = bridge_call_data.input_asset_id_b; - - const auto asset_id_a = success ? asset_id_a_good : asset_id_a_bad; - const auto asset_id_b = success ? asset_id_b_good : asset_id_b_bad; - - auto output_note_a = notes::native::value::complete_partial_commitment( - claim_note.value_note_partial_commitment, - success ? output_value_a : fr(claim_note.deposit_value), - asset_id_a, - notes::native::claim::compute_nullifier(claim_note.commit())); - - auto output_note_b = notes::native::value::complete_partial_commitment( - claim_note.value_note_partial_commitment, - success ? output_value_b : fr(claim_note.deposit_value), - asset_id_b, - notes::native::defi_interaction::compute_nullifier(defi_interaction_note.commit(), claim_note.commit())); - - bool has_output_two = (success && bridge_call_data.config.second_output_in_use) || - (!success && bridge_call_data.config.second_input_in_use); - return { output_note_a, has_output_two ? output_note_b : 0 }; - } -}; - -template inline void read(B& buf, claim_tx& tx) -{ - using serialize::read; - read(buf, tx.data_root); - read(buf, tx.defi_root); - read(buf, tx.claim_note_index); - read(buf, tx.claim_note_path); - read(buf, tx.claim_note); - read(buf, tx.defi_note_index); - read(buf, tx.defi_interaction_note_path); - read(buf, tx.defi_interaction_note); - read(buf, tx.output_value_a); - read(buf, tx.output_value_b); -} - -template inline void write(B& buf, claim_tx const& tx) -{ - using serialize::write; - write(buf, tx.data_root); - write(buf, tx.defi_root); - write(buf, tx.claim_note_index); - write(buf, tx.claim_note_path); - write(buf, tx.claim_note); - write(buf, tx.defi_note_index); - write(buf, tx.defi_interaction_note_path); - write(buf, tx.defi_interaction_note); - write(buf, tx.output_value_a); - write(buf, tx.output_value_b); -} - -inline std::ostream& operator<<(std::ostream& os, claim_tx const& tx) -{ - return os << "data_root: " << tx.data_root << "\n" - << "defi_root: " << tx.defi_root << "\n" - << "claim_note_index: " << tx.claim_note_index << "\n" - << "claim_note_path: " << tx.claim_note_path << "\n" - << "defi_note_index: " << tx.defi_note_index << "\n" - << "interaction_note_path: " << tx.defi_interaction_note_path << "\n" - << "output_value_a: " << tx.output_value_a << "\n" - << "output_value_b: " << tx.output_value_b << "\n"; -} - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/claim_tx.test.cpp b/cpp/src/aztec/rollup/proofs/claim/claim_tx.test.cpp deleted file mode 100644 index 4d2e8f25d9..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/claim_tx.test.cpp +++ /dev/null @@ -1,43 +0,0 @@ -#include "claim_tx.hpp" -#include "../notes/native/claim/claim_note.hpp" -#include -#include -#include - -using namespace barretenberg; -using namespace rollup::proofs::claim; - -TEST(client_proofs_claim_tx, test_serialization) -{ - claim_tx tx; - tx.data_root = fr::random_element(); - tx.defi_root = fr::random_element(); - tx.claim_note_index = 1; - tx.claim_note_path = merkle_tree::fr_hash_path(32, std::make_pair(fr::random_element(), fr::random_element())); - - tx.claim_note.bridge_call_data = 123; - tx.claim_note.defi_interaction_nonce = 234; - tx.claim_note.deposit_value = 345; - tx.claim_note.fee = 0; - tx.claim_note.value_note_partial_commitment = fr::random_element(); - tx.claim_note.input_nullifier = fr::random_element(); - - tx.defi_interaction_note_path = - merkle_tree::fr_hash_path(32, std::make_pair(fr::random_element(), fr::random_element())); - - tx.defi_interaction_note.bridge_call_data = 456; - tx.defi_note_index = 64; - tx.defi_interaction_note.interaction_nonce = 567; - tx.defi_interaction_note.total_input_value = 678; - tx.defi_interaction_note.total_output_value_a = 789; - tx.defi_interaction_note.total_output_value_b = 890; - tx.defi_interaction_note.interaction_result = 1; - - tx.output_value_a = 888; - tx.output_value_b = 999; - - auto buffer = to_buffer(tx); - auto tx2 = from_buffer(buffer.data()); - - EXPECT_EQ(tx, tx2); -} diff --git a/cpp/src/aztec/rollup/proofs/claim/claim_tx_factory.hpp b/cpp/src/aztec/rollup/proofs/claim/claim_tx_factory.hpp deleted file mode 100644 index e09f977f4c..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/claim_tx_factory.hpp +++ /dev/null @@ -1,48 +0,0 @@ -#pragma once -#include "get_circuit_data.hpp" -#include "claim_tx.hpp" -#include "../../fixtures/user_context.hpp" - -namespace rollup { -namespace proofs { -namespace claim { - -using namespace notes::native::value; - -template class ClaimTxFactory { - public: - ClaimTxFactory(WorldState& world_state, fixtures::user_context const& user) - : world_state(world_state) - , user(user) - {} - - auto create_claim_tx(barretenberg::fr const& defi_root, - uint32_t claim_note_index, - uint32_t defi_note_index, - notes::native::claim::claim_note const& claim_note, - notes::native::defi_interaction::note const& defi_interaction_note) - { - claim_tx tx; - tx.data_root = world_state.data_tree.root(); - tx.defi_root = defi_root; - tx.claim_note_index = claim_note_index; - tx.claim_note_path = world_state.data_tree.get_hash_path(claim_note_index); - tx.claim_note = claim_note; - tx.defi_note_index = defi_note_index; - tx.defi_interaction_note_path = world_state.defi_tree.get_hash_path(defi_note_index); - tx.defi_interaction_note = defi_interaction_note; - tx.output_value_a = claim_note.deposit_value * defi_interaction_note.total_output_value_a / - defi_interaction_note.total_input_value; - tx.output_value_b = claim_note.deposit_value * defi_interaction_note.total_output_value_b / - defi_interaction_note.total_input_value; - return tx; - } - - private: - WorldState& world_state; - fixtures::user_context const& user; -}; - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/create_proof.hpp b/cpp/src/aztec/rollup/proofs/claim/create_proof.hpp deleted file mode 100644 index b372775f60..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/create_proof.hpp +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once -#include "get_circuit_data.hpp" -#include "claim_circuit.hpp" - -namespace rollup { -namespace proofs { -namespace claim { - -inline std::vector create_proof(claim_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - - claim_circuit(composer, tx); - - if (composer.failed) { - info("Claim circuit logic failed: ", composer.err); - } - - auto prover = composer.create_unrolled_prover(); - auto proof = prover.construct_proof(); - - return proof.proof_data; -} - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/get_circuit_data.hpp b/cpp/src/aztec/rollup/proofs/claim/get_circuit_data.hpp deleted file mode 100644 index 5e0e231fa9..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/get_circuit_data.hpp +++ /dev/null @@ -1,35 +0,0 @@ -#pragma once -#include "claim_tx.hpp" -#include "claim_circuit.hpp" -#include -#include -#include -#include "../compute_circuit_data.hpp" -#include "../../constants.hpp" - -namespace rollup { -namespace proofs { -namespace claim { - -using namespace plonk::stdlib::merkle_tree; - -using circuit_data = proofs::circuit_data; - -inline circuit_data get_circuit_data(std::shared_ptr const& srs, bool mock = false) -{ - std::cerr << "Getting claim circuit data..." << std::endl; - - auto build_circuit = [&](Composer& composer) { - claim_tx claim_tx; - claim_tx.claim_note_path.resize(DATA_TREE_DEPTH); - claim_tx.defi_interaction_note_path.resize(DEFI_TREE_DEPTH); - claim_circuit(composer, claim_tx); - }; - - return proofs::get_circuit_data( - "claim", "", srs, "", true, false, false, true, true, false, mock, build_circuit); -} - -} // namespace claim -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/claim/index.hpp b/cpp/src/aztec/rollup/proofs/claim/index.hpp deleted file mode 100644 index aed6307ce2..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/index.hpp +++ /dev/null @@ -1,8 +0,0 @@ -#pragma once -#include "claim_circuit.hpp" -#include "claim_tx_factory.hpp" -#include "claim_tx.hpp" -#include "create_proof.hpp" -#include "get_circuit_data.hpp" -#include "ratio_check.hpp" -#include "verify.hpp" \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/claim/ratio_check.hpp b/cpp/src/aztec/rollup/proofs/claim/ratio_check.hpp deleted file mode 100644 index f90b0fba2b..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/ratio_check.hpp +++ /dev/null @@ -1,160 +0,0 @@ -#pragma once -#include "claim_tx.hpp" -#include - -namespace rollup { -namespace proofs { -namespace claim { - -using namespace plonk::stdlib::types::turbo; - -struct ratios { - field_ct a1; - field_ct a2; - field_ct b1; - field_ct b2; - - // Get residual of a1 * b2 (mod a2) - // Notice, it'll be 0 if a1 * b2 == k * a2 for some k. - field_ct get_residual(Composer& composer) const - { - uint256_t a1_v = a1.get_value(); - uint256_t a2_v = a2.get_value(); - uint256_t b2_v = b2.get_value(); - - if (a2_v != 0) { - uint256_t remainder = ((uint512_t(b2_v) * uint512_t(a1_v)) % a2_v).lo; - - field_ct residual = witness_ct(&composer, remainder); - return residual; - } else { - return witness_ct(&composer, 0); - } - } -}; - -// Validate that a1 * b1 == a2 * b2 , when (a1, b1, a2, b2) are treated as Integers -inline bool_ct product_check(Composer& composer, - const field_ct& a1, - const field_ct& b1, - const field_ct& a2, - const field_ct& b2, - const field_ct& residual = 0) -{ - constexpr barretenberg::fr shift_1 = barretenberg::fr(uint256_t(1) << 68); - constexpr barretenberg::fr shift_2 = barretenberg::fr(uint256_t(1) << (68 * 2)); - constexpr barretenberg::fr shift_3 = barretenberg::fr(uint256_t(1) << (68 * 3)); - - // Split a field_t element into 4 68-bit limbs - const auto split_into_limbs = [&composer, &shift_1, &shift_2, &shift_3](const field_ct& input) { - const uint256_t value = input.get_value(); - - const uint256_t t0 = value.slice(0, 68); - const uint256_t t1 = value.slice(68, 136); - const uint256_t t2 = value.slice(136, 204); - const uint256_t t3 = value.slice(204, 272); - - std::array limbs{ - witness_ct(&composer, t0), - witness_ct(&composer, t1), - witness_ct(&composer, t2), - witness_ct(&composer, t3), - }; - - field_ct limb_sum_1 = limbs[0].add_two(limbs[1] * shift_1, limbs[2] * shift_2); - field_ct limb_sum_2 = input - (limbs[3] * shift_3); - limb_sum_1.assert_equal(limb_sum_2); - - limbs[0].create_range_constraint(68); - limbs[1].create_range_constraint(68); - limbs[2].create_range_constraint(68); - limbs[3].create_range_constraint(68); - - return limbs; - }; - - const auto left_1 = split_into_limbs(a1); - const auto left_2 = split_into_limbs(a2); - const auto right_1 = split_into_limbs(b1); - const auto right_2 = split_into_limbs(b2); - const auto residual_limbs = split_into_limbs(residual); - - // takes a [204-208]-bit limb and splits it into a low 136-bit limb and a high 72-bit limb - const auto split_out_carry_term = [&composer, &shift_2](const field_ct& limb) { - const uint256_t limb_val = limb.get_value(); - - const uint256_t lo_val = limb_val.slice(0, 68 * 2); - const uint256_t hi_val = limb_val.slice(68 * 2, 256); - - const field_ct lo(witness_ct(&composer, lo_val)); - const field_ct hi(witness_ct(&composer, hi_val)); - - lo.create_range_constraint(68 * 2); - hi.create_range_constraint(72); // allow for 4 overflow bits - - limb.assert_equal(lo + (hi * shift_2)); - - return std::array{ lo, hi }; - }; - - // Use schoolbook multiplication algorithm to multiply 2 4-limbed values together, then convert result into 4 - // 2-limb values (with limbs twice the size) that do not overlap - const auto compute_product_limbs = [&split_out_carry_term, &shift_1](const std::array& left, - const std::array& right, - const std::array& to_add, - const bool use_residual = false) { - // a = left[0] * right[0]; - const field_ct b = left[0].madd(right[1], left[1] * right[0]); - const field_ct c = left[0].madd(right[2], left[1].madd(right[1], left[2] * right[0])); - const field_ct d = left[0].madd(right[3], left[1].madd(right[2], left[2].madd(right[1], left[3] * right[0]))); - const field_ct e = left[1].madd(right[3], left[2].madd(right[2], left[3] * right[1])); - const field_ct f = left[2].madd(right[3], left[3] * right[2]); - // g = left[3] * right[3]; - - if (use_residual) { - const auto t0 = - split_out_carry_term(to_add[0] + left[0].madd(right[0], (b * shift_1) + to_add[1] * shift_1)); - const auto r0 = t0[0]; - const auto t1 = split_out_carry_term(t0[1].add_two(c + to_add[2], to_add[3] * shift_1 + d * shift_1)); - const auto r1 = t1[0]; - const auto t2 = split_out_carry_term(t1[1].add_two(e, f * shift_1)); - const auto r2 = t2[0]; - const auto r3 = left[3].madd(right[3], t2[1]); - return std::array{ r0, r1, r2, r3 }; - } - const auto t0 = split_out_carry_term(left[0].madd(right[0], (b * shift_1))); - const auto r0 = t0[0]; - const auto t1 = split_out_carry_term(t0[1].add_two(c, d * shift_1)); - const auto r1 = t1[0]; - const auto t2 = split_out_carry_term(t1[1].add_two(e, f * shift_1)); - const auto r2 = t2[0]; - const auto r3 = left[3].madd(right[3], t2[1]); - return std::array{ r0, r1, r2, r3 }; - }; - - const auto lhs = compute_product_limbs(left_1, right_1, { 0, 0, 0, 0 }, false); - const auto rhs = compute_product_limbs(left_2, right_2, residual_limbs, true); - - bool_ct balanced(&composer, true); - for (size_t i = 0; i < 4; ++i) { - balanced = balanced && lhs[i] == rhs[i]; - } - - return balanced; -} - -/** - * Will return true if the ratios are the same, false if not or if either denominator is 0. - * Effectively: a1 / a2 == b1 / b2 - */ -inline bool_ct ratio_check(Composer& composer, ratios const& ratios) -{ - const field_ct residual = ratios.get_residual(composer); - - return (ratios.a2 != 0) && (ratios.b2 != 0) && - product_check(composer, ratios.a1, ratios.b2, ratios.b1, ratios.a2, residual); -} - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/ratio_check.test.cpp b/cpp/src/aztec/rollup/proofs/claim/ratio_check.test.cpp deleted file mode 100644 index 406ed5e68e..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/ratio_check.test.cpp +++ /dev/null @@ -1,271 +0,0 @@ -#include "ratio_check.hpp" -#include -#include - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; -using namespace rollup::proofs::claim; - -namespace { -auto& engine = numeric::random::get_debug_engine(); -} // namespace - -// Testing a1 * b1 == a2 * b2 passes for valid ratios. -TEST(ratio_check, product_check) -{ - uint256_t a1 = engine.get_random_uint256(); - a1.data[3] = a1.data[3] & 0x0fffffffffffffffULL; // 60-bits - - uint256_t b1 = engine.get_random_uint256(); - b1.data[3] = b1.data[3] & 0x0fffffffffffffffULL; // 60-bits - b1.data[0] = b1.data[0] & 0xfffffffffffffffeULL; // 64-bits (lsb zero) - - // Halve & double to retain same ratio on RHS. - uint256_t a2 = a1 << 1; - uint256_t b2 = b1 >> 1; - - uint512_t test_left = uint512_t(a1) * uint512_t(b1); - uint512_t test_right = uint512_t(a2) * uint512_t(b2); - EXPECT_EQ(test_left, test_right); - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct left1(witness_ct(&composer, a1)); - field_ct right1(witness_ct(&composer, b1)); - field_ct left2(witness_ct(&composer, a2)); - field_ct right2(witness_ct(&composer, b2)); - - auto result = product_check(composer, left1, right1, left2, right2, witness_ct(&composer, 0)); - result.assert_equal(true); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -// Testing a1 * b1 == a2 * b2 passes with a zero term on each side. -TEST(ratio_check, product_check_with_zeros) -{ - uint256_t a = 10; - uint256_t b = 0; - uint256_t c = 5; - uint256_t d = 0; - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct b1(witness_ct(&composer, b)); - field_ct a2(witness_ct(&composer, c)); - field_ct b2(witness_ct(&composer, d)); - - auto result = product_check(composer, a1, b1, a2, b2, witness_ct(&composer, 0)); - result.assert_equal(true); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(ratio_check, ratio_check) -{ - uint256_t a = engine.get_random_uint256(); - a.data[3] = a.data[3] & 0x0fffffffffffffffULL; // 60-bits - uint256_t b = engine.get_random_uint256(); - b.data[3] = b.data[3] & 0x0fffffffffffffffULL; // 60-bits - uint256_t c; - while (c == 0) { - c = engine.get_random_uint256(); // it'll 'never' happen, but just in case it's 0, try again. - } - c.data[3] = c.data[3] & 0x0fffffffffffffffULL; // 60-bits - - // Notice: if b > c, then (b/c) > 1, so in the equation below, a * (b / c) can overflow 256-bits if `a` is - // sufficiently big. - // This check is done within the circuit by checking total_in >= user_in. - if (b > c) { - std::swap(b, c); - } - - const uint256_t d = ((uint512_t(a) * uint512_t(b)) / uint512_t(c)).lo; - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct a2(witness_ct(&composer, c)); - field_ct b1(witness_ct(&composer, d)); - field_ct b2(witness_ct(&composer, b)); - - // Above, we calculated d = (a * b) / c. - // Accounting for the renamings, that is, b1 = (a1 * b2) / a2. - // We want to check that a1 * b2 == b1 * a2. - ratios ratios{ a1, a2, b1, b2 }; - auto result = ratio_check(composer, ratios); - result.assert_equal(true); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(ratio_check, bad_ratio_check) -{ - uint256_t a = 100; - uint256_t b = 10; - uint256_t c = 200; - uint256_t d = 21; - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct a2(witness_ct(&composer, b)); - field_ct b1(witness_ct(&composer, c)); - field_ct b2(witness_ct(&composer, d)); - - ratios ratios{ a1, a2, b1, b2 }; - auto result = ratio_check(composer, ratios); - result.assert_equal(false); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(ratio_check, zero_denominator_a2_returns_false) -{ - uint256_t a = 10; - uint256_t b = 1; - uint256_t c = 5; - uint256_t d = 0; - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct a2(witness_ct(&composer, d)); - field_ct b1(witness_ct(&composer, c)); - field_ct b2(witness_ct(&composer, b)); - - ratios ratios{ a1, a2, b1, b2 }; - auto result = ratio_check(composer, ratios); - result.assert_equal(false); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(ratio_check, zero_denominator_b2_returns_false) -{ - uint256_t a = 10; - uint256_t b = 0; - uint256_t c = 5; - uint256_t d = 1; - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct a2(witness_ct(&composer, d)); - field_ct b1(witness_ct(&composer, c)); - field_ct b2(witness_ct(&composer, b)); - - ratios ratios{ a1, a2, b1, b2 }; - auto result = ratio_check(composer, ratios); - result.assert_equal(false); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(ratio_check, zero_denominator_both_returns_false) -{ - uint256_t a = 10; - uint256_t b = 0; - uint256_t c = 5; - uint256_t d = 0; - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct a2(witness_ct(&composer, d)); - field_ct b1(witness_ct(&composer, c)); - field_ct b2(witness_ct(&composer, b)); - - ratios ratios{ a1, a2, b1, b2 }; - auto result = ratio_check(composer, ratios); - result.assert_equal(false); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(ratio_check, field_modulus_overflow_fails) -{ - uint256_t a = 1; - uint256_t b = 1; - uint256_t c = 2; - // uint256_t d = 10944121435919637611123202872628637544274182200208017171849102093287904247809; // = 2^(-1) - uint256_t d(0xA1F0FAC9F8000001ULL, 0x9419F4243CDCB848ULL, 0xDC2822DB40C0AC2EULL, 0x183227397098D014ULL); // = 2^(-1) - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct a2(witness_ct(&composer, d)); - field_ct b1(witness_ct(&composer, c)); - field_ct b2(witness_ct(&composer, b)); - - // We want to check that a * b == c * d. - // Or, renamed: a1 * b2 == b1 * a2. - ratios ratios{ a1, a2, b1, b2 }; - auto result = ratio_check(composer, ratios); - result.assert_equal(false); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} - -TEST(ratio_check, field_modulus_overflow_with_biggest_numbers_possible_fails) -{ - // field modulus - uint256_t r(0x43E1F593F0000001ULL, 0x2833E84879B97091ULL, 0xB85045B68181585DULL, 0x30644E72E131A029ULL); - - uint256_t a = 1; - uint256_t b = 1; - uint256_t c = r - 1; - uint256_t d = r - 1; - - waffle::TurboComposer composer = waffle::TurboComposer(); - - field_ct a1(witness_ct(&composer, a)); - field_ct a2(witness_ct(&composer, d)); - field_ct b1(witness_ct(&composer, c)); - field_ct b2(witness_ct(&composer, b)); - - // We want to check that a * b == c * d. - // Or, renamed: a1 * b2 == b1 * a2. - ratios ratios{ a1, a2, b1, b2 }; - auto result = ratio_check(composer, ratios); - result.assert_equal(false); - - waffle::TurboProver prover = composer.create_prover(); - waffle::TurboVerifier verifier = composer.create_verifier(); - waffle::plonk_proof proof = prover.construct_proof(); - bool proof_result = verifier.verify_proof(proof); - EXPECT_EQ(proof_result, true); -} \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/claim/verify.cpp b/cpp/src/aztec/rollup/proofs/claim/verify.cpp deleted file mode 100644 index e427e84c9d..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/verify.cpp +++ /dev/null @@ -1,45 +0,0 @@ -#include "./verify.hpp" -#include "claim_circuit.hpp" - -namespace rollup { -namespace proofs { -namespace claim { -static std::shared_ptr verification_key; -static size_t number_of_gates; - -namespace { -verify_result build_circuit(Composer& composer, claim_tx& tx, circuit_data const&) -{ - verify_result result; - claim_circuit(composer, tx); - number_of_gates = composer.get_num_gates(); - return result; -} -} // namespace - -verify_result verify_logic(claim_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - verification_key = composer.circuit_verification_key; - return verify_logic_internal(composer, tx, cd, "claim", build_circuit); -} - -verify_result verify(claim_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_internal(composer, tx, cd, "claim", true, build_circuit); -} - -std::shared_ptr get_verification_key() -{ - return verification_key; -} - -size_t get_number_of_gates() -{ - return number_of_gates; -} - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/claim/verify.hpp b/cpp/src/aztec/rollup/proofs/claim/verify.hpp deleted file mode 100644 index 5208ec6b61..0000000000 --- a/cpp/src/aztec/rollup/proofs/claim/verify.hpp +++ /dev/null @@ -1,22 +0,0 @@ -#pragma once -#include "../verify.hpp" -#include "./get_circuit_data.hpp" -#include - -namespace rollup { -namespace proofs { -namespace claim { - -using namespace plonk::stdlib::types::turbo; - -verify_result verify_logic(claim_tx& tx, circuit_data const& cd); - -verify_result verify(claim_tx& tx, circuit_data const& cd); - -std::shared_ptr get_verification_key(); - -size_t get_number_of_gates(); - -} // namespace claim -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/join_split/c_bind.h b/cpp/src/aztec/rollup/proofs/join_split/c_bind.h index b664808914..d952c2af6c 100644 --- a/cpp/src/aztec/rollup/proofs/join_split/c_bind.h +++ b/cpp/src/aztec/rollup/proofs/join_split/c_bind.h @@ -4,23 +4,6 @@ extern "C" { -WASM_EXPORT void join_split__init_proving_key(bool mock); - -WASM_EXPORT void join_split__init_proving_key_from_buffer(uint8_t const* pk_buf); - WASM_EXPORT uint32_t join_split__get_new_proving_key_data(uint8_t** output); -WASM_EXPORT void join_split__init_verification_key(void* pippenger, uint8_t const* g2x); - -WASM_EXPORT void join_split__init_verification_key_from_buffer(uint8_t const* vk_buf, uint8_t const* g2x); - -WASM_EXPORT uint32_t join_split__get_new_verification_key_data(uint8_t** output); - -WASM_EXPORT void join_split__compute_signing_data(uint8_t const* join_split_tx_buf, uint8_t* output); - -WASM_EXPORT void* join_split__new_prover(uint8_t const* join_split_buf, bool mock); - -WASM_EXPORT void join_split__delete_prover(void* prover); - -WASM_EXPORT bool join_split__verify_proof(uint8_t* proof, uint32_t length); } diff --git a/cpp/src/aztec/rollup/proofs/join_split/index.hpp b/cpp/src/aztec/rollup/proofs/join_split/index.hpp index b8852f3619..1dc4520357 100644 --- a/cpp/src/aztec/rollup/proofs/join_split/index.hpp +++ b/cpp/src/aztec/rollup/proofs/join_split/index.hpp @@ -4,7 +4,6 @@ #include "create_noop_join_split_proof.hpp" #include "create_proof.hpp" #include "join_split_circuit.hpp" -#include "join_split_tx_factory.hpp" #include "join_split_tx.hpp" #include "join_split.hpp" #include "sign_join_split_tx.hpp" diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_tx.test.cpp b/cpp/src/aztec/rollup/proofs/join_split/join_split_tx.test.cpp index 019ea29269..075c731273 100644 --- a/cpp/src/aztec/rollup/proofs/join_split/join_split_tx.test.cpp +++ b/cpp/src/aztec/rollup/proofs/join_split/join_split_tx.test.cpp @@ -1,6 +1,5 @@ #include "../../fixtures/user_context.hpp" -#include "c_bind.h" #include "join_split.hpp" #include diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_tx_factory.hpp b/cpp/src/aztec/rollup/proofs/join_split/join_split_tx_factory.hpp deleted file mode 100644 index 76a0e87439..0000000000 --- a/cpp/src/aztec/rollup/proofs/join_split/join_split_tx_factory.hpp +++ /dev/null @@ -1,204 +0,0 @@ -#pragma once -#include "compute_circuit_data.hpp" -#include "../../fixtures/user_context.hpp" -#include "../notes/native/index.hpp" - -namespace rollup { -namespace proofs { -namespace join_split { - -using namespace notes::native; - -template class JoinSplitTxFactory { - public: - JoinSplitTxFactory(WorldState& world_state, fixtures::user_context const& user) - : world_state(world_state) - , user(user) - {} - - auto create_join_split_tx(std::vector in_idx, - std::vector in_value, - std::array out_value, - uint256_t public_input = 0, - uint256_t public_output = 0, - uint32_t account_note_idx = 0, - uint32_t asset_id = 0, - bool account_required = 0, - uint32_t virtual_asset_id = 0) - { - auto num_inputs = in_idx.size(); - auto sender = user.owner.public_key; - auto receiver = user.owner.public_key; - - auto asset_id2 = (virtual_asset_id >> (MAX_NUM_ASSETS_BIT_LENGTH - 1)) == 1 ? virtual_asset_id : asset_id; - value::value_note input_note1 = { - .value = 0, - .asset_id = asset_id, - .account_required = account_required, - .owner = sender, - .secret = fr::random_element(), - .creator_pubkey = 0, - .input_nullifier = fr::random_element(), - }; - value::value_note input_note2 = { - .value = 0, - .asset_id = asset_id2, - .account_required = account_required, - .owner = sender, - .secret = fr::random_element(), - .creator_pubkey = 0, - .input_nullifier = fr::random_element(), - }; - - switch (num_inputs) { - case 0: - in_idx = { 0, 1 }; - break; - case 1: - in_idx.resize(2); - in_idx[1] = in_idx[0] + 1; // Not used, can't be the same as in_idx[0]. - input_note1 = { - .value = in_value[0], - .asset_id = asset_id, - .account_required = account_required, - .owner = sender, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = world_state.input_nullifiers[in_idx[0]], - }; - input_note2 = { - .value = 0, - .asset_id = asset_id, - .account_required = account_required, - .owner = sender, - .secret = fr::random_element(), - .creator_pubkey = 0, - .input_nullifier = fr::random_element(), - }; - break; - case 2: - input_note1 = { - .value = in_value[0], - .asset_id = asset_id, - .account_required = account_required, - .owner = sender, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = world_state.input_nullifiers[in_idx[0]], - }; - input_note2 = { - .value = in_value[1], - .asset_id = asset_id2, - .account_required = account_required, - .owner = sender, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = world_state.input_nullifiers[in_idx[1]], - }; - break; - } - - value::value_note output_note1 = { - .value = out_value[0], - .asset_id = asset_id, - .account_required = account_required, - .owner = receiver, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = fr(0), - }; - value::value_note output_note2 = { - .value = out_value[1], - .asset_id = asset_id, - .account_required = account_required, - .owner = sender, - .secret = user.note_secret, - .creator_pubkey = 0, - .input_nullifier = fr(0), - }; - notes::native::claim::partial_claim_note_data partial_claim_note = { 0, 0, user.note_secret, fr(0) }; - - auto get_proof_id = [&]() -> uint32_t { - if (partial_claim_note.deposit_value > 0) { - return ProofIds::DEFI_DEPOSIT; - } - if (public_input > 0) { - return ProofIds::DEPOSIT; - } - if (public_output > 0) { - return ProofIds::WITHDRAW; - } - return ProofIds::SEND; - }; - - join_split_tx tx; - tx.proof_id = get_proof_id(); - if (tx.proof_id == ProofIds::DEPOSIT) { - tx.public_value = public_input; - } - if (tx.proof_id == ProofIds::WITHDRAW) { - tx.public_value = public_output; - } - tx.public_owner = tx.public_value ? fr::random_element() : fr::zero(); - tx.asset_id = asset_id; - tx.num_input_notes = static_cast(num_inputs); - tx.input_index = { in_idx[0], in_idx[1] }; - tx.old_data_root = world_state.data_tree.root(); - tx.input_path = { world_state.data_tree.get_hash_path(in_idx[0]), - world_state.data_tree.get_hash_path(in_idx[1]) }; - tx.input_note = { input_note1, input_note2 }; - tx.output_note = { output_note1, output_note2 }; - tx.account_note_index = account_note_idx; - tx.account_note_path = world_state.data_tree.get_hash_path(account_note_idx); - tx.signing_pub_key = user.signing_keys[0].public_key; - tx.account_private_key = user.owner.private_key; - tx.alias_hash = 0; - tx.account_required = account_required; - tx.partial_claim_note = partial_claim_note; - tx.backward_link = fr::zero(); - tx.allow_chain = 0; - - return tx; - } - - /** - * Performs any final stage fixed processing for the tx data. - * Computes the nullifiers for the input notes, and sets the results as the input nullifiers on the output notes. - * Computes and sets the signature. - */ - void finalise_and_sign_tx(join_split_tx& tx, fixtures::grumpkin_key_pair const& signer) - { - auto num_inputs = tx.num_input_notes; - auto input_nullifier1 = compute_nullifier(tx.input_note[0].commit(), user.owner.private_key, num_inputs > 0); - auto input_nullifier2 = compute_nullifier(tx.input_note[1].commit(), user.owner.private_key, num_inputs > 1); - tx.output_note[0].input_nullifier = input_nullifier1; - tx.output_note[1].input_nullifier = input_nullifier2; - tx.partial_claim_note.input_nullifier = tx.proof_id == ProofIds::DEFI_DEPOSIT ? input_nullifier1 : 0; - tx.signature = sign_join_split_tx(tx, signer); - } - - auto create_defi_deposit_tx(std::vector in_note_indices, - std::vector in_note_values, - std::array out_note_values, - uint256_t bridge_call_data, - uint32_t asset_id = 0, - uint32_t virtual_asset_id = 0) - { - auto tx = create_join_split_tx( - in_note_indices, in_note_values, out_note_values, 0, 0, 0, asset_id, 0, virtual_asset_id); - tx.proof_id = ProofIds::DEFI_DEPOSIT; - tx.partial_claim_note.bridge_call_data = bridge_call_data; - tx.partial_claim_note.deposit_value = tx.output_note[0].value; - tx.partial_claim_note.note_secret = user.note_secret; - tx.output_note[0].value = 0; - return tx; - } - - private: - WorldState& world_state; - fixtures::user_context const& user; -}; - -} // namespace join_split -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/rollup/CMakeLists.txt deleted file mode 100644 index cd711bef72..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/CMakeLists.txt +++ /dev/null @@ -1,5 +0,0 @@ -barretenberg_module( - rollup_proofs_tx_rollup - rollup_proofs_account - rollup_proofs_claim - rollup_proofs_join_split) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/rollup/compute_circuit_data.hpp b/cpp/src/aztec/rollup/proofs/rollup/compute_circuit_data.hpp deleted file mode 100644 index e0b2e9013f..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/compute_circuit_data.hpp +++ /dev/null @@ -1,85 +0,0 @@ -#pragma once -#include "create_rollup_tx.hpp" -#include "rollup_circuit.hpp" -#include "../compute_circuit_data.hpp" -#include "../join_split/index.hpp" -#include "../account/index.hpp" -#include "../claim/index.hpp" -#include -#include - -namespace rollup { -namespace proofs { -namespace rollup { - -struct circuit_data : proofs::circuit_data { - size_t rollup_size; - size_t num_txs; - std::vector> verification_keys; - join_split::circuit_data join_split_circuit_data; -}; - -inline circuit_data get_circuit_data(size_t rollup_size, - join_split::circuit_data const& join_split_circuit_data, - account::circuit_data const& account_circuit_data, - claim::circuit_data const& claim_circuit_data, - std::shared_ptr const& srs, - std::string const& key_path, - bool compute = true, - bool save = true, - bool load = true, - bool pk = true, - bool vk = true, - bool mock = false) -{ - auto floor_max_txs = 1UL << numeric::get_msb(rollup_size); - auto rollup_size_pow2 = rollup_size == floor_max_txs ? rollup_size : floor_max_txs << 1UL; - std::cerr << "Getting tx rollup circuit data: (txs: " << rollup_size << ", size: " << rollup_size_pow2 << ")" - << std::endl; - auto name = "rollup_" + std::to_string(rollup_size); - auto verification_keys = { join_split_circuit_data.verification_key, // padding - join_split_circuit_data.verification_key, // deposit - join_split_circuit_data.verification_key, // withdraw - join_split_circuit_data.verification_key, // send - account_circuit_data.verification_key, - join_split_circuit_data.verification_key, // defi deposit - claim_circuit_data.verification_key }; - - auto build_circuit = [&](Composer& composer) { - auto rollup = create_padding_rollup(rollup_size, join_split_circuit_data.padding_proof); - rollup_circuit(composer, rollup, verification_keys, rollup_size); - }; - - auto cd = - proofs::get_circuit_data("tx rollup", - name, - srs, - key_path, - compute, - save, - load, - pk, - vk, - true, - mock, - build_circuit, - " " + std::to_string(rollup_size) + "x" + std::to_string(rollup_size_pow2)); - - circuit_data data; - data.num_gates = cd.num_gates; - data.padding_proof = cd.padding_proof; - data.proving_key = cd.proving_key; - data.verification_key = cd.verification_key; - data.verification_keys = verification_keys; - data.num_txs = rollup_size; - data.rollup_size = rollup_size_pow2; - data.join_split_circuit_data = join_split_circuit_data; - data.srs = cd.srs; - data.mock = cd.mock; - - return data; -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/create_rollup_tx.hpp b/cpp/src/aztec/rollup/proofs/rollup/create_rollup_tx.hpp deleted file mode 100644 index 4ecea3fefa..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/create_rollup_tx.hpp +++ /dev/null @@ -1,270 +0,0 @@ -#pragma once -#include "rollup_tx.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../../constants.hpp" -#include "../../world_state/world_state.hpp" -#include "../notes/native/claim/index.hpp" -#include - -namespace rollup { -namespace proofs { -namespace rollup { - -using WorldState = world_state::WorldState; - -/** - * If `rollup` does not contain a full set of txs, we need to grow it with padding data. - * This involves using the padding proof, which will always pass verification, but has garbage inputs. - * The nullifier checks for padding proofs will actually check that index 0 "updates" from 0 to 0. - * This requires the 0 index hash path for the padding proofs, passed as the last entry in the nullifier vectors. - * This function grows the vectors to their full size. - */ -inline void pad_rollup_tx(rollup_tx& rollup, size_t rollup_size, std::vector const& padding_proof) -{ - rollup.txs.resize(rollup_size, padding_proof); - - rollup.linked_commitment_paths.resize( - rollup_size, fr_hash_path(DATA_TREE_DEPTH, std::make_pair(fr::random_element(), fr::random_element()))); - rollup.linked_commitment_indices.resize(rollup_size, 0); - - rollup.new_null_roots.resize(rollup_size * 2, rollup.new_null_roots.back()); - rollup.old_null_paths.resize(rollup_size * 2, rollup.old_null_paths.back()); - - rollup.data_roots_paths.resize(rollup_size, rollup.data_roots_paths.back()); - rollup.data_roots_indicies.resize(rollup_size, 0); - - rollup.num_defi_interactions = rollup.bridge_call_datas.size(); - rollup.bridge_call_datas.resize(NUM_BRIDGE_CALLS_PER_BLOCK); - rollup.num_asset_ids = rollup.asset_ids.size(); - rollup.asset_ids.resize(NUM_ASSETS); -} - -/** - * Creates a rollup_tx with the minimal amount of data to create valid empty rollup. - * Must be padded with a call to `pad_rollup_tx()` before being given to the circuit. - */ -template inline rollup_tx create_empty_rollup(T& world_state) -{ - // Compute data tree data. - auto num_txs = 0U; - auto data_start_index = 0U; - auto data_root = world_state.data_tree.root(); - auto zero_data_path = world_state.data_tree.get_hash_path(0); - auto null_root = world_state.null_tree.root(); - auto zero_null_path = world_state.null_tree.get_hash_path(0); - auto roots_root = world_state.root_tree.root(); - auto zero_roots_path = world_state.root_tree.get_hash_path(0); - - // Compose our rollup. - rollup_tx rollup = { .rollup_id = 0, - .num_txs = num_txs, - .data_start_index = data_start_index, - .txs = {}, - - .old_data_root = data_root, - .new_data_root = data_root, - .old_data_path = zero_data_path, - - .linked_commitment_paths = { zero_data_path }, - .linked_commitment_indices = { 0 }, - - .old_null_root = null_root, - .new_null_roots = { null_root }, - .old_null_paths = { zero_null_path }, - - .data_roots_root = roots_root, - .data_roots_paths = { zero_roots_path }, - .data_roots_indicies = { 0 }, - - .new_defi_root = world_state.defi_tree.root(), - .bridge_call_datas = {}, - .asset_ids = {}, - .num_defi_interactions = 0, - .num_asset_ids = 0 }; - - return rollup; -} - -/** - * Create an empty, fully padded rollup_tx ready for use in the circuit. - */ -inline rollup_tx create_padding_rollup(size_t rollup_size, std::vector const& padding_proof) -{ - world_state::WorldState world_state; - auto rollup = create_empty_rollup(world_state); - pad_rollup_tx(rollup, rollup_size, padding_proof); - return rollup; -} - -inline rollup_tx create_rollup_tx(WorldState& world_state, - size_t rollup_size, - std::vector> const& txs, - std::vector bridge_call_datas = {}, - std::vector asset_ids = { 0 }, - std::vector const& data_roots_indicies_ = {}, - std::vector const& linked_commitment_indices_ = {}) -{ - auto& data_tree = world_state.data_tree; - auto& null_tree = world_state.null_tree; - auto& root_tree = world_state.root_tree; - auto& defi_tree = world_state.defi_tree; - - uint32_t rollup_id = static_cast(root_tree.size() - 1); - - auto floor_rollup_size = 1UL << numeric::get_msb(rollup_size); - auto rollup_size_pow2 = floor_rollup_size << (rollup_size != floor_rollup_size); - - // Compute data tree data. - auto num_txs = static_cast(txs.size()); - auto subtree_size = static_cast(rollup_size_pow2 * 2UL); - auto data_tree_size = static_cast(data_tree.size()); - auto data_start_index = data_tree_size % subtree_size == 0 - ? data_tree_size - : data_tree_size + subtree_size - (data_tree_size % subtree_size); - auto old_data_root = data_tree.root(); - auto old_data_path = data_tree.get_hash_path(data_start_index); - - std::vector linked_commitment_paths; - std::vector data_roots_paths; - std::vector nullifier_indicies; - std::vector data_tree_values; - - std::vector linked_commitment_indices(linked_commitment_indices_); - linked_commitment_indices.resize(num_txs, data_tree_size - 1); - std::vector data_roots_indicies(data_roots_indicies_); - data_roots_indicies.resize(num_txs, (uint32_t)root_tree.size() - 1); - - for (size_t i = 0; i < num_txs; ++i) { - auto tx = inner_proof_data(txs[i]); - - // Chaining - identify 'split chains' and push a valid merkle membership path. - fr_hash_path linked_commitment_path; - const bool chaining = tx.backward_link != 0; - bool is_propagating_prev_output1; - bool is_propagating_prev_output2; - if (chaining) { - bool found_link_in_rollup = false; - fr prev_allow_chain = 0; - // Loop through all prior txs to find a tx that this tx is chaining from (if it exists in this rollup): - for (size_t j = 0; j < num_txs; j++) { - const auto prev_tx = inner_proof_data(txs[j]); - is_propagating_prev_output1 = prev_tx.note_commitment1 == tx.backward_link; - is_propagating_prev_output2 = prev_tx.note_commitment2 == tx.backward_link; - found_link_in_rollup = is_propagating_prev_output1 || is_propagating_prev_output2; - if (found_link_in_rollup) { - prev_allow_chain = prev_tx.allow_chain; - break; - } - } - - const bool start_of_subchain = !found_link_in_rollup; - if (start_of_subchain) { - // Then no earlier txs in this tx's chain have been included in this rollup, so we'll need to provide a - // valid merkle membership witness for the input note being propagated: - linked_commitment_paths.push_back(data_tree.get_hash_path(linked_commitment_indices[i])); - } else { - // This tx is not the first tx of its chain to be included in this rollup, hence the existence of the - // input note being propagated is inductively assured by earlier checks in this circuit. - if (i == 0) { - info(format(__FUNCTION__, "error, the 0th tx is never in the middle of a chain")); - } - - linked_commitment_path = get_random_hash_path(data_tree.depth()); // create a dummy path. - - // Note: in the circuit, we do a check to ensure the commitment being propagaged (denoted by - // `attempting_to_propagate_output_index`) is _allowed_ to be chained from, by comparing against - // `prev_allow_chain`. We'll skip that check here, so that the circuit's checks can be tested. - } - } else { - linked_commitment_path = get_random_hash_path(data_tree.depth()); // create an dummy path. - } - linked_commitment_paths.push_back(linked_commitment_path); - - // Compute partial claim notes - if (tx.proof_id == ProofIds::DEFI_DEPOSIT) { - uint32_t nonce = 0; - while (tx.bridge_call_data != bridge_call_datas[nonce] && nonce < bridge_call_datas.size()) { - ++nonce; - }; - nonce += rollup_id * NUM_BRIDGE_CALLS_PER_BLOCK; - uint256_t fee = tx.tx_fee - (tx.tx_fee >> 1); - tx.note_commitment1 = notes::native::claim::complete_partial_commitment(tx.note_commitment1, nonce, fee); - } - - data_tree_values.push_back(tx.note_commitment1); - data_tree_values.push_back(tx.note_commitment2); - - data_roots_paths.push_back(root_tree.get_hash_path(data_roots_indicies[i])); - - nullifier_indicies.push_back(uint256_t(tx.nullifier1)); - nullifier_indicies.push_back(uint256_t(tx.nullifier2)); - } - - // Insert data tree elements. - for (size_t i = 0; i < data_tree_values.size(); ++i) { - if (data_tree_values[i] != fr(0)) { - world_state.insert_data_entry(data_start_index + i, data_tree_values[i], nullifier_indicies[i]); - } - } - - // Compute nullifier tree data. - auto old_null_root = null_tree.root(); - std::vector new_null_roots; - std::vector old_null_paths; - - auto nullifier_value = fr(1); - - for (size_t i = 0; i < nullifier_indicies.size(); ++i) { - old_null_paths.push_back(null_tree.get_hash_path(nullifier_indicies[i])); - if (nullifier_indicies[i]) { - null_tree.update_element(nullifier_indicies[i], nullifier_value); - } - new_null_roots.push_back(null_tree.root()); - } - - // Compute root tree data. - auto root_tree_root = root_tree.root(); - - // Compose our rollup. - rollup_tx rollup = { rollup_id, - num_txs, - data_start_index, - txs, - - old_data_root, - data_tree.root(), - old_data_path, - - linked_commitment_paths, - linked_commitment_indices, - - old_null_root, - new_null_roots, - old_null_paths, - - root_tree_root, - data_roots_paths, - data_roots_indicies, - - defi_tree.root(), - bridge_call_datas, - - asset_ids, - - bridge_call_datas.size(), - asset_ids.size() }; - - // Add nullifier 0 index padding data if necessary. - if (num_txs < rollup_size) { - data_tree.update_element(data_start_index + (rollup_size * 2) - 1, fr(0)); - - auto zero_null_path = null_tree.get_hash_path(0); - rollup.old_null_paths.push_back(zero_null_path); - } - - return rollup; -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/index.hpp b/cpp/src/aztec/rollup/proofs/rollup/index.hpp deleted file mode 100644 index cd7cd4f5f8..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/index.hpp +++ /dev/null @@ -1,6 +0,0 @@ -#include "compute_circuit_data.hpp" -#include "create_rollup_tx.hpp" -#include "rollup_circuit.hpp" -#include "rollup_proof_data.hpp" -#include "rollup_tx.hpp" -#include "verify.hpp" \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.cpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.cpp deleted file mode 100644 index 234ce37424..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.cpp +++ /dev/null @@ -1,444 +0,0 @@ -#include "rollup_circuit.hpp" -#include "./rollup_proof_data.hpp" -#include "../../constants.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../add_zero_public_inputs.hpp" -#include "../notes/circuit/claim/index.hpp" -#include -#include -#include -#include -#include "../notes/constants.hpp" - -// #pragma GCC diagnostic ignored "-Wunused-variable" -// #pragma GCC diagnostic ignored "-Wunused-parameter" -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace plonk::stdlib::types::turbo; -using namespace plonk::stdlib::recursion; -using namespace plonk::stdlib::merkle_tree; -using namespace notes; - -field_ct check_nullifiers_inserted(Composer& composer, - std::vector const& new_null_roots, - std::vector const& old_null_paths, - uint32_ct const& num_txs, - field_ct latest_null_root, - std::vector const& new_null_indicies) -{ - for (size_t i = 0; i < new_null_indicies.size(); ++i) { - auto is_real = num_txs > uint32_ct(&composer, i / 2) && new_null_indicies[i] != 0; - - // This makes padding transactions act as noops. - auto index = (new_null_indicies[i] * is_real); - - update_membership(new_null_roots[i], - field_ct(is_real), - latest_null_root, - old_null_paths[i], - field_ct(0), - index.decompose_into_bits(NULL_TREE_DEPTH), - format(__FUNCTION__, "_", i)); - - latest_null_root = new_null_roots[i]; - } - - return latest_null_root; -} - -/** - * Processes a defi deposit proof. - * - We only process join split proofs with a proof_id == ProofIds::DEFI_DEPOSIT (otherwise noop). - * - Ensure that the bridge_call_data matches one within the of set of bridge_call_datas. - * - Accumulate the deposit value in relevant defi_deposit_sums slot. These later become public inputs. - * - Modify the claim note commitment (output_note_1 commitment) to add the relevant interaction nonce to it. - */ -auto process_defi_deposit(Composer& composer, - field_ct const& rollup_id, - std::vector& public_inputs, - std::vector const& bridge_call_datas, - std::vector& defi_deposit_sums, - field_ct const& num_defi_interactions) -{ - field_ct defi_interaction_nonce = (rollup_id * NUM_BRIDGE_CALLS_PER_BLOCK); - - const auto proof_id = public_inputs[InnerProofFields::PROOF_ID]; - const suint_ct bridge_call_data( - public_inputs[InnerProofFields::BRIDGE_CALL_DATA], DEFI_BRIDGE_CALL_DATA_BIT_LENGTH, "bridge_call_data"); - const suint_ct deposit_value( - public_inputs[InnerProofFields::DEFI_DEPOSIT_VALUE], DEFI_DEPOSIT_VALUE_BIT_LENGTH, "defi_deposit"); - const auto is_defi_deposit = proof_id == field_ct(ProofIds::DEFI_DEPOSIT); - - /** - * There is one defi_interaction_nonce for each interaction ('bridge call'). - * The defi deposit being processed by this function will belong to one of these bridge calls - * (based on the bridge_call_data) - say it's the k-th bridge call of this rollup. - * Then the defi_interaction_nonce = rollup_id * NUM_BRIDGE_CALLS_PER_BLOCK + k. - */ - field_ct note_defi_interaction_nonce = defi_interaction_nonce; - field_ct num_matched(&composer, 0); - - for (uint32_t k = 0; k < NUM_BRIDGE_CALLS_PER_BLOCK; k++) { - auto is_real = uint32_ct(k) < num_defi_interactions; - - const auto matches = bridge_call_data == bridge_call_datas[k] && is_real; - num_matched += matches; - - defi_deposit_sums[k] += deposit_value * is_defi_deposit * matches; - note_defi_interaction_nonce += (field_ct(&composer, k) * matches); - } - note_defi_interaction_nonce *= is_defi_deposit; - - // Assert this proof matched a single bridge_call_data. - auto is_valid_bridge_call_data = num_matched == 1 || !is_defi_deposit; - is_valid_bridge_call_data.assert_equal( - true, format("proof bridge call data matched ", uint64_t(num_matched.get_value()), " times")); - - // Compute claim fee which to be added to the claim note. - const suint_ct tx_fee(public_inputs[InnerProofFields::TX_FEE], TX_FEE_BIT_LENGTH, "tx_fee"); - const suint_ct defi_deposit_fee = tx_fee / 2; - const auto claim_fee = (tx_fee - defi_deposit_fee) * is_defi_deposit; - const auto net_tx_fee = suint_ct::conditional_assign(is_defi_deposit, defi_deposit_fee, tx_fee); - - // Complete the claim note output to mix in the interaction nonce and the claim fee. - auto note_commitment1 = public_inputs[InnerProofFields::NOTE_COMMITMENT1]; - auto claim_note_commitment = - notes::circuit::claim::complete_partial_commitment(note_commitment1, note_defi_interaction_nonce, claim_fee); - - public_inputs[InnerProofFields::NOTE_COMMITMENT1] = - field_ct::conditional_assign(is_defi_deposit, claim_note_commitment, note_commitment1); - - return net_tx_fee; -} - -/** - * Check that claim proofs are using the correct defi root. - */ -auto process_claims(std::vector& public_inputs, field_ct const& new_defi_root) -{ - const auto is_claim = public_inputs[InnerProofFields::PROOF_ID] == field_ct(ProofIds::DEFI_CLAIM); - const auto defi_root = public_inputs[InnerProofFields::DEFI_ROOT]; - auto valid = defi_root == new_defi_root || !is_claim; - valid.assert_equal(true, format("claim proof has unmatched defi root")); -} - -/** - * Check chained transaction inputs - called once per tx `i`. - * - Look back over all earlier txs in the rollup for other txs in the chain. - * - Perform a membership check for the propagated inputs of txs at the start of a split chain. - * - 'Zero' the commitments and nullifiers of notes propagated to a user's self. - * - * @param prev_txs_public_inputs is required to extract the allow_chain public input from each tx - * @returns the (possibly zeroed) nullifiers of this tx - */ -void process_chained_txs(size_t const& i, - bool_ct const& is_tx_real, - std::vector const& public_inputs, - std::vector> const& prev_txs_public_inputs, - field_ct const& old_data_root, - std::vector const& linked_commitment_paths, - std::vector const& linked_commitment_indices) -{ - const field_ct backward_link = field_ct(public_inputs[InnerProofFields::BACKWARD_LINK]); - - const bool_ct chaining = backward_link != 0; - - // If (chaining), we need to look back at all earlier txs in this rollup, to find a match to this tx's - // backward_link. - // This is O(n^2) in the number of txs. - // Note, there might not be a match if the chain has been split across rollups. - - // Loop accumulators: - field_ct prev_allow_chain(0); - bool_ct is_propagating_prev_output1(false); - bool_ct is_propagating_prev_output2(false); - bool_ct found_link_in_rollup(false); - field_ct matched_tx_index(0); - - for (size_t j = 0; j < i; j++) { - const auto prev_public_inputs = prev_txs_public_inputs[j]; - const field_ct prev_note_commitment1 = prev_public_inputs[InnerProofFields::NOTE_COMMITMENT1]; - const field_ct prev_note_commitment2 = prev_public_inputs[InnerProofFields::NOTE_COMMITMENT2]; - const field_ct temp_prev_allow_chain = prev_public_inputs[InnerProofFields::ALLOW_CHAIN]; - - const bool_ct temp_is_propagating_prev_output1 = - (backward_link == prev_note_commitment1) && - is_tx_real; // Inclusion of `is_tx_real` prevents `0 == 0` from passing, for padded txs (which have a 0 - // prev_note_commitment). - const bool_ct temp_is_propagating_prev_output2 = (backward_link == prev_note_commitment2) && is_tx_real; - const bool_ct found_link_in_loop = temp_is_propagating_prev_output1 || temp_is_propagating_prev_output2; - - // If we've found a tx which matches this tx's backward_link, then write data to the higher-scoped - // variables: - // Note: we don't need to try to prevent multiple matches (and hence multiple writes to the - // higher-scoped variables) in this loop. Multiple matches would mean there are >1 txs with the same output - // commitment, which is a bigger problem that will be caught when updating the nullifier tree (duplicate - // output commitments would share the same input_nullifier). - // Notice: once found, the below values remain unchanged through future iterations: - found_link_in_rollup |= found_link_in_loop; - prev_allow_chain = field_ct::conditional_assign(found_link_in_loop, temp_prev_allow_chain, prev_allow_chain); - is_propagating_prev_output1 = bool_ct(field_ct::conditional_assign( - found_link_in_loop, temp_is_propagating_prev_output1, is_propagating_prev_output1)); - is_propagating_prev_output2 = bool_ct(field_ct::conditional_assign( - found_link_in_loop, temp_is_propagating_prev_output2, is_propagating_prev_output2)); - } - - // start_of_subchain = "no earlier txs in this tx's chain have been included in this rollup" - const bool_ct start_of_subchain = chaining && !found_link_in_rollup; - // middle_of_chain = "this tx is not the first tx of its chain to be included in this rollup" - const bool_ct middle_of_chain = chaining && found_link_in_rollup; - - const bool_ct linked_commitment_exists = - merkle_tree::check_membership(old_data_root, - linked_commitment_paths[i], - backward_link, - linked_commitment_indices[i].decompose_into_bits(DATA_TREE_DEPTH)); - - (start_of_subchain) - .must_imply(linked_commitment_exists, - format("tx ", - i, - "'s linked commitment must exist. Membership check failed for backward_link ", - backward_link)); - - field_ct attempting_to_propagate_output_index = field_ct::conditional_assign( - is_propagating_prev_output1, 1, field_ct::conditional_assign(is_propagating_prev_output2, 2, 0)); - - // Note: prev_allow_chain = 3 => "both outputs of prev_tx may be propagated from" - (middle_of_chain) - .must_imply(prev_allow_chain == attempting_to_propagate_output_index || prev_allow_chain == 3, - format("tx ", - i, - " is not permitted to propagate output ", - attempting_to_propagate_output_index, - " of the prev tx. prev_allow_chain = ", - prev_allow_chain)); -} - -/** - * Accumulate tx fees from each inner proof depending on the type of proof. - */ -void accumulate_tx_fees(Composer& composer, - std::vector& total_tx_fees, - field_ct const& proof_id, - field_ct const& asset_id, - suint_ct const& tx_fee, - std::vector const& asset_ids, - field_ct const& num_asset_ids, - bool_ct const& is_real) -{ - const auto is_account = proof_id == field_ct(ProofIds::ACCOUNT); - - // Accumulate tx_fee for each asset_id. Note that tx_fee = 0 for padding proofs. - field_ct num_matched(&composer, 0); - for (uint32_t k = 0; k < NUM_ASSETS; k++) { - auto is_asset_id_real = uint32_ct(k) < num_asset_ids; - - const auto matches = asset_id == asset_ids[k] && is_asset_id_real; - num_matched += matches; - - total_tx_fees[k] += tx_fee * static_cast(matches); - } - - // Assert this proof matched either 0 or 1 assets - auto is_valid_asset_id = !is_real || num_matched == 0 || num_matched == 1 || is_account; - is_valid_asset_id.assert_equal(true, - format("proof asset id matched ", uint64_t(num_matched.get_value()), " times")); -} - -recursion_output rollup_circuit(Composer& composer, - rollup_tx const& rollup, - std::vector> const& verification_keys, - size_t max_num_txs) -{ - // Compute a constant witness of the next power of 2 > max_num_txs. - const auto floor_rollup_size = 1UL << numeric::get_msb(max_num_txs); - const auto rollup_size_pow2_ = floor_rollup_size << (max_num_txs != floor_rollup_size); - const auto rollup_size_pow2 = field_ct(witness_ct(&composer, rollup_size_pow2_)); - rollup_size_pow2.assert_equal(rollup_size_pow2_, format("rollup size != ", rollup_size_pow2_)); - - // Witnesses from rollup_tx data. - const auto rollup_id = field_ct(witness_ct(&composer, rollup.rollup_id)); - const auto num_txs = uint32_ct(witness_ct(&composer, rollup.num_txs)); - field_ct(num_txs).create_range_constraint(MAX_TXS_BIT_LENGTH); - const auto data_start_index = - suint_ct(witness_ct(&composer, rollup.data_start_index), DATA_TREE_DEPTH, "data_start_index"); - const auto old_data_root = field_ct(witness_ct(&composer, rollup.old_data_root)); - const auto new_data_root = field_ct(witness_ct(&composer, rollup.new_data_root)); - const auto old_data_path = create_witness_hash_path(composer, rollup.old_data_path); - - const auto linked_commitment_paths = - map(rollup.linked_commitment_paths, [&](auto& p) { return create_witness_hash_path(composer, p); }); - const auto linked_commitment_indices = - map(rollup.linked_commitment_indices, [&](auto& i) { return field_ct(witness_ct(&composer, i)); }); - - const auto old_null_root = field_ct(witness_ct(&composer, rollup.old_null_root)); - const auto new_null_roots = map(rollup.new_null_roots, [&](auto& r) { return field_ct(witness_ct(&composer, r)); }); - const auto old_null_paths = - map(rollup.old_null_paths, [&](auto& p) { return create_witness_hash_path(composer, p); }); - - const auto data_roots_root = field_ct(witness_ct(&composer, rollup.data_roots_root)); - const auto data_roots_paths = - map(rollup.data_roots_paths, [&](auto& p) { return create_witness_hash_path(composer, p); }); - const auto data_root_indicies = - map(rollup.data_roots_indicies, [&](auto& i) { return field_ct(witness_ct(&composer, i)); }); - - const auto new_defi_root = field_ct(witness_ct(&composer, rollup.new_defi_root)); - const auto num_defi_interactions = field_ct(witness_ct(&composer, rollup.num_defi_interactions)); - auto bridge_call_datas = map(rollup.bridge_call_datas, [&](auto& bid) { - return suint_ct(witness_ct(&composer, bid), DEFI_BRIDGE_CALL_DATA_BIT_LENGTH, "bridge_call_data"); - }); - const auto recursive_manifest = Composer::create_unrolled_manifest(verification_keys[0]->num_public_inputs); - - const auto num_asset_ids = field_ct(witness_ct(&composer, rollup.num_asset_ids)); - auto asset_ids = map(rollup.asset_ids, [&](auto& aid) { return field_ct(witness_ct(&composer, aid)); }); - // Zero any input bridge_call_datas that are outside scope, and check in scope bridge_call_datas are not zero. - for (uint32_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; i++) { - auto in_scope = uint32_ct(i) < num_defi_interactions; - bridge_call_datas[i] *= in_scope; - auto valid = !in_scope || bridge_call_datas[i] != 0; - valid.assert_equal(true, "bridge_call_data out of scope"); - } - - // Input asset_ids that are outside scope are set to 2^{30} (NUM_MAX_ASSETS). - for (uint32_t i = 0; i < NUM_ASSETS; i++) { - auto in_scope = uint32_ct(i) < num_asset_ids; - asset_ids[i] = field_ct::conditional_assign(in_scope, asset_ids[i], field_ct(MAX_NUM_ASSETS)); - auto valid = !in_scope || asset_ids[i] != field_ct(MAX_NUM_ASSETS); - valid.assert_equal(true, "asset_id out of scope"); - } - - // Loop accumulators. - auto new_data_values = std::vector(); - auto new_null_indicies = std::vector(); - recursion_output recursion_output; - // Public inputs of the inner txs which will be 'made public' ('propagated' - not to be confused with chained - // txs propagation) by this rollup circuit: - std::vector> propagated_tx_public_inputs; - // All public inputs of the inner txs (including public inputs which will not be made public by this rollup - // circuit): - std::vector> prev_txs_public_inputs; - auto total_tx_fees = std::vector(NUM_ASSETS, suint_ct::create_constant_witness(&composer, 0)); - std::vector defi_deposit_sums(NUM_BRIDGE_CALLS_PER_BLOCK, - suint_ct::create_constant_witness(&composer, 0)); - - for (size_t i = 0; i < max_num_txs; ++i) { - // Pick verification key and check it's permitted. - auto proof_id_u32 = from_buffer(rollup.txs[i], InnerProofOffsets::PROOF_ID + 28); - auto recursive_verification_key = - plonk::stdlib::recursion::verification_key::from_witness(&composer, verification_keys[proof_id_u32]); - recursive_verification_key->validate_key_is_in_set(verification_keys); - - // Verify the inner proof. - recursion_output = - verify_proof>(&composer, - recursive_verification_key, - recursive_manifest, - waffle::plonk_proof{ rollup.txs[i] }, - recursion_output); - - auto is_real = num_txs > uint32_ct(&composer, i); - auto& public_inputs = recursion_output.public_inputs; - - // Zero padding public inputs. - for (size_t j = 0; j < InnerProofFields::NUM_FIELDS; ++j) { - public_inputs[j] *= is_real; - } - - auto tx_fee = process_defi_deposit( - composer, rollup_id, public_inputs, bridge_call_datas, defi_deposit_sums, num_defi_interactions); - - process_claims(public_inputs, new_defi_root); - - // Ordering matters. This `push_back` must happen after any mutations to `public_inputs` in the - // `process_defi_deposit()` & `process_claims()` functions, but before `process_chained_txs`. - propagated_tx_public_inputs.push_back(slice(public_inputs, 0, PropagatedInnerProofFields::NUM_FIELDS)); - - process_chained_txs(i, - is_real, - public_inputs, - prev_txs_public_inputs, - old_data_root, - linked_commitment_paths, - linked_commitment_indices); - - // Add this proof's data values to the list. - new_data_values.push_back(public_inputs[InnerProofFields::NOTE_COMMITMENT1]); - new_data_values.push_back(public_inputs[InnerProofFields::NOTE_COMMITMENT2]); - - // Add input note nullifiers to the list. - new_null_indicies.push_back(public_inputs[InnerProofFields::NULLIFIER1]); - new_null_indicies.push_back(public_inputs[InnerProofFields::NULLIFIER2]); - - // Check this proof's data root exists in the data root tree (unless a padding entry). - auto data_root = public_inputs[InnerProofFields::MERKLE_ROOT]; - bool_ct data_root_exists = - data_root != 0 && check_membership(data_roots_root, - data_roots_paths[i], - data_root, - data_root_indicies[i].decompose_into_bits(ROOT_TREE_DEPTH)); - is_real.assert_equal(data_root_exists, format("data_root_for_proof_", i)); - - // Accumulate tx fee. - auto proof_id = public_inputs[InnerProofFields::PROOF_ID]; - auto asset_id = public_inputs[InnerProofFields::TX_FEE_ASSET_ID]; - accumulate_tx_fees(composer, total_tx_fees, proof_id, asset_id, tx_fee, asset_ids, num_asset_ids, is_real); - - prev_txs_public_inputs.push_back(public_inputs); - } - - new_data_values.resize(rollup_size_pow2_ * 2, fr(0)); - batch_update_membership(new_data_root, old_data_root, old_data_path, new_data_values, data_start_index.value); - - auto new_null_root = - check_nullifiers_inserted(composer, new_null_roots, old_null_paths, num_txs, old_null_root, new_null_indicies); - - // Compute hash of the tx public inputs. Used to reduce number of public inputs published in root rollup. - auto sha_input = flatten(propagated_tx_public_inputs); - sha_input.resize(rollup_size_pow2_ * PropagatedInnerProofFields::NUM_FIELDS, field_ct(0)); - auto hash_output = stdlib::sha256_to_field(packed_byte_array_ct::from_field_element_vector(sha_input)); - - // Publish public inputs. - rollup_id.set_public(); - rollup_size_pow2.set_public(); - data_start_index.set_public(); - old_data_root.set_public(); - new_data_root.set_public(); - old_null_root.set_public(); - new_null_root.set_public(); - data_roots_root.set_public(); - public_witness_ct(&composer, rollup.data_roots_root); - add_zero_public_inputs(composer, 1); // old_defi_root - new_defi_root.set_public(); - for (size_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; ++i) { - bridge_call_datas[i].set_public(); - } - for (size_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; ++i) { - defi_deposit_sums[i].set_public(); - } - for (size_t i = 0; i < NUM_ASSETS; ++i) { - asset_ids[i].set_public(); - } - for (auto total_tx_fee : total_tx_fees) { - total_tx_fee.set_public(); - } - hash_output.set_public(); - for (auto& tx : propagated_tx_public_inputs) { - for (auto& public_input : tx) { - public_input.set_public(); - } - } - // Add tx padding public inputs. - add_zero_public_inputs(composer, (rollup_size_pow2_ - max_num_txs) * PropagatedInnerProofFields::NUM_FIELDS); - - // Publish pairing coords limbs as public inputs. - recursion_output.add_proof_outputs_as_public_inputs(); - - return recursion_output; -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.hpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.hpp deleted file mode 100644 index ad76544108..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.hpp +++ /dev/null @@ -1,28 +0,0 @@ -#pragma once -#include "rollup_tx.hpp" -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace plonk::stdlib::types::turbo; -using namespace plonk::stdlib::recursion; - -field_ct check_nullifiers_inserted(Composer& composer, - std::vector const& new_null_roots, - std::vector const& old_null_paths, - uint32_ct const& num_txs, - field_ct latest_null_root, - std::vector const& new_null_indicies); - -recursion_output rollup_circuit(Composer& composer, - rollup_tx const& proofs, - std::vector> const& verification_keys, - size_t rollup_size); - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.test.cpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.test.cpp deleted file mode 100644 index afebec4b52..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit.test.cpp +++ /dev/null @@ -1,1336 +0,0 @@ -#include "index.hpp" -#include "../notes/native/index.hpp" -#include "../../fixtures/test_context.hpp" -#include "../../fixtures/compute_or_load_fixture.hpp" -#include "../join_split/create_noop_join_split_proof.hpp" -#include -#include - -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace barretenberg; -using namespace notes; - -namespace { -join_split::circuit_data js_cd; -account::circuit_data account_cd; -claim::circuit_data claim_cd; -rollup::circuit_data rollup_1_keyless; -rollup::circuit_data rollup_2_keyless; -rollup::circuit_data rollup_3_keyless; -rollup::circuit_data rollup_4_keyless; -rollup::circuit_data rollup_5_keyless; -} // namespace - -class rollup_tests : public ::testing::Test { - protected: - rollup_tests() - : context(js_cd, account_cd, claim_cd) - {} - - static void SetUpTestCase() - { - std::string CRS_PATH = "../srs_db/ignition"; - auto srs = std::make_shared(CRS_PATH); - account_cd = account::get_circuit_data(srs); - js_cd = join_split::get_circuit_data(srs); - claim_cd = claim::get_circuit_data(srs); - rollup_1_keyless = rollup::get_circuit_data(1, js_cd, account_cd, claim_cd, srs, "", false, false, false); - rollup_2_keyless = rollup::get_circuit_data(2, js_cd, account_cd, claim_cd, srs, "", false, false, false); - rollup_3_keyless = rollup::get_circuit_data(3, js_cd, account_cd, claim_cd, srs, "", false, false, false); - rollup_4_keyless = rollup::get_circuit_data(4, js_cd, account_cd, claim_cd, srs, "", false, false, false); - rollup_5_keyless = rollup::get_circuit_data(5, js_cd, account_cd, claim_cd, srs, "", false, false, false); - } - - auto create_tx_with_1_defi() - { - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - const notes::native::bridge_call_data bid = { - .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 111, - .output_asset_id_b = 222, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - // MIKE started here - auto defi_proof1 = context.create_defi_proof({ 0, 1 }, { 100, 50 }, { 40, 110 }, bid); - - return create_rollup_tx(context.world_state, 1, { defi_proof1 }, { bid }); - } - - auto create_tx_with_3_defi() - { - context.append_value_notes({ 100, 50 }); - context.append_value_notes({ 100, 50, 100, 50 }, 8); - context.append_value_notes({ 200, 40 }, 13); - context.start_next_root_rollup(); - - const notes::native::bridge_call_data bid1 = { - .bridge_address_id = 0, - .input_asset_id_a = 8, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = 1, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - - const notes::native::bridge_call_data bid2 = { - .bridge_address_id = 1, - .input_asset_id_a = 13, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = 1, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - auto js_proof = context.create_join_split_proof({ 0, 1 }, { 100, 50 }, { 70, 73 }); // fee = 7 - auto defi_proof1 = context.create_defi_proof({ 2, 3 }, { 100, 50 }, { 40, 100 }, bid1, 8); // fee = 10 - auto defi_proof2 = context.create_defi_proof({ 4, 5 }, { 100, 50 }, { 30, 80 }, bid1, 8); // fee = 40 - auto defi_proof3 = context.create_defi_proof({ 6, 7 }, { 200, 40 }, { 20, 207 }, bid2, 13); // fee = 13 - - return create_rollup_tx( - context.world_state, 4, { js_proof, defi_proof1, defi_proof2, defi_proof3 }, { bid1, bid2 }, { 0, 8, 13 }); - } - - auto create_tx_with_defi_loan() - { - context.append_value_notes({ 150, 50, 40, 160 }); - context.append_value_notes({ 100, 50 }, 1); - context.start_next_root_rollup(); - - const notes::native::bridge_call_data bid1 = { - .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 2, - .output_asset_id_b = virtual_asset_id_flag, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - - const notes::native::bridge_call_data bid2 = { - .bridge_address_id = 1, - .input_asset_id_a = 1, - .input_asset_id_b = 0, - .output_asset_id_a = 3, - .output_asset_id_b = virtual_asset_id_flag, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - auto defi_proof1 = context.create_defi_proof({ 0, 1 }, { 150, 50 }, { 180, 0 }, bid1, 0); // fee = 20 - auto defi_proof2 = context.create_defi_proof({ 2, 3 }, { 40, 160 }, { 190, 0 }, bid1, 0); // fee = 10 - auto defi_proof3 = context.create_defi_proof({ 4, 5 }, { 100, 50 }, { 150, 0 }, bid2, 1); // fee = 0 - - return create_rollup_tx( - context.world_state, 4, { defi_proof1, defi_proof2, defi_proof3 }, { bid1, bid2 }, { 0, 1 }); - } - - auto create_js_proof(join_split::join_split_tx& tx) - { - context.js_tx_factory.finalise_and_sign_tx(tx, context.user.owner); - return join_split::create_proof(tx, js_cd); - } - - auto create_tx_with_3_defi_include_non_fee_asset() - { - context.append_value_notes({ 100, 50 }); - context.append_value_notes({ 100, 50, 100, 50 }, 8); - context.append_value_notes({ 200, 40 }, 25); // not a fee paying asset - context.start_next_root_rollup(); - - const notes::native::bridge_call_data bid1 = { - .bridge_address_id = 0, - .input_asset_id_a = 8, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = 1, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - - const notes::native::bridge_call_data bid2 = { - .bridge_address_id = 2, - .input_asset_id_a = 25, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = 1, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - auto js_proof = context.create_join_split_proof({ 0, 1 }, { 100, 50 }, { 70, 73 }); // fee = 7 - auto defi_proof1 = context.create_defi_proof({ 2, 3 }, { 100, 50 }, { 40, 100 }, bid1, 8); // fee = 10 - auto defi_proof2 = context.create_defi_proof({ 4, 5 }, { 100, 50 }, { 30, 80 }, bid1, 8); // fee = 40 - auto defi_proof3 = context.create_defi_proof({ 6, 7 }, { 200, 40 }, { 20, 207 }, bid2, 25); // fee = 13 - - return create_rollup_tx( - context.world_state, 4, { js_proof, defi_proof1, defi_proof2, defi_proof3 }, { bid1, bid2 }, { 0, 8 }); - } - - void test_chain_off_disallowed_note_fails(uint32_t allow_chain, size_t indicator); - - fixtures::TestContext context; - const uint32_t virtual_asset_id_flag = (uint32_t(1) << (MAX_NUM_ASSETS_BIT_LENGTH - 1)); -}; - -TEST_F(rollup_tests, test_padding_proof) -{ - Composer composer = Composer(js_cd.proving_key, js_cd.verification_key, js_cd.num_gates); - join_split::join_split_circuit(composer, join_split::noop_tx()); - auto verifier = composer.create_unrolled_verifier(); - EXPECT_TRUE(verifier.verify_proof({ js_cd.padding_proof })); -} - -TEST_F(rollup_tests, test_1_deposit_proof_in_1_rollup) -{ - size_t rollup_size = 1; - auto join_split_proof = join_split::create_noop_join_split_proof(js_cd, context.world_state.data_tree.root()); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_0_proof_in_1_rollup) -{ - auto rollup = create_empty_rollup(context.world_state); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_1_proof_in_1_rollup) -{ - size_t rollup_size = 1; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_1_proof_with_old_root_in_1_rollup) -{ - size_t rollup_size = 1; - - // Insert rollup 0 at index 1. - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - // Create proof which references root at index 1. - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }); - auto data_root_index = 1U; - - // Insert rollup 1. - context.append_value_notes({ 30, 40 }); - context.start_next_root_rollup(); - - // Create rollup 2 with old join-split. - auto rollup = - create_rollup_tx(context.world_state, rollup_size, { join_split_proof }, {}, { 0 }, { data_root_index }); - - inner_proof_data data(join_split_proof); - EXPECT_TRUE(data.merkle_root != rollup.old_data_root); - - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_1_proof_with_invalid_old_null_root_fails) -{ - size_t rollup_size = 1; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }); - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - - rollup.old_null_root = fr::random_element(); - - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "check_nullifiers_inserted_0_old_value"); -} - -TEST_F(rollup_tests, test_incorrect_data_start_index_fails) -{ - size_t rollup_size = 1; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - rollup.data_start_index = 0; - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "batch_update_membership_old_subtree"); -} - -TEST_F(rollup_tests, test_larger_total_output_value_fails) -{ - size_t rollup_size = 1; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 90 }); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); -} - -TEST_F(rollup_tests, test_reuse_spent_note_fails) -{ - size_t rollup_size = 1; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 0, 1 }, { 100, 50 }, { 70, 80 }); - inner_proof_data inner_proof_data(join_split_proof); - context.world_state.nullify(inner_proof_data.nullifier1); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "check_nullifiers_inserted_0_old_value"); -} - -TEST_F(rollup_tests, test_max_num_txs) -{ - size_t rollup_size = 1; - auto join_split_proof = join_split::create_noop_join_split_proof(js_cd, context.world_state.data_tree.root()); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - rollup.num_txs = (uint32_t(1) << MAX_TXS_BIT_LENGTH) - 1; - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_overflow_num_txs_fails) -{ - size_t rollup_size = 1; - auto join_split_proof = join_split::create_noop_join_split_proof(js_cd, context.world_state.data_tree.root()); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - rollup.num_txs = uint32_t(1) << MAX_TXS_BIT_LENGTH; - - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); -} - -// Asset Ids -TEST_F(rollup_tests, test_invalid_asset_id_fails) -{ - size_t rollup_size = 1; - uint32_t invalid_asset_id = MAX_NUM_ASSETS; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }, invalid_asset_id); - context.start_next_root_rollup(); - auto join_split_proof = - context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }, 0, 0, 0, invalid_asset_id); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }, {}, { invalid_asset_id }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "asset_id out of scope"); -} - -TEST_F(rollup_tests, test_asset_id_repeated_fails) -{ - auto tx = create_tx_with_3_defi(); - tx.asset_ids.push_back(tx.asset_ids[0]); - auto result = verify_logic(tx, rollup_4_keyless); - - ASSERT_FALSE(result.logic_verified); - EXPECT_EQ(result.err, "proof asset id matched 2 times"); -} - -TEST_F(rollup_tests, test_proof_asset_id_not_in_assets) -{ - // txs can have non-fee paying assets - // these need to be accepted and asset constraint bypassed - auto tx = create_tx_with_3_defi_include_non_fee_asset(); - // 4th tx has asset that is not included in list of assets on rollup - auto result = verify_logic(tx, rollup_4_keyless); - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_asset_id_reordering_works) -{ - auto tx = create_tx_with_3_defi(); - tx.asset_ids = { 8, 0, 13 }; - auto result = verify_logic(tx, rollup_4_keyless); - - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_asset_id_output_order) -{ - auto tx = create_tx_with_3_defi(); - auto result = verify_logic(tx, rollup_4_keyless); - ASSERT_TRUE(result.logic_verified); - - auto rollup_data = rollup_proof_data(result.public_inputs); - - // Check correct asset ids order. - EXPECT_EQ(rollup_data.asset_ids[0], tx.asset_ids[0]); // asset_id 0 - EXPECT_EQ(rollup_data.asset_ids[1], tx.asset_ids[1]); // asset_id 8 - EXPECT_EQ(rollup_data.asset_ids[2], tx.asset_ids[2]); // asset_id 13 - EXPECT_EQ(rollup_data.asset_ids[3], MAX_NUM_ASSETS); // padding - - // Check correct tx_fee accumulation. - EXPECT_EQ(rollup_data.total_tx_fees[0], 7); // asset_id 0 - EXPECT_EQ(rollup_data.total_tx_fees[1], 25); // asset_id 8, net_tx_fee = 50/2 - EXPECT_EQ(rollup_data.total_tx_fees[2], 6); // asset_id 13, net_tx_fee = 13/2 - EXPECT_EQ(rollup_data.total_tx_fees[3], 0); // padding -} - -// Account -TEST_F(rollup_tests, test_1_account_proof_in_1_rollup) -{ - size_t rollup_size = 1; - - auto create_account = context.create_new_account_proof(); - auto rollup = create_rollup_tx(context.world_state, rollup_size, { create_account }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_reuse_nullified_account_alias_hash_fails) -{ - size_t rollup_size = 1; - - context.append_account_notes(); - context.nullify_account_alias_hash(context.user.alias_hash); - context.start_next_root_rollup(); - - auto account_proof = context.create_new_account_proof(); - auto rollup = create_rollup_tx(context.world_state, rollup_size, { account_proof }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); -} - -TEST_F(rollup_tests, test_reuse_nullified_account_public_key_fails) -{ - size_t rollup_size = 1; - - context.append_account_notes(); - context.nullify_account_public_key(context.user.owner.public_key); - context.start_next_root_rollup(); - - auto account_proof = context.create_new_account_proof(); - auto rollup = create_rollup_tx(context.world_state, rollup_size, { account_proof }); - auto result = verify_logic(rollup, rollup_1_keyless); - - EXPECT_FALSE(result.logic_verified); -} - -// Rollups of size 2. -TEST_F(rollup_tests, test_1_proof_in_2_rollup) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_2_proofs_in_2_rollup) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - context.append_value_notes({ 0, 0, 100, 50, 80, 60 }); - context.start_next_root_rollup(); - auto join_split_proof1 = context.create_join_split_proof({ 4, 5 }, { 100, 50 }, { 70, 80 }); - auto join_split_proof2 = context.create_join_split_proof({ 6, 7 }, { 80, 60 }, { 70, 70 }); - auto txs = std::vector{ join_split_proof1, join_split_proof2 }; - - auto rollup = create_rollup_tx(context.world_state, rollup_size, txs); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_1_js_proof_1_account_proof_in_2_rollup) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - context.append_value_notes({ 0, 0, 100, 50, 80, 60 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 4, 5 }, { 100, 50 }, { 70, 80 }); - auto account_proof = context.create_migrate_account_proof(); - auto txs = std::vector{ join_split_proof, account_proof }; - - auto rollup = create_rollup_tx(context.world_state, rollup_size, txs); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_create_rollup_picks_correct_data_start_index) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - // Add a couple of additional notes taking total to 6. - context.append_value_notes({ 100, 50, 0, 0 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - - EXPECT_EQ(rollup.data_start_index, 8UL); -} - -TEST_F(rollup_tests, test_same_input_note_in_two_proofs_fails) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - context.append_value_notes({ 0, 0, 100, 50, 80, 60 }); - context.start_next_root_rollup(); - auto join_split_proof1 = context.create_join_split_proof({ 4, 5 }, { 100, 50 }, { 70, 80 }); - auto join_split_proof2 = context.create_join_split_proof({ 6, 5 }, { 80, 50 }, { 70, 60 }); - auto txs = std::vector{ join_split_proof1, join_split_proof2 }; - - auto rollup = create_rollup_tx(context.world_state, rollup_size, txs); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_FALSE(result.logic_verified); -} - -TEST_F(rollup_tests, test_nullifier_hash_path_consistency) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - context.append_value_notes({ 0, 0, 100, 50, 80, 60 }); - context.start_next_root_rollup(); - auto join_split_proof1 = context.create_join_split_proof({ 4, 5 }, { 100, 50 }, { 70, 80 }); - auto join_split_proof2 = context.create_join_split_proof({ 6, 7 }, { 80, 60 }, { 70, 70 }); - auto txs = std::vector{ join_split_proof1, join_split_proof2 }; - - auto rollup = create_rollup_tx(context.world_state, rollup_size, txs); - - std::swap(rollup.new_null_roots[2], rollup.new_null_roots[3]); - std::swap(rollup.old_null_paths[2], rollup.old_null_paths[3]); - - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_FALSE(result.logic_verified); -} - -// Chaining -TEST_F(rollup_tests, test_chain_off_first_output_note_and_consume_in_first_input_note) -{ - size_t rollup_size = 2; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 1; - auto join_split_proof1 = create_js_proof(tx1); - - // Chain off the prior tx's first output note, and join with the second preloaded note from data tree index 1. - // First input index of tx2 is set to 0 but it's not actually used (since the propagated note doesn't exist in the - // tree yet). - auto tx2 = context.js_tx_factory.create_join_split_tx({ 0, 1 }, { 70, 50 }, { 120, 0 }); - tx2.input_note[0] = tx1.output_note[0]; - tx2.backward_link = tx2.input_note[0].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof2 }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_chain_off_first_output_note_and_consume_in_second_input_note) -{ - size_t rollup_size = 2; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 1; - auto join_split_proof1 = create_js_proof(tx1); - - // Chain off the prior tx's first output note, and join with the second preloaded note from data tree index 1. - // First input index of tx2 is set to 0 but it's not actually used (since the propagated note doesn't exist in the - // tree yet). - auto tx2 = context.js_tx_factory.create_join_split_tx({ 1, 0 }, { 50, 70 }, { 120, 0 }); - tx2.input_note[1] = tx1.output_note[0]; - tx2.backward_link = tx2.input_note[1].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof2 }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_chain_off_second_output_note_and_consume_in_first_input_note) -{ - size_t rollup_size = 2; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 2; - auto join_split_proof1 = create_js_proof(tx1); - - // Chain off tx1's second output note, and join with the second preloaded note from data tree index 1. - // Second input index of tx2 is set to 0 but it's not actually used (since the propagated note doesn't exist in the - // tree yet). - auto tx2 = context.js_tx_factory.create_join_split_tx({ 0, 1 }, { 30, 50 }, { 80, 0 }); - tx2.input_note[0] = tx1.output_note[1]; - tx2.backward_link = tx2.input_note[0].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof2 }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_chain_off_second_output_note_and_consume_in_second_input_note) -{ - size_t rollup_size = 2; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 2; - auto join_split_proof1 = create_js_proof(tx1); - - // Chain off tx1's second output note, and join with the second preloaded note from data tree index 1. - // Second input index of tx2 is set to 0 but it's not actually used (since the propagated note doesn't exist in the - // tree yet). - auto tx2 = context.js_tx_factory.create_join_split_tx({ 1, 0 }, { 50, 30 }, { 80, 0 }); - tx2.input_note[1] = tx1.output_note[1]; - tx2.backward_link = tx2.input_note[1].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof2 }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_allow_chain_off_first_output_note_but_dont_consume) -{ - size_t rollup_size = 2; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 1; - auto join_split_proof1 = create_js_proof(tx1); - - // Allow chaining off the tx1's first note, but don't use it as an input note in tx2. - // The tx will be permitted because no backward_link is specified, and so no propagation is happening. - auto tx2 = context.js_tx_factory.create_join_split_tx({ 1 }, { 50 }, { 50, 0 }); - tx2.backward_link = 0; - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof2 }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -void rollup_tests::test_chain_off_disallowed_note_fails(uint32_t allow_chain, size_t indicator) -{ - // Testing all invalid allow_chain / backward_link permutations between two txs. - size_t rollup_size = 2; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = allow_chain; - auto join_split_proof1 = create_js_proof(tx1); - - // Chain off the output note dictated by the backward_link `indicator` - join_split::join_split_tx tx2; - switch (indicator) { - case 1: - tx2 = context.js_tx_factory.create_join_split_tx({ 0, 1 }, { 70, 50 }, { 120, 0 }); - break; - case 2: - tx2 = context.js_tx_factory.create_join_split_tx({ 0, 1 }, { 30, 50 }, { 80, 0 }); - break; - } - - tx2.input_note[0] = tx1.output_note[indicator - 1]; - tx2.backward_link = tx1.output_note[indicator - 1].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof2 }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_FALSE(result.logic_verified); - auto assertion = result.err.find("is not permitted to propagate output") != std::string::npos; - EXPECT_EQ(true, assertion); -} - -TEST_F(rollup_tests, test_chain_off_disallowed_note_fails_0) -{ - test_chain_off_disallowed_note_fails(0, 1); -} - -TEST_F(rollup_tests, test_chain_off_disallowed_note_fails_1) -{ - test_chain_off_disallowed_note_fails(0, 2); -} - -TEST_F(rollup_tests, test_chain_off_disallowed_note_fails_2) -{ - test_chain_off_disallowed_note_fails(1, 2); -} - -TEST_F(rollup_tests, test_chain_off_disallowed_note_fails_3) -{ - test_chain_off_disallowed_note_fails(2, 1); -} - -// The following are implicitly tested, since create_rollup_tx will independently calculate the relevant tree root, -// which the circuit will then compare against its own calculation. -// - chained_nullifier_zeroed (if allow_chain = 1 or 2) -// - chained_output_commitment_zeroed -// - split_chain_nullifier_not_zeroed -// - split_chain_output_commitment_not_zeroed -TEST_F(rollup_tests, test_gap_in_chain_within_rollup) -{ - size_t rollup_size = 4; - - /* - * Leaf index: 0 1 2 3 4 5 6 7 8 9 - * Value: 100 50 0 0 70 30 10 60 15 35 - */ - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - // Chain should be tx1 -> tx2. - // We'll interrupt the chain with tx1 -> tx3 -> tx2. - // This should still pass, as the circuit will find tx1. - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 1; - auto join_split_proof1 = create_js_proof(tx1); - - // Chain off the prior tx's first note, and join with the second preloaded note from index 1. - // First index is set to 0 because the input note is being propagated. - // Second index is set to 0 because num_input_notes is 1. - auto tx2 = context.js_tx_factory.create_join_split_tx({ 0 }, { 70 }, { 10, 60 }); - tx2.input_note[0] = tx1.output_note[0]; - tx2.backward_link = tx2.input_note[0].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - // Second index is set to 0 because num_input_notes is 1. - auto tx3 = context.js_tx_factory.create_join_split_tx({ 1 }, { 50 }, { 15, 35 }); - auto join_split_proof3 = create_js_proof(tx3); - - auto rollup = - create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof3, join_split_proof2 }); - auto result = verify_logic(rollup, rollup_4_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_gap_in_chain_spanning_rollups_without_path_fails) -{ - size_t rollup_size = 2; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - // Chain should be tx1 -> tx2. - // We'll interrupt the chain with | tx1 -> tx3 | rollup split | tx2 ... | - // The rollup provider should therefore provide a path for the backward-linked commitment. But they won't here. - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 1; - - // Add tx1 and tx3 to the first rollup: - context.append_value_notes({ 70, 30, 15, 35 }); - - // Add tx2 to the next rollup - // First index is set to 0 because the input note is being propagated. - auto tx2 = context.js_tx_factory.create_join_split_tx({ 0 }, { 70 }, { 10, 60 }); - tx2.input_note[0] = tx1.output_note[0]; - tx2.backward_link = tx2.input_note[0].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof2 }); - auto result = verify_logic(rollup, rollup_2_keyless); - - EXPECT_FALSE(result.logic_verified); - auto assertion = result.err.find("Membership check failed for backward_link") != - std::string::npos; // ensure the error message contains this substring. (workaround without using - // the gmock library). - EXPECT_EQ(true, assertion); -} - -TEST_F(rollup_tests, test_gap_in_chain_spanning_rollups_with_linked_commitment_path) -{ - size_t rollup_size = 4; - - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - // Chain should be tx1 -> tx2. - // We'll interrupt the chain with | tx1 -> tx3 | rollup split | tx2 ... | - // The rollup provider should therefore provide a path for the backward-linked commitment. We'll do this here. - - // Add tx1 and tx3 to the first rollup: - context.append_value_notes({ 70, 30, 15, 35 }); - context.start_next_root_rollup(); - - // Add tx2 to the next rollup - // First index is set to 0 because the input note is being propagated. - auto tx2 = context.js_tx_factory.create_join_split_tx({ 0 }, { 70 }, { 10, 60 }); - notes::native::value::value_note linked_note = { - 70, 0, 0, context.user.owner.public_key, context.user.note_secret, 0, 2 - }; // there's a discrepency with the way `append_value_notes` and `create_join_split_tx` calculate - // commitments/nullifiers. Here, we ensure the calculation methods match for the propagated commitment, at least. - - tx2.input_note[0] = linked_note; - tx2.backward_link = linked_note.commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto rollup = create_rollup_tx(context.world_state, - rollup_size, - { join_split_proof2 }, - {}, - { 0 }, - {}, - { 2 }); // add the correct linked commitment index, so a valid path is retrieved. - auto result = verify_logic(rollup, rollup_4_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_chain_off_both_output_notes_and_consume_in_next_two_txs_no_gaps) -{ - size_t rollup_size = 4; - - /* - * Leaf index: 0 1 2 3 4 5 6 7 8 9 - * Value: 100 50 75 200 70 30 120 0 0 105 - */ - - context.append_value_notes({ 100, 50, 75, 200 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 3; // allow chaining from both output notes - auto join_split_proof1 = create_js_proof(tx1); - - // tx2 will consume the first of the propagated output notes of tx1 - // tx3 will consume the second propagated output note of tx1 - - // Chain off tx1's first output note, and join with the second preloaded note from data tree index 1. - // First input index of tx2 is set to 0 but it's not actually used. - auto tx2 = context.js_tx_factory.create_join_split_tx({ 4, 1 }, { 70, 50 }, { 120, 0 }); - tx2.input_note[0] = tx1.output_note[0]; - tx2.backward_link = tx2.input_note[0].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto tx3 = context.js_tx_factory.create_join_split_tx({ 2, 5 }, { 75, 30 }, { 0, 105 }); - tx3.input_note[1] = tx1.output_note[1]; - tx3.backward_link = tx3.input_note[1].commit(); - auto join_split_proof3 = create_js_proof(tx3); - - auto rollup = - create_rollup_tx(context.world_state, rollup_size, { join_split_proof1, join_split_proof2, join_split_proof3 }); - auto result = verify_logic(rollup, rollup_4_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_chain_off_both_output_notes_and_consume_within_rollup_with_gaps) -{ - size_t rollup_size = 8; - - /* - * Leaf index: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 - * Value: 100 50 75 200 300 400 500 600 70 30 120 0 0 105 - */ - - // Chain should be tx1 --> tx2 - // \-------->tx3 - // We'll interrupt the chain with tx4 & tx5: | tx1 -> tx4 -> tx2 -> tx5 -> tx3 | - // The rollup provider should therefore provide a path for both of the propagated input commitments (one for tx2, - // one for tx3). - - context.append_value_notes({ 100, 50, 75, 200, 300, 400, 500, 600 }); - context.start_next_root_rollup(); - - auto tx1 = context.js_tx_factory.create_join_split_tx({ 0 }, { 100 }, { 70, 30 }); - tx1.allow_chain = 3; // allow chaining from both output notes - auto join_split_proof1 = create_js_proof(tx1); - - // tx2 will consume the first of the propagated output notes of tx1 - // tx3 will consume the second propagated output note of tx1 - - // Chain off tx1's first output note, and join with the second preloaded note from data tree index 1. - // First input index of tx2 is set to 0 but it's not actually used. - auto tx2 = context.js_tx_factory.create_join_split_tx({ 8, 1 }, { 70, 50 }, { 120, 0 }); - tx2.input_note[0] = tx1.output_note[0]; - tx2.backward_link = tx2.input_note[0].commit(); - auto join_split_proof2 = create_js_proof(tx2); - - auto tx3 = context.js_tx_factory.create_join_split_tx({ 2, 9 }, { 75, 30 }, { 0, 105 }); - tx3.input_note[1] = tx1.output_note[1]; - tx3.backward_link = tx3.input_note[1].commit(); - auto join_split_proof3 = create_js_proof(tx3); - - auto tx4 = context.js_tx_factory.create_join_split_tx({ 3, 4 }, { 200, 300 }, { 20, 480 }); - auto join_split_proof4 = create_js_proof(tx4); - - auto tx5 = context.js_tx_factory.create_join_split_tx({ 5, 6 }, { 400, 500 }, { 1, 899 }); - auto join_split_proof5 = create_js_proof(tx5); - - auto rollup = create_rollup_tx( - context.world_state, - rollup_size, - { join_split_proof1, join_split_proof4, join_split_proof2, join_split_proof5, join_split_proof3 }); - auto result = verify_logic(rollup, rollup_5_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -// Rollups of size 3. -TEST_F(rollup_tests, test_1_proof_in_3_rollup) -{ - size_t rollup_size = 3; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 }); - - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - auto result = verify_logic(rollup, rollup_3_keyless); - - EXPECT_TRUE(result.logic_verified); -} - -// Defi tests. -TEST_F(rollup_tests, test_defi_proof_in_rollup) -{ - auto tx = create_tx_with_1_defi(); - auto result = verify_logic(tx, rollup_1_keyless); - - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(rollup_tests, test_defi_bridge_call_data_zero_fails) -{ - auto tx = create_tx_with_1_defi(); - tx.bridge_call_datas = { 0 }; - auto result = verify_logic(tx, rollup_1_keyless); - - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(rollup_tests, test_defi_bridge_call_data_repeated_fails) -{ - auto tx = create_tx_with_1_defi(); - tx.bridge_call_datas.push_back(tx.bridge_call_datas[0]); - auto result = verify_logic(tx, rollup_1_keyless); - - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(rollup_tests, test_defi_bridge_call_data_unmatched_fails) -{ - auto tx = create_tx_with_1_defi(); - tx.bridge_call_datas[0] = { 1, 2, 0, 0 }; - auto result = verify_logic(tx, rollup_1_keyless); - - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(rollup_tests, test_defi_deposit_sums_accumulated) -{ - auto tx = create_tx_with_3_defi(); - auto result = verify_logic(tx, rollup_4_keyless); - ASSERT_TRUE(result.logic_verified); - - auto rollup_data = rollup_proof_data(result.public_inputs); - - // Check correct defi deposit_sums. - EXPECT_EQ(rollup_data.bridge_call_datas[0], tx.bridge_call_datas[0]); - EXPECT_EQ(rollup_data.bridge_call_datas[1], tx.bridge_call_datas[1]); - EXPECT_EQ(rollup_data.bridge_call_datas[2], 0); - EXPECT_EQ(rollup_data.bridge_call_datas[3], 0); - EXPECT_EQ(rollup_data.deposit_sums[0], 70); - EXPECT_EQ(rollup_data.deposit_sums[1], 20); - EXPECT_EQ(rollup_data.deposit_sums[2], 0); - EXPECT_EQ(rollup_data.deposit_sums[3], 0); - - // Check correct tx_fee accumulation. - EXPECT_EQ(rollup_data.total_tx_fees[0], 7); // asset_id 0 - EXPECT_EQ(rollup_data.total_tx_fees[1], 25); // asset_id 8 - EXPECT_EQ(rollup_data.total_tx_fees[2], 6); // asset_id 13 - EXPECT_EQ(rollup_data.total_tx_fees[3], 0); // padding -} - -TEST_F(rollup_tests, test_defi_interaction_nonce_added_to_claim_notes) -{ - auto tx = create_tx_with_3_defi(); - auto result = verify_logic(tx, rollup_4_keyless); - ASSERT_TRUE(result.logic_verified); - - auto rollup_data = rollup_proof_data(result.public_inputs); - - // Check regular join-split output note1 unchanged (as we change it for defi deposits). - notes::native::value::value_note note1 = { .value = 70, - .asset_id = 0, - .account_required = false, - .owner = context.user.owner.public_key, - .secret = context.user.note_secret, - .creator_pubkey = 0, - .input_nullifier = rollup_data.inner_proofs[0].nullifier1 }; - EXPECT_EQ(rollup_data.inner_proofs[0].note_commitment1, note1.commit()); - - notes::native::value::value_note note2 = { .value = 73, - .asset_id = 0, - .account_required = false, - .owner = context.user.owner.public_key, - .secret = context.user.note_secret, - .creator_pubkey = 0, - .input_nullifier = rollup_data.inner_proofs[0].nullifier2 }; - EXPECT_EQ(rollup_data.inner_proofs[0].note_commitment2, note2.commit()); - - std::vector claim_fees = { 0, 5, 20, 7 }; - - // Check correct interaction nonce in claim notes. - auto check_defi_proof = [&](uint32_t i, uint32_t claim_note_interaction_nonce) { - auto defi_proof_data = inner_proof_data(tx.txs[i]); - auto defi_proof = rollup_data.inner_proofs[i]; - - auto partial_state = notes::native::value::create_partial_commitment( - context.user.note_secret, context.user.owner.public_key, 0, 0); - notes::native::claim::claim_note claim_note = { .deposit_value = defi_proof_data.defi_deposit_value, - .bridge_call_data = defi_proof_data.bridge_call_data, - .defi_interaction_nonce = claim_note_interaction_nonce, - .fee = claim_fees[i], - .value_note_partial_commitment = partial_state, - .input_nullifier = defi_proof.nullifier1 }; - - EXPECT_EQ(defi_proof.note_commitment1, claim_note.commit()); - }; - - check_defi_proof(1, NUM_BRIDGE_CALLS_PER_BLOCK); - check_defi_proof(2, NUM_BRIDGE_CALLS_PER_BLOCK); - check_defi_proof(3, NUM_BRIDGE_CALLS_PER_BLOCK + 1); -} - -TEST_F(rollup_tests, test_defi_claim_proofs) -{ - auto rollup1_tx = create_tx_with_3_defi(); - auto bids = rollup1_tx.bridge_call_datas; - auto asset_ids = rollup1_tx.asset_ids; - auto result = verify_logic(rollup1_tx, rollup_4_keyless); - ASSERT_TRUE(result.logic_verified); - - std::vector dins = { { .bridge_call_data = bids[0], - .interaction_nonce = 0, - .total_input_value = 70, - .total_output_value_a = 700, - .total_output_value_b = 7000, - .interaction_result = true }, - { .bridge_call_data = bids[1], - .interaction_nonce = 1, - .total_input_value = 20, - .total_output_value_a = 2, - .total_output_value_b = 3, - .interaction_result = true } }; - context.append_account_notes(); - uint32_t initial_din_index = context.start_next_root_rollup(dins); - rollup::rollup_proof_data data(result.public_inputs); - - // js, acc and defi proofs to be rolled up with claim proofs - auto acc_proof = context.create_add_signing_keys_to_account_proof(data.data_start_index + 8); - auto js_proof = context.create_join_split_proof({}, {}, { 100, 30 }, 130); - const notes::native::bridge_call_data bid1 = { .bridge_address_id = 0, - .input_asset_id_a = 0, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = 1, - .config = - notes::native::bridge_call_data::bit_config{ - .second_input_in_use = false, .second_output_in_use = true }, - .aux_data = 0 }; - bids.push_back(bid1); - auto defi_proof1 = - context.create_defi_proof({ data.data_start_index, data.data_start_index + 1 }, { 70, 73 }, { 120, 23 }, bid1); - std::vector claim_fees = { 0, 5, 20, 7 }; - - std::vector indices = { 0, 0, 1 }; - - // Create claim proofs for each claim note in previous rollup. - auto claim_proofs = mapi(data.inner_proofs, [&](auto inner, auto i) { - if (inner.proof_id != ProofIds::DEFI_DEPOSIT) { - return std::vector(); - } - auto claim_note_index = data.data_start_index + uint32_t(2 * i); - auto inner_tx = inner_proof_data(rollup1_tx.txs[i]); - auto defi_note_index = initial_din_index + indices[i - 1]; - return context.create_claim_proof(inner_tx.bridge_call_data, - inner_tx.defi_deposit_value, - claim_note_index, - defi_note_index, // defi proofs are offset by one - claim_fees[i]); - }); - - auto rollup2_tx = create_rollup_tx( - context.world_state, 4, { js_proof, acc_proof, defi_proof1, claim_proofs[2] }, bids, asset_ids); - auto result2 = verify_logic(rollup2_tx, rollup_4_keyless); - EXPECT_TRUE(result2.logic_verified); -} - -TEST_F(rollup_tests, test_defi_loan_proofs) -{ - /** - * Rollup 0: Create defi deposit proofs for drawing 3 loans: - * +-------------------------------------------------------------------------+ - * | no collateral_asset collateral_value loan_asset loan_value | - * +-------------------------------------------------------------------------+ - * | 1 0 180 2 1800 | - * | 2 0 190 2 1900 | - * | 3 1 150 3 3000 | - * +-------------------------------------------------------------------------+ - */ - auto rollup1_tx = create_tx_with_defi_loan(); - auto bids = rollup1_tx.bridge_call_datas; - auto asset_ids = rollup1_tx.asset_ids; - auto result = verify_logic(rollup1_tx, rollup_4_keyless); - ASSERT_TRUE(result.logic_verified); - - /** - * Rollup 1: Create defi claim proofs for drawing 3 loans: - */ - std::vector dins = { - { bids[0], NUM_BRIDGE_CALLS_PER_BLOCK, 370, 3700, 3700, true }, - { bids[1], NUM_BRIDGE_CALLS_PER_BLOCK + 1, 150, 3000, 3000, true } - }; - uint32_t initial_din_index = context.start_next_root_rollup(dins); - - rollup::rollup_proof_data data(result.public_inputs); - - // Create claim proofs for each claim note in previous rollup. - auto loan_claim_proof1 = context.create_claim_proof(bids[0], 180, data.data_start_index + 0, initial_din_index, 10); - auto loan_claim_proof2 = context.create_claim_proof(bids[0], 190, data.data_start_index + 2, initial_din_index, 5); - auto loan_claim_proof3 = - context.create_claim_proof(bids[1], 150, data.data_start_index + 4, initial_din_index + 1, 0); - - auto rollup2_tx = create_rollup_tx( - context.world_state, 4, { loan_claim_proof1, loan_claim_proof2, loan_claim_proof3 }, bids, asset_ids); - auto result2 = verify_logic(rollup2_tx, rollup_4_keyless); - EXPECT_TRUE(result2.logic_verified); - /** - * Rollup 2: Create defi deposit proofs for repaying the loans 1 and 3, - * split the value and virtual notes of loan 2: - * +--------------------------------------------------------------------+ - * | no collateral_asset returned_collateral_value loan_repay | - * +--------------------------------------------------------------------+ - * | 1 0 180-18 = 152 yes | - * | 2 0 - no, split | - * | 3 1 150-30 = 120 yes | - * +--------------------------------------------------------------------+ - */ - initial_din_index = context.start_next_root_rollup(); - rollup::rollup_proof_data data2(result2.public_inputs); - - // Loan number 1 repayment - const uint32_t opening_nonce1 = NUM_BRIDGE_CALLS_PER_BLOCK; - - const notes::native::bridge_call_data bid1 = { .bridge_address_id = 0, - .input_asset_id_a = 2, - .input_asset_id_b = virtual_asset_id_flag + opening_nonce1, - .output_asset_id_a = 0, - .output_asset_id_b = 0, - .config = - notes::native::bridge_call_data::bit_config{ - .second_input_in_use = true, .second_output_in_use = false }, - .aux_data = 0 }; - const uint32_t virtual_asset_id1 = (uint32_t(1) << 29) + opening_nonce1; - auto loan_repay_proof1 = context.create_defi_proof({ data2.data_start_index + 0, data2.data_start_index + 1 }, - { 1800, 1800 }, - { 1800, 0 }, - bid1, - 2, - 0, - virtual_asset_id1); - // Loan number 3 repayment - const uint32_t opening_nonce2 = opening_nonce1 + 1; - const notes::native::bridge_call_data bid2 = { .bridge_address_id = 0, - .input_asset_id_a = 3, - .input_asset_id_b = virtual_asset_id_flag + opening_nonce2, - .output_asset_id_a = 1, - .output_asset_id_b = 0, - .config = - notes::native::bridge_call_data::bit_config{ - .second_input_in_use = true, .second_output_in_use = false }, - .aux_data = 0 }; - const uint32_t virtual_asset_id2 = (uint32_t(1) << 29) + opening_nonce2; - auto loan_repay_proof2 = context.create_defi_proof({ data2.data_start_index + 4, data2.data_start_index + 5 }, - { 3000, 3000 }, - { 3000, 0 }, - bid2, - 3, - 0, - virtual_asset_id2); - // Loan number 2 virtual and value note splitting - auto loan_split_proof1 = context.create_join_split_proof( - { data2.data_start_index + 3 }, { 1900 }, { 1000, 900 }, 0, 0, 0, virtual_asset_id1); - auto value_note_split_proof = - context.create_join_split_proof({ data2.data_start_index + 2 }, { 1900 }, { 900, 1000 }, 0, 0, 0, 2); - auto rollup3_tx = - create_rollup_tx(context.world_state, - 4, - { loan_repay_proof1, loan_repay_proof2, loan_split_proof1, value_note_split_proof }, - { bid1, bid2 }, - { 2, 3, virtual_asset_id1 }); - auto result3 = verify_logic(rollup3_tx, rollup_4_keyless); - EXPECT_TRUE(result3.logic_verified); - - /** - * Rollup 3: Create defi claim proofs for repaying loans 1 and 3. - * Also, create defi deposit proof for repaying one part of loan 2. - */ - std::vector dins1 = { { bid1, 12, 1800, 152, 18, true }, - { bid2, 13, 3000, 120, 15, true } }; - initial_din_index = context.start_next_root_rollup(dins1); - - // Finish loan repayments which were initiated in the previous rollup. - rollup::rollup_proof_data data3(result3.public_inputs); - auto loan_repay_claim_proof1 = - context.create_claim_proof(bid1, 1800, data3.data_start_index + 0, initial_din_index, 0); - auto loan_repay_claim_proof2 = - context.create_claim_proof(bid2, 3000, data3.data_start_index + 2, initial_din_index + 1, 0); - - // Initiate repayment of one installment of the second loan in this rollup. - auto loan_repay_proof4 = context.create_defi_proof({ data3.data_start_index + 7, data3.data_start_index + 4 }, - { 1000, 1000 }, - { 1000, 0 }, - bid1, - 2, - 0, - virtual_asset_id1); - - auto rollup4_tx = create_rollup_tx(context.world_state, - 4, - { loan_repay_claim_proof1, loan_repay_claim_proof2, loan_repay_proof4 }, - { bid1, bid2 }, - { 2, 3 }); - auto result4 = verify_logic(rollup4_tx, rollup_4_keyless); - EXPECT_TRUE(result4.logic_verified); - - /** - * Rollup 4: Create defi claim proofs for repaying one installment of loans 2. - * Also, create defi deposit proof for repaying other part of loan 2. - */ - std::vector dins2 = { { bid1, 16, 1000, 85, 15, true } }; - initial_din_index = context.start_next_root_rollup(dins2); - - // Finish loan repayment which was initiated in the previous rollup. - rollup::rollup_proof_data data4(result4.public_inputs); - auto loan_repay_claim_proof4 = - context.create_claim_proof(bid1, 1000, data4.data_start_index + 4, initial_din_index, 0); - - // Initiate repayment of the remaining installment of loan 2 in this rollup. - auto loan_repay_proof5 = context.create_defi_proof({ data3.data_start_index + 6, data3.data_start_index + 5 }, - { 900, 900 }, - { 900, 0 }, - bid1, - 2, - 0, - virtual_asset_id1); - - auto rollup5_tx = create_rollup_tx( - context.world_state, 4, { loan_repay_claim_proof4, loan_repay_proof5 }, { bid1, bid2 }, { 2, 3 }); - auto result5 = verify_logic(rollup5_tx, rollup_4_keyless); - EXPECT_TRUE(result5.logic_verified); -} - -TEST_F(rollup_tests, test_defi_claim_proof_has_valid_defi_root) -{ - auto rollup1_tx = create_tx_with_1_defi(); - auto bids = rollup1_tx.bridge_call_datas; - auto result = verify_logic(rollup1_tx, rollup_1_keyless); - ASSERT_TRUE(result.logic_verified); - - std::vector dins = { { bids[0], 0, 70, 700, 7000, true }, - { bids[1], 0, 20, 2, 3, true } }; - uint32_t initial_din_index = context.start_next_root_rollup(dins); - - rollup::rollup_proof_data data(result.public_inputs); - - // Create claim proof with trash defi root. - auto inner_tx = inner_proof_data(rollup1_tx.txs[0]); - auto tx = context.create_claim_tx(inner_tx.bridge_call_data, inner_tx.defi_deposit_value, 2, initial_din_index, 0); - tx.defi_root = fr::random_element(); - auto claim_proof = claim::create_proof(tx, context.claim_cd); - - auto rollup2_tx = create_rollup_tx(context.world_state, 1, { claim_proof }, bids); - auto result2 = verify_logic(rollup2_tx, rollup_1_keyless); - EXPECT_FALSE(result2.logic_verified); -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit_full.test.cpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit_full.test.cpp deleted file mode 100644 index 2f1568af13..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_circuit_full.test.cpp +++ /dev/null @@ -1,259 +0,0 @@ -#include "index.hpp" -#include "../notes/native/index.hpp" -#include "../../fixtures/test_context.hpp" -#include - -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace barretenberg; -using namespace notes::native::value; -using namespace notes::native::account; -using namespace notes::native::value; -using namespace plonk::stdlib::merkle_tree; - -namespace { -std::shared_ptr srs; -join_split::circuit_data js_cd; -account::circuit_data account_cd; -claim::circuit_data claim_cd; -} // namespace - -class rollup_full_tests : public ::testing::Test { - protected: - rollup_full_tests() - : context(js_cd, account_cd, claim_cd) - {} - - static void SetUpTestCase() - { - std::string CRS_PATH = "../srs_db/ignition"; - srs = std::make_shared(CRS_PATH); - account_cd = account::get_circuit_data(srs); - js_cd = join_split::get_circuit_data(srs); - claim_cd = claim::get_circuit_data(srs); - } - - fixtures::TestContext context; - const uint32_t asset_id = 0; - const uint32_t tx_fee = 7; -}; - -// Full proofs. -HEAVY_TEST_F(rollup_full_tests, test_1_proof_in_1_rollup_full_proof_and_detect_circuit_change) -{ - size_t rollup_size = 1; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 110 - tx_fee }, 30, 0); - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - - auto rollup_circuit_data = - rollup::get_circuit_data(rollup_size, js_cd, account_cd, claim_cd, srs, "", true, false, false); - auto result = verify(rollup, rollup_circuit_data); - - ASSERT_TRUE(result.verified); - - auto rollup_data = rollup_proof_data(result.proof_data); - EXPECT_EQ(rollup_data.rollup_id, 1UL); - EXPECT_EQ(rollup_data.rollup_size, rollup_size); - EXPECT_EQ(rollup_data.data_start_index, 4UL); - EXPECT_EQ(rollup_data.old_data_root, rollup.old_data_root); - EXPECT_EQ(rollup_data.new_data_root, rollup.new_data_root); - EXPECT_EQ(rollup_data.old_null_root, rollup.old_null_root); - EXPECT_EQ(rollup_data.new_null_root, rollup.new_null_roots.back()); - EXPECT_EQ(rollup_data.old_data_roots_root, rollup.data_roots_root); - EXPECT_EQ(rollup_data.new_data_roots_root, rollup.data_roots_root); - for (size_t i = 0; i < rollup_data.total_tx_fees.size(); ++i) { - EXPECT_EQ(rollup_data.total_tx_fees[i], i == asset_id ? tx_fee : 0UL); - } - EXPECT_EQ(rollup_data.inner_proofs.size(), 1UL); - - auto tx_data = inner_proof_data(join_split_proof); - auto inner_data = rollup_data.inner_proofs[0]; - EXPECT_EQ(inner_data.proof_id, tx_data.proof_id); - EXPECT_EQ(inner_data.note_commitment1, tx_data.note_commitment1); - EXPECT_EQ(inner_data.note_commitment2, tx_data.note_commitment2); - EXPECT_EQ(inner_data.nullifier1, tx_data.nullifier1); - EXPECT_EQ(inner_data.nullifier2, tx_data.nullifier2); - EXPECT_EQ(inner_data.public_value, tx_data.public_value); - EXPECT_EQ(inner_data.public_owner, tx_data.public_owner); - EXPECT_EQ(inner_data.asset_id, tx_data.asset_id); - // The below part detects the changes in the rollup circuit - auto number_of_gates_rollup = rollup_circuit_data.num_gates; - auto vk_hash_rollup = rollup_circuit_data.verification_key->sha256_hash(); - // If the below assertions fail, consider changing the variable is_circuit_change_expected to 1 in - // rollup/constants.hpp and see if atleast the next power of two limit is not exceeded. Please change the constant - // values accordingly and set is_circuit_change_expected to 0 in rollup/constants.hpp before merging. - if (!(circuit_gate_count::is_circuit_change_expected)) { - EXPECT_EQ(number_of_gates_rollup, circuit_gate_count::ROLLUP) - << "The gate count for the rollup circuit is changed."; - EXPECT_EQ(from_buffer(vk_hash_rollup), circuit_vk_hash::ROLLUP) - << "The verification key hash for the rollup circuit is changed."; - // For the next power of two limit, we need to consider that we reserve four gates for adding - // randomness/zero-knowledge - EXPECT_LE(number_of_gates_rollup, - circuit_gate_next_power_of_two::ROLLUP - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the rollup circuit."; - } else { - EXPECT_LE(number_of_gates_rollup, - circuit_gate_next_power_of_two::ROLLUP - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the rollup circuit."; - } -} - -HEAVY_TEST_F(rollup_full_tests, test_1_proof_in_2_rollup_full_proof) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 - tx_fee }); - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - - auto rollup_circuit_data = - rollup::get_circuit_data(rollup_size, js_cd, account_cd, claim_cd, srs, "", true, false, false); - auto result = verify(rollup, rollup_circuit_data); - - ASSERT_TRUE(result.verified); - - auto rollup_data = rollup_proof_data(result.proof_data); - EXPECT_EQ(rollup_data.rollup_id, 1UL); - EXPECT_EQ(rollup_data.rollup_size, rollup_size); - EXPECT_EQ(rollup_data.data_start_index, 4UL); - EXPECT_EQ(rollup_data.old_data_root, rollup.old_data_root); - EXPECT_EQ(rollup_data.new_data_root, rollup.new_data_root); - EXPECT_EQ(rollup_data.old_null_root, rollup.old_null_root); - EXPECT_EQ(rollup_data.new_null_root, rollup.new_null_roots.back()); - EXPECT_EQ(rollup_data.old_data_roots_root, rollup.data_roots_root); - EXPECT_EQ(rollup_data.new_data_roots_root, rollup.data_roots_root); - for (size_t i = 0; i < rollup_data.total_tx_fees.size(); ++i) { - EXPECT_EQ(rollup_data.total_tx_fees[i], i == asset_id ? tx_fee : 0UL); - } - EXPECT_EQ(rollup_data.inner_proofs.size(), 2UL); - - auto tx_data = inner_proof_data(join_split_proof); - auto inner_data = rollup_data.inner_proofs[0]; - EXPECT_EQ(inner_data.proof_id, tx_data.proof_id); - EXPECT_EQ(inner_data.note_commitment1, tx_data.note_commitment1); - EXPECT_EQ(inner_data.note_commitment2, tx_data.note_commitment2); - EXPECT_EQ(inner_data.nullifier1, tx_data.nullifier1); - EXPECT_EQ(inner_data.nullifier2, tx_data.nullifier2); - EXPECT_EQ(inner_data.public_value, tx_data.public_value); - EXPECT_EQ(inner_data.public_owner, tx_data.public_owner); - EXPECT_EQ(inner_data.asset_id, tx_data.asset_id); -} - -HEAVY_TEST_F(rollup_full_tests, test_1_js_proof_1_account_proof_in_2_rollup_full_proof) -{ - size_t rollup_size = 2; - - context.append_account_notes(); - context.append_value_notes({ 0, 0, 100, 50, 80, 60 }); - context.start_next_root_rollup(); - - auto join_split_proof = context.create_join_split_proof({ 4, 5 }, { 100, 50 }, { 70, 110 - tx_fee }, 30); - auto account_proof = context.create_add_signing_keys_to_account_proof(); - auto txs = std::vector>{ join_split_proof, account_proof }; - auto rollup = create_rollup_tx(context.world_state, rollup_size, txs); - auto rollup_circuit_data = - rollup::get_circuit_data(rollup_size, js_cd, account_cd, claim_cd, srs, "", true, false, false); - auto result = verify(rollup, rollup_circuit_data); - - ASSERT_TRUE(result.verified); - - auto rollup_data = rollup_proof_data(result.proof_data); - EXPECT_EQ(rollup_data.rollup_id, 1UL); - EXPECT_EQ(rollup_data.rollup_size, rollup_size); - EXPECT_EQ(rollup_data.data_start_index, 8UL); - EXPECT_EQ(rollup_data.old_data_root, rollup.old_data_root); - EXPECT_EQ(rollup_data.new_data_root, rollup.new_data_root); - EXPECT_EQ(rollup_data.old_null_root, rollup.old_null_root); - EXPECT_EQ(rollup_data.new_null_root, rollup.new_null_roots.back()); - EXPECT_EQ(rollup_data.old_data_roots_root, rollup.data_roots_root); - EXPECT_EQ(rollup_data.new_data_roots_root, rollup.data_roots_root); - for (size_t i = 0; i < rollup_data.total_tx_fees.size(); ++i) { - EXPECT_EQ(rollup_data.total_tx_fees[i], i == asset_id ? tx_fee : 0UL); - } - EXPECT_EQ(rollup_data.inner_proofs.size(), txs.size()); - - for (size_t i = 0; i < txs.size(); ++i) { - auto tx_data = inner_proof_data(txs[i]); - auto inner_data = rollup_data.inner_proofs[i]; - EXPECT_EQ(inner_data.proof_id, tx_data.proof_id); - EXPECT_EQ(inner_data.note_commitment1, tx_data.note_commitment1); - EXPECT_EQ(inner_data.note_commitment2, tx_data.note_commitment2); - EXPECT_EQ(inner_data.nullifier1, tx_data.nullifier1); - EXPECT_EQ(inner_data.nullifier2, tx_data.nullifier2); - EXPECT_EQ(inner_data.public_value, tx_data.public_value); - EXPECT_EQ(inner_data.public_owner, tx_data.public_owner); - EXPECT_EQ(inner_data.asset_id, tx_data.asset_id); - } -} - -HEAVY_TEST_F(rollup_full_tests, test_3_rollup_pads_to_4) -{ - size_t rollup_size = 3; - - context.append_account_notes(); - context.append_value_notes({ 100, 50 }); - context.start_next_root_rollup(); - - auto join_split_proof = context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 70, 80 - tx_fee }); - auto rollup = create_rollup_tx(context.world_state, rollup_size, { join_split_proof }); - - auto rollup_circuit_data = - rollup::get_circuit_data(rollup_size, js_cd, account_cd, claim_cd, srs, "", true, false, false); - auto result = verify(rollup, rollup_circuit_data); - - ASSERT_TRUE(result.verified); - - auto rollup_data = rollup_proof_data(result.proof_data); - EXPECT_EQ(rollup_data.rollup_id, 1UL); - EXPECT_EQ(rollup_data.rollup_size, 4UL); - EXPECT_EQ(rollup_data.data_start_index, 8UL); - EXPECT_EQ(rollup_data.old_data_root, rollup.old_data_root); - EXPECT_EQ(rollup_data.new_data_root, rollup.new_data_root); - EXPECT_EQ(rollup_data.old_null_root, rollup.old_null_root); - EXPECT_EQ(rollup_data.new_null_root, rollup.new_null_roots.back()); - EXPECT_EQ(rollup_data.old_data_roots_root, rollup.data_roots_root); - EXPECT_EQ(rollup_data.new_data_roots_root, rollup.data_roots_root); - for (size_t i = 0; i < rollup_data.total_tx_fees.size(); ++i) { - EXPECT_EQ(rollup_data.total_tx_fees[i], i == asset_id ? tx_fee : 0UL); - } - EXPECT_EQ(rollup_data.inner_proofs.size(), 4UL); - - auto tx_data = inner_proof_data(join_split_proof); - - { - auto inner_data = rollup_data.inner_proofs[0]; - EXPECT_EQ(inner_data.note_commitment1, tx_data.note_commitment1); - EXPECT_EQ(inner_data.note_commitment2, tx_data.note_commitment2); - EXPECT_EQ(inner_data.nullifier1, tx_data.nullifier1); - EXPECT_EQ(inner_data.nullifier2, tx_data.nullifier2); - EXPECT_EQ(inner_data.public_value, tx_data.public_value); - EXPECT_EQ(inner_data.public_owner, tx_data.public_owner); - EXPECT_EQ(inner_data.asset_id, tx_data.asset_id); - } - - for (size_t i = 1; i < rollup_data.inner_proofs.size(); ++i) { - auto inner_data = rollup_data.inner_proofs[i]; - EXPECT_EQ(inner_data.note_commitment1, fr(0)); - EXPECT_EQ(inner_data.note_commitment2, fr(0)); - EXPECT_EQ(inner_data.nullifier1, uint256_t(0)); - EXPECT_EQ(inner_data.nullifier2, uint256_t(0)); - EXPECT_EQ(inner_data.public_value, uint256_t(0)); - EXPECT_EQ(inner_data.public_owner, fr(0)); - EXPECT_EQ(inner_data.asset_id, uint256_t(0)); - } -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.cpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.cpp deleted file mode 100644 index 71d79064ed..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.cpp +++ /dev/null @@ -1,95 +0,0 @@ -#include "rollup_proof_data.hpp" -#include "../../constants.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" - -namespace rollup { -namespace proofs { -namespace rollup { - -rollup_proof_data::rollup_proof_data(std::vector const& proof_data) -{ - using serialize::read; - auto ptr = proof_data.data(); - ptr += 60; - read(ptr, rollup_size); - - auto num_fields = RollupProofFields::INNER_PROOFS_DATA + (rollup_size * InnerProofFields::NUM_FIELDS) + 16; - std::vector fields(num_fields); - - ptr = proof_data.data(); - for (size_t i = 0; i < num_fields; ++i) { - read(ptr, fields[i]); - } - - populate_from_fields(fields); -} - -rollup_proof_data::rollup_proof_data(std::vector const& fields) -{ - populate_from_fields(fields); -} - -rollup_proof_data::rollup_proof_data(std::vector const& stdlib_fields) -{ - std::vector fields; - for (const auto& stdlib_field : stdlib_fields) { - fields.push_back(stdlib_field.get_value()); - } - populate_from_fields(fields); -} - -void rollup_proof_data::populate_from_fields(std::vector const& fields) -{ - rollup_id = static_cast(fields[RollupProofFields::ROLLUP_ID]); - rollup_size = static_cast(fields[RollupProofFields::ROLLUP_SIZE]); - data_start_index = static_cast(fields[RollupProofFields::DATA_START_INDEX]); - old_data_root = fields[RollupProofFields::OLD_DATA_ROOT]; - new_data_root = fields[RollupProofFields::NEW_DATA_ROOT]; - old_null_root = fields[RollupProofFields::OLD_NULL_ROOT]; - new_null_root = fields[RollupProofFields::NEW_NULL_ROOT]; - old_data_roots_root = fields[RollupProofFields::OLD_DATA_ROOTS_ROOT]; - new_data_roots_root = fields[RollupProofFields::NEW_DATA_ROOTS_ROOT]; - old_defi_root = fields[RollupProofFields::OLD_DEFI_ROOT]; - new_defi_root = fields[RollupProofFields::NEW_DEFI_ROOT]; - for (size_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; ++i) { - bridge_call_datas[i] = fields[RollupProofFields::DEFI_BRIDGE_CALL_DATAS + i]; - } - for (size_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; ++i) { - deposit_sums[i] = fields[RollupProofFields::DEFI_BRIDGE_DEPOSITS + i]; - } - for (size_t i = 0; i < NUM_ASSETS; ++i) { - asset_ids[i] = fields[RollupProofFields::ASSET_IDS + i]; - } - for (size_t i = 0; i < NUM_ASSETS; ++i) { - total_tx_fees[i] = fields[RollupProofFields::TOTAL_TX_FEES + i]; - } - input_hash = fields[RollupProofFields::INPUTS_HASH]; - - inner_proofs.resize(rollup_size); - for (size_t i = 0; i < rollup_size; ++i) { - auto offset = RollupProofFields::INNER_PROOFS_DATA + (i * PropagatedInnerProofFields::NUM_FIELDS); - inner_proofs[i].proof_id = fields[offset + PropagatedInnerProofFields::PROOF_ID]; - inner_proofs[i].note_commitment1 = fields[offset + PropagatedInnerProofFields::NOTE_COMMITMENT1]; - inner_proofs[i].note_commitment2 = fields[offset + PropagatedInnerProofFields::NOTE_COMMITMENT2]; - inner_proofs[i].nullifier1 = fields[offset + PropagatedInnerProofFields::NULLIFIER1]; - inner_proofs[i].nullifier2 = fields[offset + PropagatedInnerProofFields::NULLIFIER2]; - inner_proofs[i].public_value = fields[offset + PropagatedInnerProofFields::PUBLIC_VALUE]; - inner_proofs[i].public_owner = fields[offset + PropagatedInnerProofFields::PUBLIC_OWNER]; - inner_proofs[i].asset_id = fields[offset + PropagatedInnerProofFields::PUBLIC_ASSET_ID]; - } - - auto offset = RollupProofFields::INNER_PROOFS_DATA + (rollup_size * PropagatedInnerProofFields::NUM_FIELDS); - for (auto& coord : - { &recursion_output[0].x, &recursion_output[0].y, &recursion_output[1].x, &recursion_output[1].y }) { - uint256_t limb[4]; - for (size_t li = 0; li < 4; ++li) { - limb[li] = fields[offset++]; - } - *coord = limb[0] + (uint256_t(1) << 68) * limb[1] + (uint256_t(1) << 136) * limb[2] + - (uint256_t(1) << 204) * limb[3]; - } -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.hpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.hpp deleted file mode 100644 index b746221bf3..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_proof_data.hpp +++ /dev/null @@ -1,137 +0,0 @@ -#pragma once -#include -#include "../../constants.hpp" - -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace plonk::stdlib::types::turbo; - -namespace RollupProofFields { -enum { - ROLLUP_ID, - ROLLUP_SIZE, - DATA_START_INDEX, - OLD_DATA_ROOT, - NEW_DATA_ROOT, - OLD_NULL_ROOT, - NEW_NULL_ROOT, - OLD_DATA_ROOTS_ROOT, - NEW_DATA_ROOTS_ROOT, - OLD_DEFI_ROOT, - NEW_DEFI_ROOT, - DEFI_BRIDGE_CALL_DATAS, - DEFI_BRIDGE_DEPOSITS = DEFI_BRIDGE_CALL_DATAS + NUM_BRIDGE_CALLS_PER_BLOCK, - ASSET_IDS = DEFI_BRIDGE_DEPOSITS + NUM_BRIDGE_CALLS_PER_BLOCK, - TOTAL_TX_FEES = ASSET_IDS + NUM_ASSETS, - INPUTS_HASH = TOTAL_TX_FEES + NUM_ASSETS, - INNER_PROOFS_DATA, -}; -} // namespace RollupProofFields - -namespace RollupProofOffsets { -enum { - ROLLUP_ID = RollupProofFields::ROLLUP_ID * 32, - ROLLUP_SIZE = RollupProofFields::ROLLUP_SIZE * 32, - DATA_START_INDEX = RollupProofFields::DATA_START_INDEX * 32, - OLD_DATA_ROOT = RollupProofFields::OLD_DATA_ROOT * 32, - NEW_DATA_ROOT = RollupProofFields::NEW_DATA_ROOT * 32, - OLD_NULL_ROOT = RollupProofFields::OLD_NULL_ROOT * 32, - NEW_NULL_ROOT = RollupProofFields::NEW_NULL_ROOT * 32, - OLD_DATA_ROOTS_ROOT = RollupProofFields::OLD_DATA_ROOTS_ROOT * 32, - NEW_DATA_ROOTS_ROOT = RollupProofFields::NEW_DATA_ROOTS_ROOT * 32, - OLD_DEFI_ROOT = RollupProofFields::OLD_DEFI_ROOT * 32, - NEW_DEFI_ROOT = RollupProofFields::NEW_DEFI_ROOT * 32, - DEFI_BRIDGE_CALL_DATAS = RollupProofFields::DEFI_BRIDGE_CALL_DATAS * 32, - DEFI_BRIDGE_DEPOSITS = RollupProofFields::DEFI_BRIDGE_DEPOSITS * 32, - ASSET_IDS = RollupProofFields::ASSET_IDS * 32, - TOTAL_TX_FEES = RollupProofFields::TOTAL_TX_FEES * 32, - INNER_PROOFS_DATA = RollupProofFields::INNER_PROOFS_DATA * 32, -}; -} // namespace RollupProofOffsets - -namespace PropagatedInnerProofFields { -enum { - PROOF_ID, - NOTE_COMMITMENT1, - NOTE_COMMITMENT2, - NULLIFIER1, - NULLIFIER2, - PUBLIC_VALUE, - PUBLIC_OWNER, - PUBLIC_ASSET_ID, - NUM_FIELDS -}; -} - -struct propagated_inner_proof_data { - uint256_t proof_id; - grumpkin::fq note_commitment1; - grumpkin::fq note_commitment2; - uint256_t nullifier1; - uint256_t nullifier2; - uint256_t public_value; - fr public_owner; - uint256_t asset_id; - - bool operator==(const propagated_inner_proof_data& other) const = default; -}; - -struct rollup_proof_data { - uint32_t rollup_id; - uint32_t rollup_size; - uint32_t data_start_index; - fr old_data_root; - fr new_data_root; - fr old_null_root; - fr new_null_root; - fr old_data_roots_root; - fr new_data_roots_root; - fr old_defi_root; - fr new_defi_root; - std::array bridge_call_datas; - std::array deposit_sums; - std::array asset_ids; - std::array total_tx_fees; - fr input_hash; - std::vector inner_proofs; - g1::affine_element recursion_output[2]; - - rollup_proof_data() {} - rollup_proof_data(std::vector const& fields); - rollup_proof_data(std::vector const& proof_data); - rollup_proof_data(std::vector const& fields); - - bool operator==(const rollup_proof_data& other) const = default; - - private: - virtual void populate_from_fields(std::vector const& fields); -}; - -inline std::ostream& operator<<(std::ostream& os, rollup_proof_data const& data) -{ - // clang-format off - return os << "{\n" - << " data_start_index: " << data.data_start_index << "\n" - << " old_data_root: " << data.old_data_root << "\n" - << " new_data_root: " << data.new_data_root << "\n" - << " old_null_root: " << data.old_null_root << "\n" - << " new_null_root: " << data.new_null_root << "\n" - << " old_data_roots_root: " << data.old_data_roots_root << "\n" - << " new_data_roots_root: " << data.new_data_roots_root << "\n" - << " old_defi_root: " << data.old_defi_root << "\n" - << " new_defi_root: " << data.new_defi_root << "\n" - << " bridge_call_datas: " << data.bridge_call_datas << "\n" - << " deposit_sums: " << data.deposit_sums << "\n" - << " asset_ids: " << data.asset_ids << "\n" - << " total_tx_fees: " << data.total_tx_fees << "\n" - // << " inner_proofs: " << data.inner_proofs << "\n" - // << " recursion_output: " << data.recursion_output << "\n" - << "}"; - // clang-format on -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_tx.hpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_tx.hpp deleted file mode 100644 index 47d44e8680..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_tx.hpp +++ /dev/null @@ -1,160 +0,0 @@ -#pragma once -#include -#include -#include -#include -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace barretenberg; -using namespace plonk::stdlib::merkle_tree; - -struct rollup_tx { - uint32_t rollup_id; - uint32_t num_txs; - uint32_t data_start_index; - std::vector> txs; - - // data subtree insertion info - fr old_data_root; - fr new_data_root; - fr_hash_path old_data_path; - - // Backward-linked commitments' membership check witnesses: - // Note: only commitments at the beginning of a split chain will need a valid membership witness. - // Note: we use the term 'linked' to allow easier generalisation to linking txs in future. - // We can re-use the old_data_root from above - std::vector linked_commitment_paths; - std::vector linked_commitment_indices; - - // nullifier membership check info - fr old_null_root; - std::vector new_null_roots; - std::vector old_null_paths; - - fr data_roots_root; - // Paths at indicies proving each tx proof's data root is valid. - std::vector data_roots_paths; - std::vector data_roots_indicies; - - // The defi root after inserting the interaction notes. - fr new_defi_root; - // All defi deposits must match one of these. - std::vector bridge_call_datas; - - // Each asset must match one of these. - std::vector asset_ids; - - bool operator==(rollup_tx const&) const = default; - - // Not serialized or known about externally. Populated before the tx is padded. - size_t num_defi_interactions; - - // Not serialized or known about externally. Number of assets (< NUM_ASSETS) allowed in this rollup. - size_t num_asset_ids; -}; - -template inline void read(B& buf, rollup_tx& tx) -{ - using serialize::read; - read(buf, tx.rollup_id); - read(buf, tx.num_txs); - read(buf, tx.data_start_index); - read(buf, tx.txs); - - read(buf, tx.old_data_root); - read(buf, tx.new_data_root); - read(buf, tx.old_data_path); - - read(buf, tx.linked_commitment_paths); - read(buf, tx.linked_commitment_indices); - - read(buf, tx.old_null_root); - read(buf, tx.new_null_roots); - read(buf, tx.old_null_paths); - - read(buf, tx.data_roots_root); - read(buf, tx.data_roots_paths); - read(buf, tx.data_roots_indicies); - - read(buf, tx.new_defi_root); - read(buf, tx.bridge_call_datas); - read(buf, tx.asset_ids); -} - -template inline void write(B& buf, rollup_tx const& tx) -{ - using serialize::write; - write(buf, tx.rollup_id); - write(buf, tx.num_txs); - write(buf, tx.data_start_index); - write(buf, tx.txs); - - write(buf, tx.old_data_root); - write(buf, tx.new_data_root); - write(buf, tx.old_data_path); - - write(buf, tx.linked_commitment_paths); - write(buf, tx.linked_commitment_indices); - - write(buf, tx.old_null_root); - write(buf, tx.new_null_roots); - write(buf, tx.old_null_paths); - - write(buf, tx.data_roots_root); - write(buf, tx.data_roots_paths); - write(buf, tx.data_roots_indicies); - - write(buf, tx.new_defi_root); - write(buf, tx.bridge_call_datas); - write(buf, tx.asset_ids); -} - -inline std::ostream& operator<<(std::ostream& os, rollup_tx const& tx) -{ - os << "rollup_id: " << tx.rollup_id << "\n"; - os << "num_txs: " << tx.num_txs << "\n"; - os << "data_start_index: " << tx.data_start_index << "\n"; - os << "proof_data:\n"; - for (auto p : tx.txs) { - os << p << "\n"; - } - - os << "\nDATA TREE UPDATE CONTEXT:\n"; - os << "old_data_root: " << tx.old_data_root << "\n"; - os << "new_data_root: " << tx.new_data_root << "\n"; - os << "old_data_path: " << tx.old_data_path << "\n"; - os << "linked_commitment_paths: " << tx.linked_commitment_paths << "\n"; - os << "linked_commitment_indices: " << tx.linked_commitment_indices << "\n"; - - os << "\nNULL TREE UPDATE CONTEXT:\n"; - os << "old_null_root: " << tx.old_null_root << "\n"; - os << "new_null_roots:\n"; - for (auto e : tx.new_null_roots) { - os << e << "\n"; - } - os << "old_null_paths:\n"; - for (auto e : tx.old_null_paths) { - os << e << "\n"; - } - - os << "data_roots_root: " << tx.data_roots_root << "\n"; - os << "data_roots_paths:\n"; - for (auto e : tx.data_roots_paths) { - os << e << "\n"; - } - os << "data_roots_indicies: " << tx.data_roots_indicies; - os << "new_defi_root: " << tx.new_defi_root << "\n"; - os << "bridge_call_datas: " << tx.bridge_call_datas; - os << "asset_ids: " << tx.asset_ids; - return os; -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/rollup_tx.test.cpp b/cpp/src/aztec/rollup/proofs/rollup/rollup_tx.test.cpp deleted file mode 100644 index b02ac53dab..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/rollup_tx.test.cpp +++ /dev/null @@ -1,57 +0,0 @@ -#include "rollup_tx.hpp" -#include "../../constants.hpp" -#include - -using namespace rollup::proofs::rollup; -using namespace barretenberg; - -TEST(rollup_tx, test_serialization) -{ - auto random_pair = std::make_pair(fr::random_element(), fr::random_element()); - - rollup_tx rollup; - rollup.rollup_id = 1; - rollup.num_txs = 3; - rollup.data_start_index = 0; - rollup.txs = std::vector(rollup.num_txs, std::vector(123, 0x80)); - - rollup.old_data_root = fr::random_element(); - rollup.new_data_root = fr::random_element(); - rollup.old_data_path = fr_hash_path(32, random_pair); - - rollup.old_null_root = fr::random_element(); - rollup.new_null_roots = std::vector(rollup.num_txs * 2, fr::random_element()); - rollup.old_null_paths = std::vector(rollup.num_txs * 2, fr_hash_path(rollup::NULL_TREE_DEPTH, random_pair)); - - rollup.data_roots_root = fr::random_element(); - rollup.data_roots_paths = std::vector(rollup.num_txs, fr_hash_path(28, random_pair)); - rollup.data_roots_indicies = std::vector(rollup.num_txs, 0U); - - rollup.new_defi_root = fr::random_element(); - rollup.bridge_call_datas = { 0, 1, 2, 3 }; - rollup.asset_ids = { 4, 5, 6, 7 }; - - auto buf = to_buffer(rollup); - auto result = from_buffer(buf); - - EXPECT_EQ(result.rollup_id, rollup.rollup_id); - EXPECT_EQ(result.num_txs, rollup.num_txs); - EXPECT_EQ(result.data_start_index, rollup.data_start_index); - EXPECT_EQ(result.txs, rollup.txs); - - EXPECT_EQ(result.old_data_root, rollup.old_data_root); - EXPECT_EQ(result.new_data_root, rollup.new_data_root); - EXPECT_EQ(result.old_data_path, rollup.old_data_path); - - EXPECT_EQ(result.old_null_root, rollup.old_null_root); - EXPECT_EQ(result.new_null_roots, rollup.new_null_roots); - EXPECT_EQ(result.old_null_paths, rollup.old_null_paths); - - EXPECT_EQ(result.data_roots_root, rollup.data_roots_root); - EXPECT_EQ(result.data_roots_paths, rollup.data_roots_paths); - EXPECT_EQ(result.data_roots_indicies, rollup.data_roots_indicies); - - EXPECT_EQ(result.new_defi_root, rollup.new_defi_root); - EXPECT_EQ(result.bridge_call_datas, rollup.bridge_call_datas); - EXPECT_EQ(result.asset_ids, rollup.asset_ids); -} diff --git a/cpp/src/aztec/rollup/proofs/rollup/verify.cpp b/cpp/src/aztec/rollup/proofs/rollup/verify.cpp deleted file mode 100644 index 68fa30ef7b..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/verify.cpp +++ /dev/null @@ -1,46 +0,0 @@ -#include "./verify.hpp" - -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; - -namespace { -verify_result build_circuit(Composer& composer, rollup_tx& tx, circuit_data const& cd) -{ - verify_result result; - - if (!cd.join_split_circuit_data.verification_key) { - info("Join split verification key not provided."); - return result; - } - - if (cd.join_split_circuit_data.padding_proof.size() == 0) { - info("Join split padding proof not provided."); - return result; - } - - pad_rollup_tx(tx, cd.num_txs, cd.join_split_circuit_data.padding_proof); - - result.recursion_output = rollup_circuit(composer, tx, cd.verification_keys, cd.num_txs); - return result; -} -} // namespace - -verify_result verify_logic(rollup_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_logic_internal(composer, tx, cd, "tx rollup", build_circuit); -} - -verify_result verify(rollup_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_internal(composer, tx, cd, "tx rollup", true, build_circuit); -} - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/rollup/verify.hpp b/cpp/src/aztec/rollup/proofs/rollup/verify.hpp deleted file mode 100644 index 6225b42234..0000000000 --- a/cpp/src/aztec/rollup/proofs/rollup/verify.hpp +++ /dev/null @@ -1,17 +0,0 @@ -#pragma once -#include "compute_circuit_data.hpp" -#include "rollup_tx.hpp" - -namespace rollup { -namespace proofs { -namespace rollup { - -using namespace plonk::stdlib::types::turbo; - -verify_result verify_logic(rollup_tx& tx, circuit_data const& cd); - -verify_result verify(rollup_tx& tx, circuit_data const& cd); - -} // namespace rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/root_rollup/CMakeLists.txt deleted file mode 100644 index a8e614e871..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -barretenberg_module(rollup_proofs_root_rollup rollup_proofs_tx_rollup) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.cpp deleted file mode 100644 index b790488995..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.cpp +++ /dev/null @@ -1,88 +0,0 @@ -#include "./compute_circuit_data.hpp" -#include "../rollup/compute_circuit_data.hpp" -#include "root_rollup_tx.hpp" -#include "root_rollup_circuit.hpp" -#include -#include -#include "./root_rollup_proof_data.hpp" - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace join_split; - -circuit_data get_circuit_data(size_t num_inner_rollups, - rollup::circuit_data const& rollup_circuit_data, - std::shared_ptr const& srs, - std::string const& key_path, - bool compute, - bool save, - bool load, - bool pk, - bool vk, - bool mock) -{ - auto rollup_size = num_inner_rollups * rollup_circuit_data.rollup_size; - auto floor = 1UL << numeric::get_msb(rollup_size); - auto rollup_size_pow2 = rollup_size == floor ? rollup_size : floor << 1UL; - std::cerr << "Getting root rollup circuit data: (size: " << rollup_size_pow2 << ")" << std::endl; - auto name = format("root_rollup_", rollup_circuit_data.num_txs, "x", num_inner_rollups); - - auto build_circuit = [&](Composer& composer) { - auto gibberish_roots_path = - fr_hash_path(ROOT_TREE_DEPTH, std::make_pair(fr::random_element(), fr::random_element())); - auto gibberish_defi_path = - fr_hash_path(DEFI_TREE_DEPTH, std::make_pair(fr::random_element(), fr::random_element())); - - root_rollup_tx root_rollup; - root_rollup.old_data_roots_root = fr::random_element(); - root_rollup.new_data_roots_root = fr::random_element(); - root_rollup.old_data_roots_path = gibberish_roots_path; - root_rollup.num_inner_proofs = 0; - root_rollup.rollups.resize(num_inner_rollups, rollup_circuit_data.padding_proof); - root_rollup.old_defi_root = fr::random_element(); - root_rollup.new_defi_root = fr::random_element(); - root_rollup.old_defi_path = gibberish_defi_path; - root_rollup.bridge_call_datas.resize(NUM_BRIDGE_CALLS_PER_BLOCK); - root_rollup.asset_ids.resize(NUM_ASSETS, MAX_NUM_ASSETS); - root_rollup.defi_interaction_notes.resize(NUM_BRIDGE_CALLS_PER_BLOCK); - root_rollup.num_previous_defi_interactions = 0; - root_rollup_circuit(composer, - root_rollup, - rollup_circuit_data.rollup_size, - rollup_size_pow2, - rollup_circuit_data.verification_key); - }; - - auto cd = proofs::get_circuit_data("root rollup", - name, - srs, - key_path, - compute, - save, - load, - pk, - vk, - true, - mock, - build_circuit, - format(" ", rollup_circuit_data.num_txs, "x", num_inner_rollups)); - - circuit_data data; - data.num_gates = cd.num_gates; - data.srs = cd.srs; - data.padding_proof = cd.padding_proof; - data.proving_key = cd.proving_key; - data.verification_key = cd.verification_key; - data.num_inner_rollups = num_inner_rollups; - data.rollup_size = rollup_size_pow2; - data.inner_rollup_circuit_data = rollup_circuit_data; - data.mock = cd.mock; - - return data; -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.hpp deleted file mode 100644 index 3761ab62b3..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/compute_circuit_data.hpp +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once -#include "../rollup/compute_circuit_data.hpp" - -namespace rollup { -namespace proofs { -namespace root_rollup { - -struct circuit_data : proofs::circuit_data { - size_t num_inner_rollups; - size_t rollup_size; - rollup::circuit_data inner_rollup_circuit_data; -}; - -circuit_data get_circuit_data(size_t num_inner_rollups, - rollup::circuit_data const& rollup_circuit_data, - std::shared_ptr const& srs, - std::string const& key_path, - bool compute = true, - bool save = true, - bool load = true, - bool pk = true, - bool vk = true, - bool mock = false); - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/create_root_rollup_tx.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/create_root_rollup_tx.hpp deleted file mode 100644 index c55f0461bf..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/create_root_rollup_tx.hpp +++ /dev/null @@ -1,63 +0,0 @@ -#pragma once -#include "compute_circuit_data.hpp" -#include "verify.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../notes/native/defi_interaction/note.hpp" -#include "../../world_state/world_state.hpp" -#include - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using WorldState = world_state::WorldState; - -inline void pad_root_rollup_tx(root_rollup_tx& rollup, circuit_data const& circuit_data) -{ - rollup.rollups.resize(circuit_data.num_inner_rollups, circuit_data.inner_rollup_circuit_data.padding_proof); - rollup.num_previous_defi_interactions = rollup.defi_interaction_notes.size(); - rollup.defi_interaction_notes.resize(NUM_BRIDGE_CALLS_PER_BLOCK); - rollup.bridge_call_datas.resize(NUM_BRIDGE_CALLS_PER_BLOCK); - rollup.asset_ids.resize(NUM_ASSETS, MAX_NUM_ASSETS); -} - -inline root_rollup_tx create_root_rollup_tx(WorldState& world_state, - uint32_t rollup_id, - fr old_defi_root, - plonk::stdlib::merkle_tree::fr_hash_path const& old_defi_path, - std::vector> const& inner_rollups, - std::vector const& bridge_call_datas = {}, - std::vector const& asset_ids = { 0 }, - std::vector const& interaction_notes = {}, - fr rollup_beneficiary = 0) -{ - auto& data_tree = world_state.data_tree; - auto& root_tree = world_state.root_tree; - auto& defi_tree = world_state.defi_tree; - - auto root_index = root_tree.size(); - - root_rollup_tx tx; - tx.rollup_id = rollup_id; - tx.num_inner_proofs = static_cast(inner_rollups.size()); - tx.rollups = inner_rollups; - tx.old_data_roots_root = root_tree.root(); - tx.old_data_roots_path = root_tree.get_hash_path(root_index); - auto data_root = data_tree.root(); - root_tree.update_element(root_index, data_root); - tx.new_data_roots_root = root_tree.root(); - - tx.old_defi_root = old_defi_root; - tx.old_defi_path = old_defi_path; - tx.new_defi_root = defi_tree.root(); - - tx.bridge_call_datas = bridge_call_datas; - tx.asset_ids = asset_ids; - tx.defi_interaction_notes = interaction_notes; - tx.rollup_beneficiary = rollup_beneficiary; - return tx; -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/index.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/index.hpp deleted file mode 100644 index aa7e985b70..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/index.hpp +++ /dev/null @@ -1,7 +0,0 @@ -#include "compute_circuit_data.hpp" -#include "create_root_rollup_tx.hpp" -#include "root_rollup_circuit.hpp" -#include "root_rollup_broadcast_data.hpp" -#include "root_rollup_proof_data.hpp" -#include "root_rollup_tx.hpp" -#include "verify.hpp" \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup.test.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup.test.cpp deleted file mode 100644 index d81e34884e..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup.test.cpp +++ /dev/null @@ -1,383 +0,0 @@ -#include -#include -#include -#include "index.hpp" -#include "../rollup/index.hpp" -#include "../notes/native/index.hpp" -#include "../../fixtures/test_context.hpp" -#include "../../fixtures/compute_or_load_fixture.hpp" -#include - -// #pragma GCC diagnostic ignored "-Wunused-variable" -// #pragma GCC diagnostic ignored "-Wunused-parameter" -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace barretenberg; -using namespace notes::native; -using namespace plonk::stdlib::merkle_tree; - -namespace { -#ifdef CI -bool persist = false; -#else -bool persist = true; -#endif -std::shared_ptr srs; -join_split::circuit_data js_cd; -proofs::account::circuit_data account_cd; -proofs::circuit_data claim_cd; -rollup::circuit_data tx_rollup_cd; -circuit_data root_rollup_cd; -} // namespace - -class root_rollup_tests : public ::testing::Test { - protected: - static constexpr auto CRS_PATH = "../srs_db/ignition"; - static constexpr auto FIXTURE_PATH = "../src/aztec/rollup/proofs/root_rollup/fixtures"; - static constexpr auto TEST_PROOFS_PATH = "../src/aztec/rollup/proofs/root_rollup/fixtures/test_proofs"; - static constexpr auto INNER_ROLLUP_TXS = 2U; - static constexpr auto ROLLUPS_PER_ROLLUP = 3U; - - typedef std::vector>> RollupStructure; - - root_rollup_tests() - : context(js_cd, account_cd, claim_cd) - , js_proofs(get_js_proofs(5)) - {} - - static void SetUpTestCase() - { - auto recreate = !exists(FIXTURE_PATH); - std::filesystem::create_directories(FIXTURE_PATH); - std::filesystem::create_directories(TEST_PROOFS_PATH); - srs = std::make_shared(CRS_PATH); - - account_cd = proofs::account::get_circuit_data(srs); - js_cd = join_split::get_circuit_data(srs); - claim_cd = proofs::claim::get_circuit_data(srs); - - if (recreate) { - // If no fixtures dir, recreate all proving keys, verification keys, padding proofs etc. - tx_rollup_cd = rollup::get_circuit_data( - INNER_ROLLUP_TXS, js_cd, account_cd, claim_cd, srs, FIXTURE_PATH, true, persist, persist); - } else { - // Otherwise we should only need the inner proofs verification key for logic tests. - tx_rollup_cd = rollup::get_circuit_data( - INNER_ROLLUP_TXS, js_cd, account_cd, claim_cd, srs, FIXTURE_PATH, false, false, true, false, true); - } - root_rollup_cd = - get_circuit_data(ROLLUPS_PER_ROLLUP, tx_rollup_cd, srs, FIXTURE_PATH, false, false, false, false, false); - } - - root_rollup_tx create_root_rollup_tx(std::string const& test_name, - RollupStructure const& rollup_structure, - std::vector> bridge_call_datas = { {}, {}, {} }, - std::vector bridge_call_datas_union = {}, - std::vector> asset_ids = { { 0 }, { 0 }, { 0 } }, - std::vector asset_ids_union = { 0 }, - std::vector const& interaction_notes = {}) - { - uint32_t rollup_id = static_cast(context.world_state.root_tree.size() - 1); - auto old_defi_root = context.world_state.defi_tree.root(); - auto old_defi_path = context.world_state.defi_tree.get_hash_path(rollup_id * NUM_INTERACTION_RESULTS_PER_BLOCK); - context.world_state.add_defi_notes(interaction_notes, rollup_id * NUM_INTERACTION_RESULTS_PER_BLOCK); - - std::vector> inner_data; - for (size_t i = 0; i < rollup_structure.size(); ++i) { - auto tx_proofs = rollup_structure[i]; - auto rollup = rollup::create_rollup_tx( - context.world_state, INNER_ROLLUP_TXS, tx_proofs, bridge_call_datas[i], asset_ids[i]); - auto fixture_name = format(test_name, "_rollup", rollup_id, "_inner", inner_data.size()); - auto proof_data = compute_or_load_rollup(fixture_name, rollup); - if (proof_data.empty()) { - throw_or_abort("Failed to create inner rollup proof."); - } - inner_data.push_back(proof_data); - } - - return root_rollup::create_root_rollup_tx(context.world_state, - rollup_id, - old_defi_root, - old_defi_path, - inner_data, - bridge_call_datas_union, - asset_ids_union, - interaction_notes); - } - - std::vector compute_or_load_rollup(std::string const& name, rollup::rollup_tx& rollup) - { - return fixtures::compute_or_load_fixture(TEST_PROOFS_PATH, name, [&] { - // We need to ensure we have a proving key to build the inner proof fixtures. - if (!tx_rollup_cd.proving_key) { - tx_rollup_cd = rollup::get_circuit_data( - INNER_ROLLUP_TXS, js_cd, account_cd, claim_cd, srs, FIXTURE_PATH, true, true, true); - root_rollup_cd.inner_rollup_circuit_data = tx_rollup_cd; - } - return rollup::verify(rollup, tx_rollup_cd).proof_data; - }); - } - - // Create and return n deposit join split proofs. - std::vector> get_js_proofs(uint32_t n) - { - std::vector> proofs; - for (uint32_t i = 0; i < n; ++i) { - auto js_proof = fixtures::compute_or_load_fixture(TEST_PROOFS_PATH, format("js", i), [&] { - return context.create_join_split_proof({}, {}, { 100, 50 }, 150); - }); - proofs.push_back(js_proof); - } - return proofs; - } - - root_rollup_tx create_full_logic_root_rollup_tx() - { - uint32_t aid1 = 1, aid2 = 2, aid3 = 3; - context.append_value_notes({ 100, 50 }); - context.append_value_notes({ 100, 50 }, aid1); - context.append_value_notes({ 100, 50, 100, 50, 100, 50 }, aid2); - context.append_value_notes({ 100, 50 }, aid3); - context.start_next_root_rollup(); - - const notes::native::bridge_call_data bid2 = { - .bridge_address_id = 1, - .input_asset_id_a = aid2, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = 1, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - - const notes::native::bridge_call_data bid3 = { - .bridge_address_id = 2, - .input_asset_id_a = aid3, - .input_asset_id_b = 0, - .output_asset_id_a = 0, - .output_asset_id_b = 1, - .config = notes::native::bridge_call_data::bit_config{ .second_input_in_use = false, - .second_output_in_use = true }, - .aux_data = 0 - }; - - auto js_proof1 = context.create_join_split_proof({ 0, 1 }, { 100, 50 }, { 70, 80 - 7 }); // fee = 7 - auto js_proof2 = - context.create_join_split_proof({ 2, 3 }, { 100, 50 }, { 20, 130 - 15 }, 0, 0, 0, aid1); // fee = 15 - auto js_proof3 = - context.create_join_split_proof({ 4, 5 }, { 100, 50 }, { 10, 140 - 9 }, 0, 0, 0, aid2); // fee = 9 - auto defi_proof1 = context.create_defi_proof({ 6, 7 }, { 100, 50 }, { 30, 102 }, bid2, aid2); // fee = 18 - auto defi_proof2 = context.create_defi_proof({ 8, 9 }, { 100, 50 }, { 50, 80 }, bid2, aid2); // fee = 20 - auto defi_proof3 = context.create_defi_proof({ 10, 11 }, { 100, 50 }, { 20, 111 }, bid3, aid3); // fee = 19 - - // Add some defi interaction notes. - std::vector interaction_notes = { { 1, 0, 3, 4, 5, false }, - { 2, 1, 4, 5, 6, true } }; - return create_root_rollup_tx( - "root_full_logic", - { { js_proof1, js_proof2 }, { defi_proof1, defi_proof3 }, { js_proof3, defi_proof2 } }, - { {}, { bid2, bid3 }, { bid2 } }, - { bid2, bid3 }, - { { 0, aid1 }, { aid2, aid3 }, { aid2 } }, - { 0, aid1, aid3, aid2 }, - interaction_notes); - } - - fixtures::TestContext context; - std::vector> js_proofs; -}; - -/* - * Due the the length of time it takes to produce inner proofs, they're saved in fixtures. - * If they need to be recomputed due to a circuit change or otherwise, delete files in ./fixtures/test_proofs. (You - * might need to delete all of the fixtures). The fixtures' names are named so as to reduce unnecessary (re)computation - * between tests. i.e. If a rollup has a structure shorter than its name suggests, it's because it can reuse the - * fixtures from the longer rollup structure due to them having the same leading structure. - */ -TEST_F(root_rollup_tests, test_1_real_2_padding) -{ - auto tx_data = create_root_rollup_tx("root_1", { { js_proofs[0] } }); - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_2_real_1_padding) -{ - auto tx_data = create_root_rollup_tx("root_211", { { js_proofs[0], js_proofs[1] }, { js_proofs[2] } }); - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_3_real_0_padding) -{ - auto tx_data = create_root_rollup_tx( - "root_221", { { js_proofs[0], js_proofs[1] }, { js_proofs[2], js_proofs[3] }, { js_proofs[4] } }); - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_incorrect_new_data_root_fails) -{ - auto tx_data = create_root_rollup_tx("bad_new_data_root_fail", { { js_proofs[0] } }); - tx_data.new_data_roots_root = fr::random_element(); - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_inner_rollups_out_of_order_fail) -{ - auto tx_data = - create_root_rollup_tx("root_221", { { js_proofs[0], js_proofs[1] }, { js_proofs[2], js_proofs[3] } }); - std::swap(tx_data.rollups[0], tx_data.rollups[1]); - - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_invalid_padding_proof_fail) -{ - auto tx_data = create_root_rollup_tx( - "root_221", { { js_proofs[0], js_proofs[1] }, { js_proofs[2], js_proofs[3] }, { js_proofs[4] } }); - tx_data.num_inner_proofs = 2; - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_invalid_last_proof_fail) -{ - auto tx_data = create_root_rollup_tx("root_221", { { js_proofs[0], js_proofs[1] } }); - tx_data.num_inner_proofs = 2; - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_defi_valid_previous_defi_hash_for_0_interactions) -{ - auto tx_data = create_root_rollup_tx("root_1", { { js_proofs[0] } }); - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); - - std::vector sha256_input; - for (size_t i = 0; i < NUM_INTERACTION_RESULTS_PER_BLOCK; i++) { - notes::native::defi_interaction::note note = { 0, 0, 0, 0, 0, false }; - auto buf = note.to_byte_array(); - uint256_t note_hash = uint256_t(sha256::sha256_to_field(buf)); - write(sha256_input, note_hash); - } - auto expected = sha256::sha256_to_field(sha256_input); - - root_rollup_broadcast_data data(result.broadcast_data); - ASSERT_EQ(data.previous_defi_interaction_hash, expected); -} - -TEST_F(root_rollup_tests, test_encode_inputs) -{ - auto tx_data = create_root_rollup_tx("root_211", { { js_proofs[0], js_proofs[1] }, { js_proofs[2] } }); - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); - - root_rollup_broadcast_data broadcast_data(result.broadcast_data); - root_rollup_proof_data proof_data(result.public_inputs); - - auto hash_output = broadcast_data.compute_hash(); - EXPECT_EQ(hash_output, proof_data.input_hash); -} - -TEST_F(root_rollup_tests, test_asset_ids_missing_fails) -{ - auto tx_data = create_full_logic_root_rollup_tx(); - tx_data.asset_ids[0] = tx_data.asset_ids[1]; // asset_ids = [0, aid3, aid3, aid2] - - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_asset_ids_repeating_fails) -{ - auto tx_data = create_full_logic_root_rollup_tx(); - tx_data.asset_ids[1] = tx_data.asset_ids[0]; // asset_ids = [0, aid1, aid1, aid2] - - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_asset_ids_reordering) -{ - auto tx_data = create_full_logic_root_rollup_tx(); - std::swap(tx_data.asset_ids[1], tx_data.asset_ids[2]); // asset_ids = [0, aid1, aid2, aid3] - - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_bridge_call_datas_missing_fails) -{ - auto tx_data = create_full_logic_root_rollup_tx(); - tx_data.bridge_call_datas[0] = tx_data.bridge_call_datas[1]; // bridge_call_datas = [bid3, bid3, 0, 0] - - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_bridge_call_datas_repeating_fails) -{ - auto tx_data = create_full_logic_root_rollup_tx(); - tx_data.bridge_call_datas[1] = tx_data.bridge_call_datas[0]; // bridge_call_datas = [bid2, bid2, 0, 0] - - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_FALSE(result.logic_verified); -} - -TEST_F(root_rollup_tests, test_bridge_call_datas_reordering) -{ - auto tx_data = create_full_logic_root_rollup_tx(); - std::swap(tx_data.bridge_call_datas[1], tx_data.bridge_call_datas[0]); // bridge_call_datas = [bid3, bid2, 0, 0] - - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); -} - -// Full logic tests -TEST_F(root_rollup_tests, test_full_logic) -{ - auto tx_data = create_full_logic_root_rollup_tx(); - auto result = verify_logic(tx_data, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); - - root_rollup_broadcast_data rollup_data = result.broadcast_data; - EXPECT_EQ(rollup_data.bridge_call_datas[0], fr(tx_data.bridge_call_datas[0])); - EXPECT_EQ(rollup_data.bridge_call_datas[1], fr(tx_data.bridge_call_datas[1])); - EXPECT_EQ(rollup_data.bridge_call_datas[2], 0); - EXPECT_EQ(rollup_data.bridge_call_datas[3], 0); - EXPECT_EQ(rollup_data.deposit_sums[0], 80); - EXPECT_EQ(rollup_data.deposit_sums[1], 20); - EXPECT_EQ(rollup_data.deposit_sums[2], 0); - EXPECT_EQ(rollup_data.deposit_sums[3], 0); - EXPECT_EQ(rollup_data.defi_interaction_notes[0], tx_data.defi_interaction_notes[0].commit()); - EXPECT_EQ(rollup_data.defi_interaction_notes[1], tx_data.defi_interaction_notes[1].commit()); - EXPECT_EQ(rollup_data.total_tx_fees[0], 7); // asset_id = 0 (ETH) - EXPECT_EQ(rollup_data.total_tx_fees[1], 15); // aid1 - EXPECT_EQ(rollup_data.total_tx_fees[2], 9); // aid3 - EXPECT_EQ(rollup_data.total_tx_fees[3], 28); // aid2 - EXPECT_EQ(rollup_data.asset_ids[0], fr(tx_data.asset_ids[0])); - EXPECT_EQ(rollup_data.asset_ids[1], fr(tx_data.asset_ids[1])); - EXPECT_EQ(rollup_data.asset_ids[2], fr(tx_data.asset_ids[2])); - EXPECT_EQ(rollup_data.asset_ids[3], fr(tx_data.asset_ids[3])); - - std::vector sha256_input; - for (size_t i = 0; i < NUM_INTERACTION_RESULTS_PER_BLOCK; i++) { - auto buf = tx_data.defi_interaction_notes[i].to_byte_array(); - uint256_t note_hash = uint256_t(sha256::sha256_to_field(buf)); - write(sha256_input, note_hash); - } - auto expected_hash = sha256::sha256_to_field(sha256_input); - - EXPECT_EQ(rollup_data.previous_defi_interaction_hash, expected_hash); -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.cpp deleted file mode 100644 index 0e079aeb53..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.cpp +++ /dev/null @@ -1,81 +0,0 @@ -#include "root_rollup_broadcast_data.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../../constants.hpp" -#include -#include - -namespace rollup { -namespace proofs { -namespace root_rollup { - -root_rollup_broadcast_data::root_rollup_broadcast_data(std::vector const& fields) -{ - rollup_id = fields[RootRollupBroadcastFields::ROLLUP_ID]; - rollup_size = fields[RootRollupBroadcastFields::ROLLUP_SIZE]; - data_start_index = fields[RootRollupBroadcastFields::DATA_START_INDEX]; - old_data_root = fields[RootRollupBroadcastFields::OLD_DATA_ROOT]; - new_data_root = fields[RootRollupBroadcastFields::NEW_DATA_ROOT]; - old_null_root = fields[RootRollupBroadcastFields::OLD_NULL_ROOT]; - new_null_root = fields[RootRollupBroadcastFields::NEW_NULL_ROOT]; - old_data_roots_root = fields[RootRollupBroadcastFields::OLD_DATA_ROOTS_ROOT]; - new_data_roots_root = fields[RootRollupBroadcastFields::NEW_DATA_ROOTS_ROOT]; - old_defi_root = fields[RootRollupBroadcastFields::OLD_DEFI_ROOT]; - new_defi_root = fields[RootRollupBroadcastFields::NEW_DEFI_ROOT]; - for (size_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; ++i) { - bridge_call_datas[i] = fields[RootRollupBroadcastFields::DEFI_BRIDGE_CALL_DATAS + i]; - } - for (size_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; ++i) { - deposit_sums[i] = fields[RootRollupBroadcastFields::DEFI_BRIDGE_DEPOSITS + i]; - } - for (size_t i = 0; i < NUM_ASSETS; ++i) { - asset_ids[i] = fields[RootRollupBroadcastFields::ASSET_IDS + i]; - } - for (size_t i = 0; i < NUM_ASSETS; ++i) { - total_tx_fees[i] = fields[RootRollupBroadcastFields::TOTAL_TX_FEES + i]; - } - for (size_t i = 0; i < NUM_BRIDGE_CALLS_PER_BLOCK; ++i) { - defi_interaction_notes[i] = fields[RootRollupBroadcastFields::DEFI_INTERACTION_NOTES + i]; - } - previous_defi_interaction_hash = fields[RootRollupBroadcastFields::PREVIOUS_DEFI_INTERACTION_HASH]; - rollup_beneficiary = fields[RootRollupBroadcastFields::ROLLUP_BENEFICIARY]; - num_inner_proofs = static_cast(fields[RootRollupBroadcastFields::NUM_INNER_PROOFS]); - - size_t size = static_cast(rollup_size); - tx_data.resize(size); - for (size_t i = 0; i < size; ++i) { - auto offset = - RootRollupBroadcastFields::INNER_PROOFS_DATA + (i * rollup::PropagatedInnerProofFields::NUM_FIELDS); - tx_data[i].proof_id = fields[offset + InnerProofFields::PROOF_ID]; - tx_data[i].note_commitment1 = fields[offset + InnerProofFields::NOTE_COMMITMENT1]; - tx_data[i].note_commitment2 = fields[offset + InnerProofFields::NOTE_COMMITMENT2]; - tx_data[i].nullifier1 = fields[offset + InnerProofFields::NULLIFIER1]; - tx_data[i].nullifier2 = fields[offset + InnerProofFields::NULLIFIER2]; - tx_data[i].public_value = fields[offset + InnerProofFields::PUBLIC_VALUE]; - tx_data[i].public_owner = fields[offset + InnerProofFields::PUBLIC_OWNER]; - tx_data[i].asset_id = fields[offset + InnerProofFields::PUBLIC_ASSET_ID]; - } -} - -fr root_rollup_broadcast_data::compute_hash() const -{ - // Slice off the fields representing the tx public inputs. - std::vector hash_inputs = slice(to_buffer(*this), 0, RootRollupBroadcastFields::INNER_PROOFS_DATA * 32); - - // Write the hashes representing the tx public inputs. - size_t num_inner_rollups = static_cast(num_inner_proofs); - size_t num_txs_per_rollup = static_cast(rollup_size) / num_inner_rollups; - for (size_t i = 0; i < num_inner_rollups; ++i) { - std::vector inner_inputs; - for (size_t j = 0; j < num_txs_per_rollup; ++j) { - write(inner_inputs, tx_data[i * num_txs_per_rollup + j]); - } - auto inner_hash = sha256::sha256_to_field(inner_inputs); - write(hash_inputs, inner_hash); - } - - return sha256::sha256_to_field(hash_inputs); -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.hpp deleted file mode 100644 index b33c0e6ea7..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_broadcast_data.hpp +++ /dev/null @@ -1,159 +0,0 @@ -#pragma once -#include "../rollup/rollup_proof_data.hpp" -#include "../../constants.hpp" - -namespace rollup { -namespace proofs { -namespace root_rollup { - -namespace RootRollupBroadcastFields { -enum { - ROLLUP_ID, - ROLLUP_SIZE, - DATA_START_INDEX, - OLD_DATA_ROOT, - NEW_DATA_ROOT, - OLD_NULL_ROOT, - NEW_NULL_ROOT, - OLD_DATA_ROOTS_ROOT, - NEW_DATA_ROOTS_ROOT, - OLD_DEFI_ROOT, - NEW_DEFI_ROOT, - DEFI_BRIDGE_CALL_DATAS, - DEFI_BRIDGE_DEPOSITS = DEFI_BRIDGE_CALL_DATAS + NUM_BRIDGE_CALLS_PER_BLOCK, - ASSET_IDS = DEFI_BRIDGE_DEPOSITS + NUM_BRIDGE_CALLS_PER_BLOCK, - TOTAL_TX_FEES = ASSET_IDS + NUM_ASSETS, - DEFI_INTERACTION_NOTES = TOTAL_TX_FEES + NUM_ASSETS, - PREVIOUS_DEFI_INTERACTION_HASH = DEFI_INTERACTION_NOTES + NUM_BRIDGE_CALLS_PER_BLOCK, - ROLLUP_BENEFICIARY, - NUM_INNER_PROOFS, - INNER_PROOFS_DATA, -}; -} // namespace RootRollupBroadcastFields - -struct tx_broadcast_data { - fr proof_id; - fr note_commitment1; - fr note_commitment2; - fr nullifier1; - fr nullifier2; - fr public_value; - fr public_owner; - fr asset_id; -}; - -template inline void read(B& buf, tx_broadcast_data& data) -{ - read(buf, data.proof_id); - read(buf, data.note_commitment1); - read(buf, data.note_commitment2); - read(buf, data.nullifier1); - read(buf, data.nullifier2); - read(buf, data.public_value); - read(buf, data.public_owner); - read(buf, data.asset_id); -} - -template inline void write(B& buf, tx_broadcast_data const& data) -{ - write(buf, data.proof_id); - write(buf, data.note_commitment1); - write(buf, data.note_commitment2); - write(buf, data.nullifier1); - write(buf, data.nullifier2); - write(buf, data.public_value); - write(buf, data.public_owner); - write(buf, data.asset_id); -} - -struct root_rollup_broadcast_data { - fr rollup_id; - fr rollup_size; - fr data_start_index; - fr old_data_root; - fr new_data_root; - fr old_null_root; - fr new_null_root; - fr old_data_roots_root; - fr new_data_roots_root; - fr old_defi_root; - fr new_defi_root; - fr rollup_beneficiary; - std::array bridge_call_datas; - std::array deposit_sums; - std::array asset_ids; - std::array total_tx_fees; - std::array defi_interaction_notes; - fr previous_defi_interaction_hash; - fr num_inner_proofs; - std::vector tx_data; - - root_rollup_broadcast_data(std::vector const& public_inputs); - - fr compute_hash() const; - - bool operator==(const root_rollup_broadcast_data& other) const = default; -}; - -template inline void read(B& buf, root_rollup_broadcast_data& data) -{ - using serialize::read; - read(buf, data.rollup_id); - read(buf, data.rollup_size); - read(buf, data.data_start_index); - - read(buf, data.old_data_root); - read(buf, data.new_data_root); - read(buf, data.old_null_root); - read(buf, data.new_null_root); - read(buf, data.old_data_roots_root); - read(buf, data.new_data_roots_root); - read(buf, data.old_defi_root); - read(buf, data.new_defi_root); - - read(buf, data.bridge_call_datas); - read(buf, data.deposit_sums); - read(buf, data.asset_ids); - read(buf, data.total_tx_fees); - read(buf, data.defi_interaction_notes); - read(buf, data.previous_defi_interaction_hash); - read(buf, data.rollup_beneficiary); - read(buf, data.num_inner_proofs); - - for (auto& tx : data.tx_data) { - read(buf, tx); - } -} - -template inline void write(B& buf, root_rollup_broadcast_data const& data) -{ - using serialize::write; - write(buf, data.rollup_id); - write(buf, data.rollup_size); - write(buf, data.data_start_index); - - write(buf, data.old_data_root); - write(buf, data.new_data_root); - write(buf, data.old_null_root); - write(buf, data.new_null_root); - write(buf, data.old_data_roots_root); - write(buf, data.new_data_roots_root); - write(buf, data.old_defi_root); - write(buf, data.new_defi_root); - - write(buf, data.bridge_call_datas); - write(buf, data.deposit_sums); - write(buf, data.asset_ids); - write(buf, data.total_tx_fees); - write(buf, data.defi_interaction_notes); - write(buf, data.previous_defi_interaction_hash); - write(buf, data.rollup_beneficiary); - write(buf, data.num_inner_proofs); - - for (auto& tx : data.tx_data) { - write(buf, tx); - } -} -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.cpp deleted file mode 100644 index eb26f81d6f..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.cpp +++ /dev/null @@ -1,380 +0,0 @@ -#include "../../constants.hpp" -#include "../rollup/index.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../notes/constants.hpp" -#include "../notes/circuit/index.hpp" -#include "root_rollup_circuit.hpp" -#include -#include -#include -#include -#include "./root_rollup_proof_data.hpp" - -// #pragma GCC diagnostic ignored "-Wunused-variable" -// #pragma GCC diagnostic ignored "-Wunused-parameter" -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace plonk::stdlib::types::turbo; -using namespace plonk::stdlib::recursion; -using namespace plonk::stdlib::merkle_tree; -using namespace notes; - -field_ct compute_sha256_of_zeroes(Composer& composer, const size_t num_txs_per_rollup) -{ - std::vector data; - for (size_t i = 0; i < 32 * rollup::PropagatedInnerProofFields::NUM_FIELDS * num_txs_per_rollup; ++i) { - data.emplace_back(0); - } - auto hash_result = sha256::sha256(data); - fr hash_reduced = fr::serialize_from_buffer(&hash_result[0]); - return field_ct(&composer, hash_reduced); -} - -/** - * Inserts the latest data root into the root tree at location rollup_id + 1. - */ -void check_root_tree_updated(merkle_tree::hash_path const& old_data_roots_path, - field_ct const& rollup_id, - field_ct const& new_data_root, - field_ct const& new_data_roots_root, - field_ct const& old_data_roots_root) -{ - auto index = (rollup_id + 1).decompose_into_bits(ROOT_TREE_DEPTH); - update_membership( - new_data_roots_root, new_data_root, old_data_roots_root, old_data_roots_path, field_ct(0), index, __FUNCTION__); -} - -/** - * Computes the commitments to the defi_interaction_notes to be inserted into the defi tree. - * Checks the defi tree is updated with the defi_interaction_notes commitments. - * Returns the previous_defi_interaction_hash from the defi_interaction_notes. - */ -field_ct process_defi_interaction_notes(Composer& composer, - field_ct const& rollup_id, - field_ct const& new_defi_interaction_root, - field_ct const& old_defi_interaction_root, - merkle_tree::hash_path const& old_defi_interaction_path, - field_ct const& num_previous_defi_interactions, - std::vector const& defi_interaction_notes, - std::vector& defi_interaction_note_commitments) -{ - std::vector hash_input; - - for (uint32_t i = 0; i < NUM_INTERACTION_RESULTS_PER_BLOCK; i++) { - auto is_real = uint32_ct(i) < num_previous_defi_interactions; - auto hashed_note = - plonk::stdlib::sha256_to_field(defi_interaction_notes[i].to_byte_array(composer, is_real)); - hash_input.push_back(hashed_note); - auto note_commitment = defi_interaction_notes[i].commitment * is_real; - defi_interaction_note_commitments.push_back(note_commitment); - } - - // Check defi interaction notes have been inserted into the defi interaction tree. - auto insertion_index = (rollup_id * NUM_INTERACTION_RESULTS_PER_BLOCK); - batch_update_membership(new_defi_interaction_root, - old_defi_interaction_root, - old_defi_interaction_path, - defi_interaction_note_commitments, - insertion_index, - "check_defi_tree_updated"); - - /** - * hash_output = H(H(A), H(B), H(C), H(D)) - * - * Q: Why don't we use hash_output = H(A, B, C, D)? - * A: We need to store the defi interaction notes in the smart contract so as to allow async defi transactions. - * For example, if a rollup block n results in defi notes (A, B, C, D) then all of these four need not be - * processed together. Hence we must store individual notes: to minimise the amount of data we store, we store - * H(D) for each defi note D. - */ - auto hash_output = - plonk::stdlib::sha256_to_field(packed_byte_array_ct::from_field_element_vector(hash_input)); - - return field_ct(hash_output); -} - -void check_asset_ids_and_accumulate_tx_fees(Composer& composer, - uint32_t const i, - std::vector& total_tx_fees, - std::vector const& asset_ids, - std::vector const& public_inputs, - bool_ct const& is_real) -{ - // Check every real tx rollup proof has correct asset ids. - for (size_t j = 0; j < NUM_ASSETS; j++) { - - field_ct num_matched(&composer, 0); - auto inner_asset_id = public_inputs[rollup::RollupProofFields::ASSET_IDS + j]; - auto inner_tx_fee = public_inputs[rollup::RollupProofFields::TOTAL_TX_FEES + j]; - auto is_asset_id_padded = (inner_asset_id == field_ct(MAX_NUM_ASSETS)); - - for (uint32_t k = 0; k < NUM_ASSETS; k++) { - const auto matches = (inner_asset_id == asset_ids[k]); - num_matched += matches; - - // Sum the real tx rollup proof's tx fee according to the matched asset id. - total_tx_fees[k] += (inner_tx_fee * matches * !is_asset_id_padded); - } - - // Assert that the tx rollup proof's asset_id matched a single asset_id. - auto is_valid_asset_id = !is_real || num_matched == 1 || is_asset_id_padded; - is_valid_asset_id.assert_equal(true, - format("rollup proof ", - i, - "'s asset id ", - uint64_t(inner_asset_id.get_value()), - " matched ", - uint64_t(num_matched.get_value()), - " times.")); - } -} - -void check_bridge_call_datas_and_accumulate_defi_deposits(Composer& composer, - uint32_t const i, - std::vector& defi_deposit_sums, - std::vector const& bridge_call_datas, - std::vector const& public_inputs, - bool_ct const& is_real) -{ - // Check every real tx rollup proof has correct bridge call data. - for (size_t j = 0; j < NUM_BRIDGE_CALLS_PER_BLOCK; j++) { - - field_ct num_matched(&composer, 0); - auto inner_bridge_call_data = public_inputs[rollup::RollupProofFields::DEFI_BRIDGE_CALL_DATAS + j]; - auto inner_defi_deposit_sum = public_inputs[rollup::RollupProofFields::DEFI_BRIDGE_DEPOSITS + j]; - auto is_bridge_call_data_zero = inner_bridge_call_data.is_zero(); - - for (uint32_t k = 0; k < NUM_BRIDGE_CALLS_PER_BLOCK; k++) { - const auto matches = (inner_bridge_call_data == bridge_call_datas[k]); - num_matched += matches; - - // Sum the real tx rollup proof's tx fee according to the matched bridge_call_data. - defi_deposit_sums[k] += (inner_defi_deposit_sum * matches * !is_bridge_call_data_zero); - } - - // Assert that the tx rollup proof's bridge_call_data matched a single bridge_call_data. - auto is_valid_bridge_call_data = !is_real || (num_matched == 1 || is_bridge_call_data_zero); - is_valid_bridge_call_data.assert_equal(true, - format("rollup proof ", - i, - "'s bridge call data at index ", - j, - " matched ", - uint64_t(num_matched.get_value()), - " times.")); - } -} - -void assert_inner_proof_sequential(size_t const num_inner_txs_pow2, - uint32_t const i, - field_ct const& rollup_id, - field_ct& data_start_index, - field_ct& old_data_root, - field_ct& new_data_root, - field_ct& old_null_root, - field_ct& new_null_root, - field_ct const& old_root_root, - field_ct const& new_defi_root, - std::vector const& public_inputs, - bool_ct const& is_real) -{ - auto rollup_id_inner = public_inputs[rollup::RollupProofFields::ROLLUP_ID]; - auto data_start_index_inner = public_inputs[rollup::RollupProofFields::DATA_START_INDEX]; - auto old_data_root_inner = public_inputs[rollup::RollupProofFields::OLD_DATA_ROOT]; - auto new_data_root_inner = public_inputs[rollup::RollupProofFields::NEW_DATA_ROOT]; - auto old_null_root_inner = public_inputs[rollup::RollupProofFields::OLD_NULL_ROOT]; - auto new_null_root_inner = public_inputs[rollup::RollupProofFields::NEW_NULL_ROOT]; - auto old_root_root_inner = public_inputs[rollup::RollupProofFields::OLD_DATA_ROOTS_ROOT]; - auto new_defi_root_inner = public_inputs[rollup::RollupProofFields::NEW_DEFI_ROOT]; - - // Every real inner proof should use the root tree root we've input. - auto valid_root_root = !is_real || old_root_root_inner == old_root_root; - valid_root_root.assert_equal(true, format("inconsistent_roots_root_", i)); - - // Every real inner proof should use the defi root we've input. - auto valid_defi_root = !is_real || new_defi_root_inner == new_defi_root; - valid_defi_root.assert_equal(true, format("inconsistent_defi_root_", i)); - - // Check if the inner rollup's id matches root rollup's id. - auto valid_rollup_id = !is_real || rollup_id_inner == rollup_id; - valid_rollup_id.assert_equal(true, format("incorrect_rollup_id_", i)); - - if (i == 0) { - // The first proof should always be real. - is_real.assert_equal(true, "root rollup first proof is not real"); - data_start_index = data_start_index_inner; - old_data_root = old_data_root_inner; - new_data_root = new_data_root_inner; - old_null_root = old_null_root_inner; - new_null_root = new_null_root_inner; - } else { - auto valid_data_start_index = - !is_real || data_start_index_inner == (data_start_index + (i * num_inner_txs_pow2 * 2)); - auto valid_old_data_root = !is_real || old_data_root_inner == new_data_root; - auto valid_old_null_root = !is_real || old_null_root_inner == new_null_root; - - valid_data_start_index.assert_equal(true, format("incorrect_data_start_index_", i)); - valid_old_data_root.assert_equal(true, format("inconsistent_old_data_root_", i)); - valid_old_null_root.assert_equal(true, format("inconsistent_old_null_root_", i)); - - new_data_root = field_ct::conditional_assign(is_real, new_data_root_inner, new_data_root); - new_null_root = field_ct::conditional_assign(is_real, new_null_root_inner, new_null_root); - } -} - -circuit_result_data root_rollup_circuit(Composer& composer, - root_rollup_tx const& tx, - size_t num_inner_txs_pow2, - size_t num_outer_txs_pow2, - std::shared_ptr const& inner_verification_key) -{ - auto max_num_inner_proofs = tx.rollups.size(); - ASSERT(max_num_inner_proofs <= num_outer_txs_pow2); - - // Witnesses. - const auto rollup_id = field_ct(witness_ct(&composer, tx.rollup_id)); - const auto rollup_size_pow2 = field_ct(witness_ct(&composer, num_outer_txs_pow2)); - rollup_size_pow2.assert_equal(num_outer_txs_pow2); - const auto num_inner_proofs = uint32_ct(witness_ct(&composer, tx.num_inner_proofs)); - const auto old_root_root = field_ct(witness_ct(&composer, tx.old_data_roots_root)); - const auto new_root_root = field_ct(witness_ct(&composer, tx.new_data_roots_root)); - const auto old_root_path = create_witness_hash_path(composer, tx.old_data_roots_path); - const auto old_defi_root = field_ct(witness_ct(&composer, tx.old_defi_root)); - const auto new_defi_root = field_ct(witness_ct(&composer, tx.new_defi_root)); - const auto old_defi_path = create_witness_hash_path(composer, tx.old_defi_path); - const auto bridge_call_datas = - map(tx.bridge_call_datas, [&](auto& bid) { return field_ct(witness_ct(&composer, bid)); }); - const auto asset_ids = map(tx.asset_ids, [&](auto& aid) { return field_ct(witness_ct(&composer, aid)); }); - const auto defi_interaction_notes = map(tx.defi_interaction_notes, [&](auto n) { - return circuit::defi_interaction::note(circuit::defi_interaction::witness_data(composer, n)); - }); - const auto num_previous_defi_interactions = field_ct(witness_ct(&composer, tx.num_previous_defi_interactions)); - const auto recursive_manifest = Composer::create_unrolled_manifest(inner_verification_key->num_public_inputs); - const auto recursive_verification_key = - plonk::stdlib::recursion::verification_key::from_constants(&composer, inner_verification_key); - field_ct rollup_beneficiary = field_ct(witness_ct(&composer, tx.rollup_beneficiary)); - rollup_beneficiary.create_range_constraint(160, "rollup beneficiary is not an address!"); - - // To be extracted from inner proofs. - field_ct data_start_index = witness_ct(&composer, 0); - field_ct old_data_root = witness_ct(&composer, 0); - field_ct new_data_root = witness_ct(&composer, 0); - field_ct old_null_root = witness_ct(&composer, 0); - field_ct new_null_root = witness_ct(&composer, 0); - - // A padding rollup uses the following as its public input hash. - field_ct zero_hash = compute_sha256_of_zeroes(composer, num_inner_txs_pow2); - - // Loop accumulators. - recursion_output recursion_output; - std::vector inner_input_hashes; - std::vector tx_proof_public_inputs; - std::vector total_tx_fees(NUM_ASSETS, field_ct(witness_ct::create_constant_witness(&composer, 0))); - std::vector defi_deposit_sums(NUM_BRIDGE_CALLS_PER_BLOCK, - field_ct(witness_ct::create_constant_witness(&composer, 0))); - - // Loop over each inner proof. - for (uint32_t i = 0; i < max_num_inner_proofs; ++i) { - auto is_real = num_inner_proofs > i; - - recursion_output = - verify_proof>(&composer, - recursive_verification_key, - recursive_manifest, - waffle::plonk_proof{ tx.rollups[i] }, - recursion_output); - - auto& public_inputs = recursion_output.public_inputs; - - // Zero all public inputs for padding proofs. - for (auto& inp : public_inputs) { - inp *= is_real; - } - - // Accumulate tx fees. - check_asset_ids_and_accumulate_tx_fees(composer, i, total_tx_fees, asset_ids, public_inputs, is_real); - - // Accumulate defi deposits. - check_bridge_call_datas_and_accumulate_defi_deposits( - composer, i, defi_deposit_sums, bridge_call_datas, public_inputs, is_real); - - assert_inner_proof_sequential(num_inner_txs_pow2, - i, - rollup_id, - data_start_index, - old_data_root, - new_data_root, - old_null_root, - new_null_root, - old_root_root, - new_defi_root, - public_inputs, - is_real); - - field_ct hash = - field_ct::conditional_assign(is_real, public_inputs[rollup::RollupProofFields::INPUTS_HASH], zero_hash); - inner_input_hashes.push_back(hash); - - // Accumulate tx public inputs. - for (size_t j = 0; j < rollup::PropagatedInnerProofFields::NUM_FIELDS * num_inner_txs_pow2; ++j) { - tx_proof_public_inputs.push_back( - public_inputs[rollup::RollupProofFields::INNER_PROOFS_DATA + j].get_value()); - } - } - - // Check defi interaction notes are inserted and computes previous_defi_interaction_hash. - std::vector defi_interaction_note_commitments; - auto previous_defi_interaction_hash = process_defi_interaction_notes(composer, - rollup_id, - new_defi_root, - old_defi_root, - old_defi_path, - num_previous_defi_interactions, - defi_interaction_notes, - defi_interaction_note_commitments); - - // Check data root tree is updated with latest data root. - check_root_tree_updated(old_root_path, rollup_id, new_data_root, new_root_root, old_root_root); - - // Construct a list of header fields. - auto num_inner_proofs_pow2 = num_outer_txs_pow2 / num_inner_txs_pow2; - std::vector header_fields1 = { rollup_id, rollup_size_pow2, data_start_index, old_data_root, - new_data_root, old_null_root, new_null_root, old_root_root, - new_root_root, old_defi_root, new_defi_root }; - std::vector header_fields2 = { previous_defi_interaction_hash, - rollup_beneficiary, - num_inner_proofs_pow2 }; - auto header_fields = join({ header_fields1, - bridge_call_datas, - defi_deposit_sums, - asset_ids, - total_tx_fees, - defi_interaction_note_commitments, - header_fields2 }); - - // Construct hash of public inputs. - // [ header fields ][ hashes of each inner rollups inputs ][ zero_hash padding ] - auto zero_hashes = std::vector(num_inner_proofs_pow2 - max_num_inner_proofs, zero_hash); - auto inputs_to_hash = join({ header_fields, inner_input_hashes, zero_hashes }); - auto input_hash = stdlib::sha256_to_field(packed_byte_array_ct::from_field_element_vector(inputs_to_hash)); - - // Construct list of fields to be broadcast along with proof. - // [ header fields ][ public inputs of each tx ][ zero field padding ] - std::vector header_fields_fr = map(header_fields, [](auto const& f) { return f.get_value(); }); - size_t padding_rollups = num_inner_proofs_pow2 - max_num_inner_proofs; - size_t padding_txs = padding_rollups * num_inner_txs_pow2; - std::vector zero_padding(padding_txs * rollup::PropagatedInnerProofFields::NUM_FIELDS, fr(0)); - std::vector broadcast_fields = join({ header_fields_fr, tx_proof_public_inputs, zero_padding }); - - // Set public inputs. Just the input hash and recursion elements. - input_hash.set_public(); - recursion_output.add_proof_outputs_as_public_inputs(); - - return { recursion_output, broadcast_fields }; -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.hpp deleted file mode 100644 index 798a939253..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_circuit.hpp +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once -#include "./root_rollup_tx.hpp" -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace plonk::stdlib::types::turbo; -using namespace plonk::stdlib::recursion; - -struct circuit_result_data { - plonk::stdlib::recursion::recursion_output recursion_output; - std::vector broadcast_data; -}; - -circuit_result_data root_rollup_circuit(Composer& composer, - root_rollup_tx const& rollups, - size_t inner_rollup_size, - size_t outer_rollup_size, - std::shared_ptr const& inner_verification_key); - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_full.test.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_full.test.cpp deleted file mode 100644 index 5a17998e62..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_full.test.cpp +++ /dev/null @@ -1,245 +0,0 @@ -#include -#include "index.hpp" -#include "../join_split/index.hpp" -#include "../rollup/index.hpp" -#include "../notes/native/index.hpp" -#include "../../fixtures/test_context.hpp" -#include "../../fixtures/compute_or_load_fixture.hpp" -#include - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace barretenberg; -using namespace notes::native; -using namespace plonk::stdlib::merkle_tree; - -namespace { -#ifdef CI -bool persist = false; -#else -bool persist = false; -#endif -std::shared_ptr srs; -numeric::random::Engine* rand_engine = &numeric::random::get_debug_engine(true); -fixtures::user_context user = fixtures::create_user_context(rand_engine); -join_split::circuit_data js_cd; -proofs::account::circuit_data account_cd; -proofs::claim::circuit_data claim_cd; -proofs::rollup::circuit_data tx_rollup2_cd; -proofs::rollup::circuit_data tx_rollup3_cd; -} // namespace - -class root_rollup_full_tests : public ::testing::Test { - protected: - static constexpr auto CRS_PATH = "../srs_db/ignition"; - static constexpr auto FIXTURE_PATH = "../src/aztec/rollup/proofs/root_rollup/fixtures"; - static constexpr auto TEST_PROOFS_PATH = "../src/aztec/rollup/proofs/root_rollup/fixtures/test_proofs"; - - typedef std::vector>> RollupStructure; - - root_rollup_full_tests() - : context(js_cd, account_cd, claim_cd) - , js_proofs(get_js_proofs(5)) - { - rand_engine = &numeric::random::get_debug_engine(true); - user = fixtures::create_user_context(rand_engine); - } - - static void SetUpTestCase() - { - std::filesystem::create_directories(FIXTURE_PATH); - std::filesystem::create_directories(TEST_PROOFS_PATH); - srs = std::make_shared(CRS_PATH); - account_cd = proofs::account::get_circuit_data(srs); - js_cd = join_split::get_circuit_data(srs); - claim_cd = proofs::claim::get_circuit_data(srs); - tx_rollup2_cd = - rollup::get_circuit_data(2, js_cd, account_cd, claim_cd, srs, FIXTURE_PATH, true, persist, persist); - tx_rollup3_cd = - rollup::get_circuit_data(3, js_cd, account_cd, claim_cd, srs, FIXTURE_PATH, true, persist, persist); - } - - std::vector> get_js_proofs(uint32_t n) - { - std::vector> proofs; - for (uint32_t i = 0; i < n; ++i) { - auto js_proof = fixtures::compute_or_load_fixture(TEST_PROOFS_PATH, format("js", i), [&] { - return context.create_join_split_proof({}, {}, { 100, 50 }, 150); - }); - proofs.push_back(js_proof); - } - return proofs; - } - - root_rollup_tx create_root_rollup_tx(std::string const& test_name, - uint32_t rollup_id, - rollup::circuit_data const& tx_rollup_cd, - RollupStructure const& rollup_structure) - { - std::vector> rollups_data; - - for (auto txs : rollup_structure) { - auto name = format(test_name, "_rollup", rollups_data.size() + 1); - auto rollup = rollup::create_rollup_tx(context.world_state, tx_rollup_cd.rollup_size, txs, {}, { 0 }); - auto rollup_data = fixtures::compute_or_load_fixture( - TEST_PROOFS_PATH, name, [&] { return rollup::verify(rollup, tx_rollup_cd).proof_data; }); - assert(!rollup_data.empty()); - rollups_data.push_back(rollup_data); - } - - auto old_defi_path = context.world_state.defi_tree.get_hash_path(rollup_id * NUM_INTERACTION_RESULTS_PER_BLOCK); - - return root_rollup::create_root_rollup_tx(context.world_state, - rollup_id, - context.world_state.defi_tree.root(), - old_defi_path, - rollups_data, - {}, - { 0 }); - } - - fixtures::TestContext context; - std::vector> js_proofs; -}; - -HEAVY_TEST_F(root_rollup_full_tests, test_root_rollup_3x2_and_detect_circuit_change) -{ - static constexpr auto rollups_per_rollup = 3U; - - auto root_rollup_cd = get_circuit_data(rollups_per_rollup, tx_rollup2_cd, srs, FIXTURE_PATH, true, false, false); - - auto old_data_root = context.world_state.data_tree.root(); - auto old_null_root = context.world_state.null_tree.root(); - auto old_root_root = context.world_state.root_tree.root(); - - auto tx_data = create_root_rollup_tx( - "test_root_rollup_3x2", 0, tx_rollup2_cd, { { js_proofs[0], js_proofs[1] }, { js_proofs[2] } }); - auto result = verify(tx_data, root_rollup_cd); - ASSERT_TRUE(result.verified); - - auto rollup_data = root_rollup_broadcast_data(result.broadcast_data); - EXPECT_EQ(rollup_data.rollup_id, 0U); - EXPECT_EQ(rollup_data.rollup_size, 8U); - EXPECT_EQ(rollup_data.data_start_index, 0U); - EXPECT_EQ(rollup_data.old_data_root, old_data_root); - EXPECT_EQ(rollup_data.old_null_root, old_null_root); - EXPECT_EQ(rollup_data.old_data_roots_root, old_root_root); - EXPECT_EQ(rollup_data.new_data_root, context.world_state.data_tree.root()); - EXPECT_EQ(rollup_data.new_null_root, context.world_state.null_tree.root()); - EXPECT_EQ(rollup_data.new_data_roots_root, context.world_state.root_tree.root()); - - auto inner_data = rollup_data.tx_data[3]; - EXPECT_EQ(inner_data.note_commitment1, fr(0)); - EXPECT_EQ(inner_data.note_commitment2, fr(0)); - EXPECT_EQ(inner_data.nullifier1, fr(0)); - EXPECT_EQ(inner_data.nullifier2, fr(0)); - EXPECT_EQ(inner_data.public_value, fr(0)); - EXPECT_EQ(inner_data.public_owner, fr(0)); - EXPECT_EQ(inner_data.asset_id, fr(0)); - // The below assertions detect changes in the root rollup circuit - size_t number_of_gates_root_rollup = result.number_of_gates; - auto vk_hash_root_rollup = result.verification_key->sha256_hash(); - // If the below assertions fail, consider changing the variable is_circuit_change_expected to 1 in - // rollup/constants.hpp and see if atleast the next power of two limit is not exceeded. Please change the constant - // values accordingly and set is_circuit_change_expected to 0 in rollup/constants.hpp before merging. - if (!(circuit_gate_count::is_circuit_change_expected)) { - EXPECT_EQ(number_of_gates_root_rollup, circuit_gate_count::ROOT_ROLLUP) - << "The gate count for the root rollup circuit is changed."; - EXPECT_EQ(from_buffer(vk_hash_root_rollup), circuit_vk_hash::ROOT_ROLLUP) - << "The verification key hash for the root rollup circuit is changed."; - // For the next power of two limit, we need to consider that we reserve four gates for adding - // randomness/zero-knowledge - EXPECT_LE(number_of_gates_root_rollup, - circuit_gate_next_power_of_two::ROOT_ROLLUP - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the root rollup circuit."; - } else { - EXPECT_LE(number_of_gates_root_rollup, - circuit_gate_next_power_of_two::ROOT_ROLLUP - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the root rollup circuit."; - } -} - -HEAVY_TEST_F(root_rollup_full_tests, test_root_rollup_2x3) -{ - static constexpr auto rollups_per_rollup = 2U; - - auto root_rollup_cd = get_circuit_data(rollups_per_rollup, tx_rollup3_cd, srs, FIXTURE_PATH, true, false, false); - - auto old_data_root = context.world_state.data_tree.root(); - auto old_null_root = context.world_state.null_tree.root(); - auto old_root_root = context.world_state.root_tree.root(); - - auto tx_data = create_root_rollup_tx("test_root_rollup_2x3", 0, tx_rollup3_cd, { { js_proofs[0] } }); - auto result = verify(tx_data, root_rollup_cd); - ASSERT_TRUE(result.verified); - - auto rollup_data = root_rollup_broadcast_data(result.broadcast_data); - EXPECT_EQ(rollup_data.rollup_id, 0U); - EXPECT_EQ(rollup_data.rollup_size, 8U); - EXPECT_EQ(rollup_data.data_start_index, 0U); - EXPECT_EQ(rollup_data.old_data_root, old_data_root); - EXPECT_EQ(rollup_data.old_null_root, old_null_root); - EXPECT_EQ(rollup_data.old_data_roots_root, old_root_root); - EXPECT_EQ(rollup_data.new_data_root, context.world_state.data_tree.root()); - EXPECT_EQ(rollup_data.new_null_root, context.world_state.null_tree.root()); - EXPECT_EQ(rollup_data.new_data_roots_root, context.world_state.root_tree.root()); - - for (size_t i = 1; i < rollup_data.tx_data.size(); ++i) { - auto inner_data = rollup_data.tx_data[i]; - EXPECT_EQ(inner_data.note_commitment1, fr(0)); - EXPECT_EQ(inner_data.note_commitment2, fr(0)); - EXPECT_EQ(inner_data.nullifier1, fr(0)); - EXPECT_EQ(inner_data.nullifier2, fr(0)); - EXPECT_EQ(inner_data.public_value, fr(0)); - EXPECT_EQ(inner_data.public_owner, fr(0)); - EXPECT_EQ(inner_data.asset_id, fr(0)); - } -} - -HEAVY_TEST_F(root_rollup_full_tests, test_bad_js_proof_fails) -{ - static constexpr auto rollups_per_rollup = 1U; - - // Create a bad js proof. - auto bad_proof = join_split::create_noop_join_split_proof(js_cd, context.world_state.data_tree.root(), false); - - // Our inner rollup should fail. - auto tx_rollup_cd = tx_rollup2_cd; - auto inner_rollup_tx = - rollup::create_rollup_tx(context.world_state, tx_rollup_cd.rollup_size, { js_proofs[0], bad_proof }); - Composer inner_composer = Composer(tx_rollup_cd.proving_key, tx_rollup_cd.verification_key, tx_rollup_cd.num_gates); - rollup::pad_rollup_tx(inner_rollup_tx, tx_rollup_cd.num_txs, tx_rollup_cd.join_split_circuit_data.padding_proof); - rollup::rollup_circuit(inner_composer, inner_rollup_tx, tx_rollup_cd.verification_keys, tx_rollup_cd.num_txs); - ASSERT_FALSE(inner_composer.failed); - auto inner_prover = inner_composer.create_unrolled_prover(); - auto inner_proof = inner_prover.construct_proof(); - auto inner_verifier = inner_composer.create_unrolled_verifier(); - ASSERT_FALSE(inner_verifier.verify_proof(inner_proof)); - - // Root rollup should fail. - auto root_rollup_cd = get_circuit_data(rollups_per_rollup, tx_rollup_cd, srs, FIXTURE_PATH, true, false, false); - auto root_rollup_tx = root_rollup::create_root_rollup_tx(context.world_state, - 0, - context.world_state.defi_tree.root(), - context.world_state.defi_tree.get_hash_path(0), - { inner_proof.proof_data }); - Composer root_composer = - Composer(root_rollup_cd.proving_key, root_rollup_cd.verification_key, root_rollup_cd.num_gates); - pad_root_rollup_tx(root_rollup_tx, root_rollup_cd); - root_rollup_circuit(root_composer, - root_rollup_tx, - root_rollup_cd.inner_rollup_circuit_data.rollup_size, - root_rollup_cd.rollup_size, - root_rollup_cd.inner_rollup_circuit_data.verification_key); - ASSERT_FALSE(root_composer.failed); - auto root_prover = root_composer.create_prover(); - auto root_proof = root_prover.construct_proof(); - auto root_verifier = root_composer.create_verifier(); - ASSERT_FALSE(root_verifier.verify_proof(root_proof)); -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.cpp deleted file mode 100644 index eb1d061bba..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.cpp +++ /dev/null @@ -1,45 +0,0 @@ -#include "root_rollup_proof_data.hpp" -#include "../inner_proof_data/inner_proof_data.hpp" -#include "../../constants.hpp" -#include - -namespace rollup { -namespace proofs { -namespace root_rollup { - -root_rollup_proof_data::root_rollup_proof_data(std::vector const& proof_data) -{ - // 1 input hash and 16 recursion elements. - size_t num_fields = 17; - std::vector fields(num_fields); - auto ptr = proof_data.data(); - for (size_t i = 0; i < num_fields; ++i) { - read(ptr, fields[i]); - } - - populate_from_fields(fields); -} - -root_rollup_proof_data::root_rollup_proof_data(std::vector const& fields) -{ - populate_from_fields(fields); -} - -void root_rollup_proof_data::populate_from_fields(std::vector const& fields) -{ - input_hash = fields[0]; - size_t offset = 1; - for (auto& coord : - { &recursion_output[0].x, &recursion_output[0].y, &recursion_output[1].x, &recursion_output[1].y }) { - uint256_t limb[4]; - for (size_t li = 0; li < 4; ++li) { - limb[li] = fields[offset++]; - } - *coord = limb[0] + (uint256_t(1) << 68) * limb[1] + (uint256_t(1) << 136) * limb[2] + - (uint256_t(1) << 204) * limb[3]; - } -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.hpp deleted file mode 100644 index 6a52a6967e..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_proof_data.hpp +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once -#include -#include "../rollup/rollup_proof_data.hpp" -#include "../../constants.hpp" - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace plonk::stdlib::types::turbo; - -struct root_rollup_proof_data { - fr input_hash; - g1::affine_element recursion_output[2]; - - root_rollup_proof_data(std::vector const& proof_data); - root_rollup_proof_data(std::vector const& public_inputs); - - bool operator==(const root_rollup_proof_data& other) const = default; - - private: - void populate_from_fields(std::vector const& fields); -}; - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.hpp deleted file mode 100644 index c83f568f85..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.hpp +++ /dev/null @@ -1,135 +0,0 @@ -#pragma once -#include -#include -#include -#include -#include -#include -#include -#include "../notes/native/defi_interaction/note.hpp" -#include "../../constants.hpp" - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace barretenberg; -using namespace plonk::stdlib::merkle_tree; -using namespace notes; - -struct root_rollup_tx { - // The rollup id. Inner proof rollup ids must match. - uint32_t rollup_id; - - // The actual number of "real" inner rollups in this proof. - uint32_t num_inner_proofs; - - // If the size < num_inner_proofs, it's padded to size num_inner_proofs with the padding proof. - std::vector> rollups; - - // For updating the tree of data roots. - fr old_data_roots_root; - fr new_data_roots_root; - fr_hash_path old_data_roots_path; - - // For updating the defi interaction tree. - fr old_defi_root; - fr new_defi_root; - fr_hash_path old_defi_path; - - // Set of bridge call datas. Inner proofs bridge call datas must match. - std::vector bridge_call_datas; - - // Set of asset ids. Inner proofs asset ids must match. - std::vector asset_ids; - - // Defi interactions from the previous root rollup, to be inserted into defi tree. - std::vector defi_interaction_notes; - - // which address do we send fees to? Add it into the circuit to make the proof binding against this address - fr rollup_beneficiary; - - bool operator==(root_rollup_tx const&) const = default; - - // These are not serialized or known about externally. - // They are populated before the tx is padded. - size_t num_previous_defi_interactions; -}; - -template inline void read(B& buf, root_rollup_tx& tx) -{ - using serialize::read; - read(buf, tx.rollup_id); - read(buf, tx.num_inner_proofs); - read(buf, tx.rollups); - - read(buf, tx.old_data_roots_root); - read(buf, tx.new_data_roots_root); - read(buf, tx.old_data_roots_path); - - read(buf, tx.old_defi_root); - read(buf, tx.new_defi_root); - read(buf, tx.old_defi_path); - - read(buf, tx.bridge_call_datas); - read(buf, tx.asset_ids); - read(buf, tx.defi_interaction_notes); - read(buf, tx.rollup_beneficiary); -} - -template inline void write(B& buf, root_rollup_tx const& tx) -{ - using serialize::write; - write(buf, tx.rollup_id); - write(buf, tx.num_inner_proofs); - write(buf, tx.rollups); - - write(buf, tx.old_data_roots_root); - write(buf, tx.new_data_roots_root); - write(buf, tx.old_data_roots_path); - - write(buf, tx.old_defi_root); - write(buf, tx.new_defi_root); - write(buf, tx.old_defi_path); - - write(buf, tx.bridge_call_datas); - write(buf, tx.asset_ids); - write(buf, tx.defi_interaction_notes); - write(buf, tx.rollup_beneficiary); -} - -inline std::ostream& operator<<(std::ostream& os, root_rollup_tx const& tx) -{ - os << "num_inner_proofs: " << tx.num_inner_proofs << "\n"; - os << "proof_data:\n"; - for (auto p : tx.rollups) { - os << p << "\n"; - } - os << "old_data_roots_root: " << tx.old_data_roots_root << "\n"; - os << "new_data_roots_root: " << tx.new_data_roots_root << "\n"; - os << "old_data_roots_path: " << tx.old_data_roots_path << "\n"; - - os << "old_defi_root: " << tx.old_defi_root << "\n"; - os << "old_defi_path: " << tx.old_defi_path << "\n"; - - os << "bridge_call_datas: " << tx.bridge_call_datas << "\n"; - os << "asset_ids: " << tx.asset_ids << "\n"; - - size_t i = 0; - for (auto defi_note : tx.defi_interaction_notes) { - os << "defi_interaction_" << i << ":\n"; - os << " bridge_call_data: " << defi_note.bridge_call_data << "\n"; - os << " interaction_nonce: " << defi_note.interaction_nonce << "\n"; - os << " total_input_value: " << defi_note.total_input_value << "\n"; - os << " total_output_value_a: " << defi_note.total_output_value_a << "\n"; - os << " total_output_value_b: " << defi_note.total_output_value_b << "\n"; - os << " interaction_result: " << defi_note.interaction_result << "\n"; - } - - os << "rollup_beneficiary: " << tx.rollup_beneficiary << "\n"; - return os; -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.test.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.test.cpp deleted file mode 100644 index d8a84a7b6e..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/root_rollup_tx.test.cpp +++ /dev/null @@ -1,51 +0,0 @@ -#include "root_rollup_tx.hpp" -#include "../../constants.hpp" -#include - -using namespace rollup; -using namespace rollup::proofs::root_rollup; -using namespace rollup::proofs::notes; -using namespace barretenberg; - -TEST(root_rollup_tx, test_serialization) -{ - auto random_pair = std::make_pair(fr::random_element(), fr::random_element()); - - root_rollup_tx rollup; - - rollup.rollup_id = 5; - rollup.num_inner_proofs = 2; - rollup.rollups = std::vector(2, std::vector(123, 0x80)); - - rollup.old_data_roots_root = fr::random_element(); - rollup.new_data_roots_root = fr::random_element(); - rollup.old_data_roots_path = fr_hash_path(ROOT_TREE_DEPTH, random_pair); - - rollup.new_defi_root = fr::random_element(); - rollup.old_defi_root = fr::random_element(); - rollup.old_defi_path = fr_hash_path(DEFI_TREE_DEPTH, random_pair); - - rollup.bridge_call_datas = { 1, 2, 3, 4 }; - rollup.asset_ids = { 5, 6, 7 }; - - rollup.rollup_beneficiary = 100; - - native::defi_interaction::note defi_native_note = { 0, 0, 0, 0, 0, false }; - rollup.defi_interaction_notes = { 4, defi_native_note }; - - auto buf = to_buffer(rollup); - auto result = from_buffer(buf); - - EXPECT_EQ(result.rollup_id, rollup.rollup_id); - EXPECT_EQ(result.num_inner_proofs, rollup.num_inner_proofs); - EXPECT_EQ(result.old_data_roots_root, rollup.old_data_roots_root); - EXPECT_EQ(result.new_data_roots_root, rollup.new_data_roots_root); - EXPECT_EQ(result.old_data_roots_path, rollup.old_data_roots_path); - EXPECT_EQ(result.old_defi_root, rollup.old_defi_root); - EXPECT_EQ(result.new_defi_root, rollup.new_defi_root); - EXPECT_EQ(result.old_defi_path, rollup.old_defi_path); - EXPECT_EQ(result.bridge_call_datas, rollup.bridge_call_datas); - EXPECT_EQ(result.asset_ids, rollup.asset_ids); - EXPECT_EQ(result.defi_interaction_notes, rollup.defi_interaction_notes); - EXPECT_EQ(result.rollup_beneficiary, rollup.rollup_beneficiary); -} diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/verify.cpp b/cpp/src/aztec/rollup/proofs/root_rollup/verify.cpp deleted file mode 100644 index bea25b2870..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/verify.cpp +++ /dev/null @@ -1,57 +0,0 @@ -#include "./verify.hpp" -#include "create_root_rollup_tx.hpp" -#include "./root_rollup_circuit.hpp" - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; - -namespace { -verify_result build_circuit(Composer& composer, root_rollup_tx& tx, circuit_data const& circuit_data) -{ - verify_result result; - - if (!circuit_data.inner_rollup_circuit_data.verification_key) { - info("Inner verification key not provided."); - return result; - } - - if (circuit_data.inner_rollup_circuit_data.padding_proof.size() == 0) { - info("Inner padding proof not provided."); - return result; - } - - // Pad the rollup if necessary. - pad_root_rollup_tx(tx, circuit_data); - - auto circuit_result = root_rollup_circuit(composer, - tx, - circuit_data.inner_rollup_circuit_data.rollup_size, - circuit_data.rollup_size, - circuit_data.inner_rollup_circuit_data.verification_key); - - result.recursion_output = circuit_result.recursion_output; - result.broadcast_data = circuit_result.broadcast_data; - - return result; -} -} // namespace - -verify_result verify_logic(root_rollup_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_logic_internal(composer, tx, cd, "root rollup", build_circuit); -} - -verify_result verify(root_rollup_tx& tx, circuit_data const& cd) -{ - Composer composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_internal(composer, tx, cd, "root rollup", true, build_circuit); -} - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_rollup/verify.hpp b/cpp/src/aztec/rollup/proofs/root_rollup/verify.hpp deleted file mode 100644 index 3223e84ed7..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_rollup/verify.hpp +++ /dev/null @@ -1,23 +0,0 @@ -#pragma once -#include "../verify.hpp" -#include "compute_circuit_data.hpp" -#include "root_rollup_tx.hpp" - -namespace rollup { -namespace proofs { -namespace root_rollup { - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; - -struct verify_result : ::rollup::proofs::verify_result { - std::vector broadcast_data; -}; - -verify_result verify_logic(root_rollup_tx& tx, circuit_data const& cd); - -verify_result verify(root_rollup_tx& tx, circuit_data const& cd); - -} // namespace root_rollup -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/root_verifier/CMakeLists.txt deleted file mode 100644 index 4df9c26ce7..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/CMakeLists.txt +++ /dev/null @@ -1 +0,0 @@ -barretenberg_module(rollup_proofs_root_verifier rollup_proofs_root_rollup) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/compute_circuit_data.hpp b/cpp/src/aztec/rollup/proofs/root_verifier/compute_circuit_data.hpp deleted file mode 100644 index 7c3056ef23..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/compute_circuit_data.hpp +++ /dev/null @@ -1,65 +0,0 @@ -#pragma once -#include "../root_rollup/compute_circuit_data.hpp" -#include "root_verifier_circuit.hpp" - -namespace rollup { -namespace proofs { -namespace root_verifier { - -struct circuit_data : proofs::circuit_data { - std::vector> valid_vks; -}; - -inline circuit_data get_circuit_data(root_rollup::circuit_data const& root_rollup_circuit_data, - std::shared_ptr const& srs, - std::vector> const& valid_vks, - std::string const& key_path, - bool compute = true, - bool save = true, - bool load = true, - bool pk = true, - bool vk = true, - bool mock = false) -{ - std::cerr << "Getting root verifier circuit data: (size: " << root_rollup_circuit_data.rollup_size << ")" - << std::endl; - auto name = - format("root_verifier_", root_rollup_circuit_data.inner_rollup_circuit_data.rollup_size, "_", valid_vks.size()); - - auto build_verifier_circuit = [&](OuterComposer& composer) { - root_verifier_tx tx; - tx.proof_data = root_rollup_circuit_data.padding_proof; - root_verifier_circuit(composer, tx, root_rollup_circuit_data.verification_key, valid_vks); - }; - - auto cd = proofs::get_circuit_data( - - "root verifier", - name, - srs, - key_path, - compute, - save, - load, - pk, - vk, - false, - mock, - build_verifier_circuit, - format(" ", root_rollup_circuit_data.inner_rollup_circuit_data.rollup_size, "x", valid_vks.size())); - - circuit_data data; - data.num_gates = cd.num_gates; - data.srs = cd.srs; - data.proving_key = cd.proving_key; - data.verification_key = cd.verification_key; - data.valid_vks = valid_vks; - data.padding_proof = cd.padding_proof; - data.mock = cd.mock; - - return data; -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/create_root_verifier_tx.hpp b/cpp/src/aztec/rollup/proofs/root_verifier/create_root_verifier_tx.hpp deleted file mode 100644 index 4c1cac79a1..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/create_root_verifier_tx.hpp +++ /dev/null @@ -1,38 +0,0 @@ -#pragma once -#include -#include "../root_rollup/root_rollup_broadcast_data.hpp" -#include "../root_rollup/verify.hpp" -#include "verify.hpp" - -namespace rollup { -namespace proofs { -namespace root_verifier { - -inline root_verifier_tx create_root_verifier_tx(root_rollup::verify_result const& result) -{ - root_verifier_tx tx; - - root_rollup::root_rollup_broadcast_data broadcast_data(result.broadcast_data); - - tx.broadcast_data = to_buffer(broadcast_data); - tx.proof_data = result.proof_data; - return tx; -} - -inline root_verifier_tx create_root_verifier_tx(std::vector proof_buf, size_t rollup_size) -{ - root_verifier_tx tx; - - size_t broadcast_data_byte_len = 32 * (root_rollup::RootRollupBroadcastFields::INNER_PROOFS_DATA + - rollup_size * rollup::PropagatedInnerProofFields::NUM_FIELDS); - std::vector broadcast_data(slice(proof_buf, 0, broadcast_data_byte_len)); - std::vector root_rollup_proof(slice(proof_buf, broadcast_data_byte_len, proof_buf.size())); - - tx.broadcast_data = broadcast_data; - tx.proof_data = root_rollup_proof; - return tx; -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/index.hpp b/cpp/src/aztec/rollup/proofs/root_verifier/index.hpp deleted file mode 100644 index 6c7a611452..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/index.hpp +++ /dev/null @@ -1,7 +0,0 @@ -#pragma once -#include "compute_circuit_data.hpp" -#include "create_root_verifier_tx.hpp" -#include "root_verifier_circuit.hpp" -#include "root_verifier_proof_data.hpp" -#include "root_verifier_tx.hpp" -#include "verify.hpp" \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier.test.cpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier.test.cpp deleted file mode 100644 index d6d96512eb..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier.test.cpp +++ /dev/null @@ -1,135 +0,0 @@ -#include -#include -#include -#include -#include "index.hpp" -#include "../rollup/index.hpp" -#include "../root_rollup/index.hpp" -#include "../notes/native/index.hpp" -#include "../../fixtures/test_context.hpp" -#include "../../fixtures/compute_or_load_fixture.hpp" -#include - -namespace rollup { -namespace proofs { -namespace root_verifier { - -using namespace barretenberg; -using namespace notes::native; - -namespace { -#ifdef CI -bool persist = false; -#else -bool persist = true; -#endif -std::shared_ptr srs; -join_split::circuit_data js_cd; -proofs::account::circuit_data account_cd; -proofs::circuit_data claim_cd; -rollup::circuit_data tx_rollup_cd; -root_rollup::circuit_data root_rollup_cd; -root_rollup::circuit_data root_rollup_cd_bad; -root_verifier::circuit_data root_verifier_cd; - -struct RollupShape { - uint INNER_ROLLUP_TXS; - uint ROLLUPS_PER_ROLLUP; - bool operator==(RollupShape const&) const = default; -}; -} // namespace - -class root_verifier_tests : public ::testing::Test { - protected: - static constexpr auto CRS_PATH = "../srs_db/ignition"; - static constexpr auto FIXTURE_PATH = "../src/aztec/rollup/proofs/root_verifier/fixtures"; - static constexpr auto TEST_PROOFS_PATH = "../src/aztec/rollup/proofs/root_verifier/fixtures/test_proofs"; - typedef std::vector>> RollupStructure; - - root_verifier_tests() - : context(js_cd, account_cd, claim_cd) - {} - - static void SetUpTestCase() - { - auto recreate = !exists(FIXTURE_PATH); - std::filesystem::create_directories(FIXTURE_PATH); - std::filesystem::create_directories(TEST_PROOFS_PATH); - srs = std::make_shared(CRS_PATH); - - account_cd = proofs::account::get_circuit_data(srs); - js_cd = join_split::get_circuit_data(srs); - claim_cd = proofs::claim::get_circuit_data(srs); - - if (recreate) { - tx_rollup_cd = - rollup::get_circuit_data(1U, js_cd, account_cd, claim_cd, srs, FIXTURE_PATH, true, persist, persist); - // create 1x1 circuit data; this will be the only shape accepted by the root verifier circuit. - root_rollup_cd = root_rollup::get_circuit_data(1U, tx_rollup_cd, srs, FIXTURE_PATH, true, persist, persist); - root_verifier_cd = root_verifier::get_circuit_data( - root_rollup_cd, srs, { root_rollup_cd.verification_key }, FIXTURE_PATH, true, persist, persist); - // create 1x2 key to use later - root_rollup_cd_bad = - root_rollup::get_circuit_data(2U, tx_rollup_cd, srs, FIXTURE_PATH, true, persist, persist); - } else { - tx_rollup_cd = rollup::get_circuit_data( - 1U, js_cd, account_cd, claim_cd, srs, FIXTURE_PATH, false, false, true, false, true); - root_rollup_cd = - root_rollup::get_circuit_data(1U, tx_rollup_cd, srs, FIXTURE_PATH, false, false, true, false, true); - root_verifier_cd = get_circuit_data(root_rollup_cd, - srs, - { root_rollup_cd.verification_key }, - FIXTURE_PATH, - false, - false, - true, - false, - true); - // create 1x2 key to use later - root_rollup_cd_bad = - root_rollup::get_circuit_data(2U, tx_rollup_cd, srs, FIXTURE_PATH, false, false, true, false, true); - } - } - - root_verifier_tx create_root_verifier_tx() - { - auto root_rollup = fixtures::compute_or_load_fixture(TEST_PROOFS_PATH, "root_rollup", [&]() { - auto js_proof = context.create_join_split_proof({}, {}, { 100, 50 }, 150); - auto rollup_tx = rollup::create_rollup_tx(context.world_state, tx_rollup_cd.rollup_size, { js_proof }); - auto rollup_data = rollup::verify(rollup_tx, tx_rollup_cd).proof_data; - ASSERT(!rollup_data.empty()); - auto root_rollup_tx = root_rollup::create_root_rollup_tx(context.world_state, - 0, - context.world_state.defi_tree.root(), - context.world_state.defi_tree.get_hash_path(0), - { rollup_data }); - auto result = root_rollup::verify(root_rollup_tx, root_rollup_cd); - ASSERT(!result.proof_data.empty()); - return join({ to_buffer(result.broadcast_data), result.proof_data }); - }); - - return root_verifier::create_root_verifier_tx(root_rollup, 1); - } - - fixtures::TestContext context; -}; - -TEST_F(root_verifier_tests, passing) -{ - root_verifier_tx tx_data = create_root_verifier_tx(); - auto result = verify_logic(tx_data, root_verifier_cd, root_rollup_cd); - ASSERT_TRUE(result.logic_verified); -} - -TEST_F(root_verifier_tests, failing_invalid_shape) -{ - root_verifier_tx tx_data = create_root_verifier_tx(); - - // try to pass a root rollup circuit with invalid shape - auto result = verify_logic(tx_data, root_verifier_cd, root_rollup_cd_bad); - ASSERT_FALSE(result.logic_verified); -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.cpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.cpp deleted file mode 100644 index e13495b0ba..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.cpp +++ /dev/null @@ -1,41 +0,0 @@ -#include "./root_verifier_circuit.hpp" - -namespace rollup { -namespace proofs { -namespace root_verifier { - -using namespace plonk; -using namespace plonk::stdlib::recursion; - -recursion_output root_verifier_circuit( - OuterComposer& composer, - root_verifier_tx const& tx, - std::shared_ptr const& inner_verification_key, - std::vector> const& valid_vks) -{ - recursion_output recursion_output; - if (!valid_vks.size()) { - composer.failed = true; - composer.err = "Cannot build root verifier circuit with empty list of keys."; - return recursion_output; - } - - auto recursive_manifest = InnerComposer::create_unrolled_manifest(inner_verification_key->num_public_inputs); - auto recursive_verification_key = verification_key_pt::from_witness(&composer, inner_verification_key); - recursive_verification_key->validate_key_is_in_set(valid_vks); - recursion_output = verify_proof(&composer, - recursive_verification_key, - recursive_manifest, - waffle::plonk_proof{ tx.proof_data }, - recursion_output); - - // Expose the broadcast data hash, and recursion point inputs. - recursion_output.public_inputs[0].set_public(); - recursion_output.add_proof_outputs_as_public_inputs(); - - return recursion_output; -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.hpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.hpp deleted file mode 100644 index 386c9e49eb..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_circuit.hpp +++ /dev/null @@ -1,33 +0,0 @@ -#pragma once -#include "./root_verifier_tx.hpp" -#include -#include - -namespace rollup { -namespace proofs { -namespace root_verifier { - -using namespace plonk; - -using InnerComposer = waffle::TurboComposer; -using OuterComposer = waffle::StandardComposer; - -typedef stdlib::bn254 outer_curve; - -typedef stdlib::recursion::verification_key verification_key_pt; -typedef stdlib::recursion::recursive_turbo_verifier_settings recursive_settings; - -struct circuit_outputs { - stdlib::recursion::recursion_output recursion_output; - std::shared_ptr verification_key; -}; - -stdlib::recursion::recursion_output root_verifier_circuit( - OuterComposer& composer, - root_verifier_tx const& tx, - std::shared_ptr const& inner_verification_key, - std::vector> const& valid_vks); - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_full.test.cpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_full.test.cpp deleted file mode 100644 index 603c9e45c6..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_full.test.cpp +++ /dev/null @@ -1,153 +0,0 @@ -#include -#include -#include -#include "index.hpp" -#include "../rollup/index.hpp" -#include "../root_rollup/index.hpp" -#include "../notes/native/index.hpp" -#include "../../fixtures/test_context.hpp" -#include "../../fixtures/compute_or_load_fixture.hpp" -#include "../../constants.hpp" -#include - -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace root_verifier { - -using namespace barretenberg; -using namespace notes::native; -using namespace plonk::stdlib::merkle_tree; - -namespace { -std::shared_ptr srs; -numeric::random::Engine* rand_engine = &numeric::random::get_debug_engine(true); -fixtures::user_context user = fixtures::create_user_context(rand_engine); -join_split::circuit_data join_split_cd; -proofs::account::circuit_data account_cd; -proofs::claim::circuit_data claim_cd; -proofs::rollup::circuit_data tx_rollup_cd; -proofs::root_rollup::circuit_data root_rollup_cd; -proofs::root_verifier::circuit_data root_verifier_cd; -std::vector js_proof; -} // namespace - -class root_verifier_full_tests : public ::testing::Test { - protected: - static constexpr auto CRS_PATH = "../srs_db/ignition"; - static constexpr auto FIXTURE_PATH = "../src/aztec/rollup/proofs/root_verifier/fixtures"; - static constexpr auto TEST_PROOFS_PATH = "../src/aztec/rollup/proofs/root_verifier/fixtures/test_proofs"; - - typedef std::vector>> RollupStructure; - - root_verifier_full_tests() - { - rand_engine = &numeric::random::get_debug_engine(true); - user = fixtures::create_user_context(rand_engine); - } - - static void SetUpTestCase() - { - std::filesystem::create_directories(FIXTURE_PATH); - std::filesystem::create_directories(TEST_PROOFS_PATH); - srs = std::make_shared(CRS_PATH); - account_cd = proofs::account::get_circuit_data(srs); - join_split_cd = join_split::get_circuit_data(srs); - claim_cd = proofs::claim::get_circuit_data(srs); - tx_rollup_cd = - rollup::get_circuit_data(1, join_split_cd, account_cd, claim_cd, srs, FIXTURE_PATH, true, false, false); - root_rollup_cd = root_rollup::get_circuit_data(1, tx_rollup_cd, srs, FIXTURE_PATH, true, false, false); - root_verifier_cd = get_circuit_data( - root_rollup_cd, srs, { root_rollup_cd.verification_key }, FIXTURE_PATH, true, false, false); - - MemoryStore store; - MerkleTree data_tree(store, DATA_TREE_DEPTH, 0); - js_proof = join_split::create_noop_join_split_proof(join_split_cd, data_tree.root()); - } - - root_verifier_tx create_root_verifier_tx() - { - auto rollup_tx = rollup::create_rollup_tx(world_state, tx_rollup_cd.rollup_size, { js_proof }); - auto rollup_data = rollup::verify(rollup_tx, tx_rollup_cd).proof_data; - ASSERT(!rollup_data.empty()); - auto root_rollup_tx = root_rollup::create_root_rollup_tx( - world_state, 0, world_state.defi_tree.root(), world_state.defi_tree.get_hash_path(0), { rollup_data }); - auto result = root_rollup::verify(root_rollup_tx, root_rollup_cd); - ASSERT(!result.proof_data.empty()); - - return root_verifier::create_root_verifier_tx(result); - } - - world_state::WorldState world_state; -}; - -HEAVY_TEST_F(root_verifier_full_tests, good_data_passes_and_detect_circuit_change) -{ - auto tx = create_root_verifier_tx(); - auto result = verify(tx, root_verifier_cd, root_rollup_cd); - ASSERT_TRUE(result.verified); - // The below part detects changes in the root verifier circuit - size_t number_of_gates_root_verifier = result.number_of_gates; - auto vk_hash_root_verifier = result.verification_key->sha256_hash(); - // If the below assertions fail, consider changing the variable is_circuit_change_expected to 1 in - // rollup/constants.hpp and see if atleast the next power of two limit is not exceeded. Please change the constant - // values accordingly and set is_circuit_change_expected to 0 in rollup/constants.hpp before merging. - if (!(circuit_gate_count::is_circuit_change_expected)) { - EXPECT_EQ(number_of_gates_root_verifier, circuit_gate_count::ROOT_VERIFIER) - << "The gate count for the root verifier circuit is changed."; - EXPECT_EQ(from_buffer(vk_hash_root_verifier), circuit_vk_hash::ROOT_VERIFIER) - << "The verification key hash for the root verifier circuit is changed."; - // For the next power of two limit, we need to consider that we reserve four gates for adding - // randomness/zero-knowledge - EXPECT_LE(number_of_gates_root_verifier, - circuit_gate_next_power_of_two::ROOT_VERIFIER - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the root verifier circuit."; - } else { - EXPECT_LE(number_of_gates_root_verifier, - circuit_gate_next_power_of_two::ROOT_VERIFIER - waffle::ComposerBase::NUM_RESERVED_GATES) - << "You have exceeded the next power of two limit for the root verifier circuit."; - } -} - -HEAVY_TEST_F(root_verifier_full_tests, bad_byte_failure) -{ - auto tx = create_root_verifier_tx(); - - // change the first byte of the root rollup proof data. - tx.proof_data[0] = (tx.proof_data[0] == 0) ? 1 : 0; - auto result = verify(tx, root_verifier_cd, root_rollup_cd); - ASSERT_FALSE(result.verified); -} - -HEAVY_TEST_F(root_verifier_full_tests, bad_valid_point_failure) -{ - auto tx = create_root_verifier_tx(); - - auto data = root_verifier_proof_data(tx.proof_data); - - /* - * Check that the first recursive proof element occurring in tx.proof_data is not the identity - * element of the curve (exceedingly unlikely). Then invert this element and check that the proof does not - * verify. We do this inversion 'by hand', inverting the y-coordinate, for simplicity. - */ - - g1::affine_element P = data.recursion_output[0]; - ASSERT_FALSE(P.is_point_at_infinity()); - auto minus_P_ct = outer_curve::g1_ct(-P); - - fr minus_y = minus_P_ct.y.binary_basis_limbs->element.additive_constant; - uint8_t* ptr = tx.proof_data.data(); - // skip some public inputs fields and the x-coordinate of the first recursive proof element. - ptr += RootVerifierProofFields::NUM_FIELDS * 32 + (4 * 32); - fr::serialize_to_buffer(minus_y, ptr); - - auto result = root_verifier::verify(tx, root_verifier_cd, root_rollup_cd); - ASSERT_FALSE(result.verified); -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.cpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.cpp deleted file mode 100644 index 56626137d8..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.cpp +++ /dev/null @@ -1,33 +0,0 @@ -#include "root_verifier_proof_data.hpp" - -namespace rollup { -namespace proofs { -namespace root_verifier { - -root_verifier_proof_data::root_verifier_proof_data(std::vector const& proof_data) -{ - size_t num_fields = RootVerifierProofFields::NUM_FIELDS + 16; - using serialize::read; - const uint8_t* ptr = proof_data.data(); - std::vector fields(num_fields); - for (size_t i = 0; i < num_fields; ++i) { - read(ptr, fields[i]); - } - - broadcasted_inputs_hash_reduced = fields[RootVerifierProofFields::BROADCASTED_INPUTS_HASH_REDUCED]; - size_t offset = RootVerifierProofFields::NUM_FIELDS; - - for (auto& coord : - { &recursion_output[0].x, &recursion_output[0].y, &recursion_output[1].x, &recursion_output[1].y }) { - uint256_t limb[4]; - for (size_t li = 0; li < 4; ++li) { - limb[li] = fields[offset++]; - } - *coord = limb[0] + (uint256_t(1) << 68) * limb[1] + (uint256_t(1) << 136) * limb[2] + - (uint256_t(1) << 204) * limb[3]; - } -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.hpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.hpp deleted file mode 100644 index 96f8e36934..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_proof_data.hpp +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once -#include "root_verifier_circuit.hpp" - -namespace rollup { -namespace proofs { -namespace root_verifier { - -struct root_verifier_proof_data { - barretenberg::fr broadcasted_inputs_hash_reduced; - g1::affine_element recursion_output[2]; - - root_verifier_proof_data() {} - root_verifier_proof_data(std::vector const& proof_data); - - bool operator==(const root_verifier_proof_data& other) const = default; -}; - -namespace RootVerifierProofFields { -enum { - BROADCASTED_INPUTS_HASH_REDUCED, - NUM_FIELDS, -}; -} // namespace RootVerifierProofFields - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.hpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.hpp deleted file mode 100644 index 076ec4cf04..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.hpp +++ /dev/null @@ -1,44 +0,0 @@ -#pragma once -#include - -namespace rollup { -namespace proofs { -namespace root_verifier { - -struct root_verifier_tx { - std::vector broadcast_data; - std::vector proof_data; - - bool operator==(root_verifier_tx const&) const = default; -}; - -template inline void read(B& buf, root_verifier_tx& tx) -{ - using serialize::read; - read(buf, tx.broadcast_data); - read(buf, tx.proof_data); -} - -template inline void write(B& buf, root_verifier_tx const& tx) -{ - using serialize::write; - write(buf, tx.broadcast_data); - write(buf, tx.proof_data); -} - -inline std::ostream& operator<<(std::ostream& os, root_verifier_tx const& tx) -{ - os << "broadcast_data:\n"; - for (auto p : tx.broadcast_data) { - os << p << "\n"; - } - os << "proof_data:\n"; - for (auto p : tx.proof_data) { - os << p << "\n"; - } - return os; -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.test.cpp b/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.test.cpp deleted file mode 100644 index 618216c487..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/root_verifier_tx.test.cpp +++ /dev/null @@ -1,15 +0,0 @@ -#include "root_verifier_tx.hpp" -#include - -using namespace rollup::proofs::root_verifier; - -TEST(root_verifier_transaction, serialization) -{ - root_verifier_tx tx; - tx.broadcast_data = std::vector(66, 0xf); - tx.proof_data = std::vector(123, 0x80); - auto buf = to_buffer(tx); - auto result = from_buffer(buf); - EXPECT_EQ(result.broadcast_data, tx.broadcast_data); - EXPECT_EQ(result.proof_data, tx.proof_data); -} diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/verify.cpp b/cpp/src/aztec/rollup/proofs/root_verifier/verify.cpp deleted file mode 100644 index cd8175165c..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/verify.cpp +++ /dev/null @@ -1,52 +0,0 @@ -#include "./verify.hpp" -#include "./root_verifier_circuit.hpp" - -namespace rollup { -namespace proofs { -namespace root_verifier { - -verify_result build_circuit(OuterComposer& composer, - root_verifier_tx& tx, - circuit_data const& cd, - root_rollup::circuit_data const& root_rollup_cd) -{ - verify_result result; - - if (!root_rollup_cd.verification_key) { - info("Inner verification key not provided."); - return result; - } - - result.recursion_output = root_verifier_circuit(composer, tx, root_rollup_cd.verification_key, cd.valid_vks); - return result; -} - -verify_result verify_logic(root_verifier_tx& tx, - circuit_data const& cd, - root_rollup::circuit_data const& root_rollup_cd) -{ - OuterComposer composer = OuterComposer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_logic_internal( - composer, tx, cd, "root verifier", [&](OuterComposer& composer, root_verifier_tx& tx, circuit_data const& cd) { - return build_circuit(composer, tx, cd, root_rollup_cd); - }); -} - -verify_result verify(root_verifier_tx& tx, - circuit_data const& cd, - root_rollup::circuit_data const& root_rollup_cd) -{ - OuterComposer composer = OuterComposer(cd.proving_key, cd.verification_key, cd.num_gates); - return verify_internal(composer, - tx, - cd, - "root verifier", - false, - [&](OuterComposer& composer, root_verifier_tx& tx, circuit_data const& cd) { - return build_circuit(composer, tx, cd, root_rollup_cd); - }); -} - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/root_verifier/verify.hpp b/cpp/src/aztec/rollup/proofs/root_verifier/verify.hpp deleted file mode 100644 index 3d4041b35b..0000000000 --- a/cpp/src/aztec/rollup/proofs/root_verifier/verify.hpp +++ /dev/null @@ -1,20 +0,0 @@ -#pragma once -#include "../verify.hpp" -#include "compute_circuit_data.hpp" -#include "../root_rollup/index.hpp" - -namespace rollup { -namespace proofs { -namespace root_verifier { - -verify_result verify_logic(root_verifier_tx& tx, - circuit_data const& circuit_data, - root_rollup::circuit_data const& root_rollup_cd); - -verify_result verify(root_verifier_tx& tx, - circuit_data const& circuit_data, - root_rollup::circuit_data const& root_rollup_cd); - -} // namespace root_verifier -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/rollup_cli/CMakeLists.txt b/cpp/src/aztec/rollup/rollup_cli/CMakeLists.txt deleted file mode 100644 index 13dcc48bc4..0000000000 --- a/cpp/src/aztec/rollup/rollup_cli/CMakeLists.txt +++ /dev/null @@ -1,11 +0,0 @@ -add_executable( - rollup_cli - main.cpp -) - -target_link_libraries( - rollup_cli - PRIVATE - rollup_proofs_root_verifier - env -) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/rollup_cli/main.cpp b/cpp/src/aztec/rollup/rollup_cli/main.cpp deleted file mode 100644 index b5d79ba69a..0000000000 --- a/cpp/src/aztec/rollup/rollup_cli/main.cpp +++ /dev/null @@ -1,306 +0,0 @@ -#include -#include - -#include -#include -#include - -#include "../proofs/account/compute_circuit_data.hpp" -#include "../proofs/account/verify.hpp" -#include "../proofs/join_split/compute_circuit_data.hpp" -#include "../proofs/claim/get_circuit_data.hpp" -#include "../proofs/claim/verify.hpp" -#include "../proofs/rollup/index.hpp" -#include "../proofs/root_rollup/index.hpp" -#include "../proofs/root_verifier/index.hpp" -#include -#include -#include - -#include -#include -#include - -using namespace ::rollup::proofs; -using namespace plonk::stdlib::merkle_tree; -using namespace serialize; -namespace tx_rollup = ::rollup::proofs::rollup; - -namespace { -// Number of transactions in an inner rollup. -size_t txs_per_inner; -// Number of inner rollups in a root rollup. -size_t inners_per_root; -// In mock mode, mock proofs (expected public inputs, but no constraints) are generated. -bool mock_proofs; -// Create big circuits proving keys lazily to improve startup times. -bool lazy_init; -// True if rollup circuit data (proving and verification keys) are to be persisted to disk. -// We likely don't have enough memory to hold all keys in memory, and loading keys from disk is faster. -bool persist; -// Path to save proving keys to if persist is on. -std::string data_path; - -std::shared_ptr crs; -join_split::circuit_data js_cd; -account::circuit_data account_cd; -claim::circuit_data claim_cd; -tx_rollup::circuit_data tx_rollup_cd; -root_rollup::circuit_data root_rollup_cd; -root_verifier::circuit_data root_verifier_cd; -} // namespace - -// Postcondition: tx_rollup_cd has a proving key and verification key. -void init_tx_rollup(size_t num_txs) -{ - if (tx_rollup_cd.proving_key) { - // We always have a vk if we have a pk, as we request both in the call to get_circuit_data. - return; - } - if (lazy_init) { - // In lazy init mode we conserve memory. Throw away the root rollup proving key first. - info("Purging root rollup proving key."); - root_rollup_cd.proving_key.reset(); - } - tx_rollup_cd = tx_rollup::get_circuit_data( - num_txs, js_cd, account_cd, claim_cd, crs, data_path, true, persist, persist, true, true, mock_proofs); -} - -bool create_tx_rollup() -{ - init_tx_rollup(txs_per_inner); - - tx_rollup::rollup_tx rollup; - std::cerr << "Reading tx rollup..." << std::endl; - read(std::cin, rollup); - std::cerr << "Received tx rollup with " << rollup.num_txs << " txs." << std::endl; - - auto result = verify(rollup, tx_rollup_cd); - - write(std::cout, result.proof_data); - write(std::cout, result.verified); - std::cout << std::flush; - - return result.verified; -} - -// Postcondition: root_rollup_cd has a proving key and verification key. -void init_root_rollup(size_t num_rollups) -{ - if (root_rollup_cd.proving_key) { - // We always have a vk if we have a pk, as we request both in the call to get_circuit_data. - return; - } - if (!tx_rollup_cd.verification_key) { - // If we've never created the tx rollup circuit data, we won't have a vk. Build it. - init_tx_rollup(txs_per_inner); - } - if (lazy_init) { - // In lazy init mode we conserve memory. Throw away the tx rollup proving key first. - info("Purging tx rollup proving key."); - tx_rollup_cd.proving_key.reset(); - } - root_rollup_cd = root_rollup::get_circuit_data( - num_rollups, tx_rollup_cd, crs, data_path, true, persist, persist, true, true, mock_proofs); -} - -bool create_root_rollup() -{ - init_root_rollup(inners_per_root); - - root_rollup::root_rollup_tx root_rollup; - std::cerr << "Reading root rollup..." << std::endl; - read(std::cin, root_rollup); - std::cerr << "Received root rollup with " << root_rollup.rollups.size() << " rollups." << std::endl; - - auto result = verify(root_rollup, root_rollup_cd); - - root_rollup::root_rollup_broadcast_data broadcast_data(result.broadcast_data); - auto buf = join({ to_buffer(broadcast_data), result.proof_data }); - - write(std::cout, buf); - write(std::cout, result.verified); - std::cout << std::flush; - - return result.verified; -} - -bool create_claim() -{ - claim::claim_tx claim_tx; - std::cerr << "Reading claim tx..." << std::endl; - read(std::cin, claim_tx); - - auto result = verify(claim_tx, claim_cd); - - write(std::cout, result.proof_data); - write(std::cout, result.verified); - std::cout << std::flush; - - return result.verified; -} - -// Postcondition: root_verifier_cd has a proving key and verification key. -void init_root_verifier() -{ - if (root_verifier_cd.proving_key) { - // We always have a vk if we have a pk, as we request both in the call to get_circuit_data. - return; - } - if (!root_rollup_cd.verification_key) { - // If we've never created the root rollup circuit data, we won't have a vk. Build it. - init_root_rollup(txs_per_inner); - } - root_verifier_cd = root_verifier::get_circuit_data(root_rollup_cd, - crs, - { root_rollup_cd.verification_key }, - data_path, - true, - persist, - persist, - true, - true, - mock_proofs); -} - -bool create_root_verifier() -{ - init_root_verifier(); - - std::vector root_rollup_proof_buf; - std::cerr << "Reading root verifier tx..." << std::endl; - read(std::cin, root_rollup_proof_buf); - - auto rollup_size = inners_per_root * tx_rollup_cd.rollup_size; - auto tx = root_verifier::create_root_verifier_tx(root_rollup_proof_buf, rollup_size); - - auto result = verify(tx, root_verifier_cd, root_rollup_cd); - - result.proof_data = join({ tx.broadcast_data, result.proof_data }); - write(std::cout, result.proof_data); - write(std::cout, (uint8_t)result.verified); - std::cout << std::flush; - - return result.verified; -} - -bool create_account_proof() -{ - account::account_tx account_tx; - std::cerr << "Reading account tx..." << std::endl; - read(std::cin, account_tx); - - auto result = verify(account_tx, account_cd); - - write(std::cout, result.proof_data); - write(std::cout, result.verified); - std::cout << std::flush; - - return result.verified; -} - -int main(int argc, char** argv) -{ - std::vector args(argv, argv + argc); - - info("Rollup CLI pid: ", getpid()); - info("Command line: ", join(args, " ")); - - const std::string srs_path = (args.size() > 1) ? args[1] : "../srs_db/ignition"; - txs_per_inner = args.size() > 2 ? (std::stoul(args[2])) : 1; - inners_per_root = args.size() > 3 ? (std::stoul(args[3])) : 1; - mock_proofs = args.size() > 4 ? args[4] == "true" : false; - lazy_init = args.size() > 5 ? args[5] == "true" : false; - persist = args.size() > 6 ? args[6] == "true" : true; - data_path = (args.size() > 7) ? args[7] : "./data"; - - info("Txs per inner: ", txs_per_inner); - info("Inners per root: ", inners_per_root); - info("Mock proofs: ", mock_proofs); - info("Lazy init: ", lazy_init); - info("Persist: ", persist); - info("Data path: ", data_path); - - if (mock_proofs) { - info("Running in mock proof mode. Mock proofs will be generated!"); - } - - info("Loading crs..."); - crs = std::make_shared(srs_path); - - account_cd = account::get_circuit_data(crs, mock_proofs); - js_cd = join_split::get_circuit_data(crs, mock_proofs); - claim_cd = claim::get_circuit_data(crs, mock_proofs); - - // Lazy init mode conserves memory by purging and recomputing tx/root proving keys. - // If the halloumi instance is targeted to produce a specific type of proof, use lazy init as it will only - // need to hold the pk of the specific proof it creates in memory. - // - // Eager mode can be useful to create all the circuits up front at load time, which is fine if they are not - // too big. It can be useful for determining to total memory footprint of the process for certain circuit sizes. - if (!lazy_init) { - info("Running in eager init mode, all proving keys will be created once up front."); - init_tx_rollup(txs_per_inner); - init_root_rollup(inners_per_root); - init_root_verifier(); - } else { - info("Running in lazy init mode, tx rollup and root rollup proving keys will be swapped in and out."); - } - - info("Reading rollups from standard input..."); - while (true) { - if (!std::cin.good() || std::cin.peek() == std::char_traits::eof()) { - break; - } - - uint32_t proof_id; - read(std::cin, proof_id); - - switch (proof_id) { - case 0: { - create_tx_rollup(); - break; - } - case 1: { - create_root_rollup(); - break; - } - case 2: { - create_claim(); - break; - } - case 3: { - create_root_verifier(); - break; - } - case 4: { - std::cerr << "Serving request to create account proof..." << std::endl; - create_account_proof(); - break; - } - case 100: { - // Convert to buffer first, so when we call write we prefix the buffer length. - std::cerr << "Serving join split vk..." << std::endl; - write(std::cout, to_buffer(*js_cd.verification_key)); - break; - } - case 101: { - std::cerr << "Serving account vk..." << std::endl; - write(std::cout, to_buffer(*account_cd.verification_key)); - break; - } - case 666: { - // Ping... Pong... Used for learning when rollup_cli is responsive. - std::cerr << "Ping... Pong..." << std::endl; - serialize::write(std::cout, true); - break; - } - default: { - std::cerr << "Unknown command: " << proof_id << std::endl; - break; - } - } - } - - return 0; -} diff --git a/cpp/src/aztec/rollup/tx_factory/CMakeLists.txt b/cpp/src/aztec/rollup/tx_factory/CMakeLists.txt deleted file mode 100644 index f9371da3c1..0000000000 --- a/cpp/src/aztec/rollup/tx_factory/CMakeLists.txt +++ /dev/null @@ -1,9 +0,0 @@ -add_executable( - tx_factory - main.cpp -) - -target_link_libraries( - tx_factory - rollup_proofs_root_verifier -) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/tx_factory/main.cpp b/cpp/src/aztec/rollup/tx_factory/main.cpp deleted file mode 100644 index 127f05af7a..0000000000 --- a/cpp/src/aztec/rollup/tx_factory/main.cpp +++ /dev/null @@ -1,124 +0,0 @@ -#include "../proofs/join_split/index.hpp" -#include "../proofs/rollup/index.hpp" -#include "../proofs/root_rollup/index.hpp" -#include "../proofs/root_verifier/index.hpp" -#include "../world_state/world_state.hpp" -#include "../constants.hpp" -#include "../fixtures/compute_or_load_fixture.hpp" -#include -#include -#include - -using namespace ::rollup::proofs; -using namespace ::rollup::fixtures; -using namespace plonk::stdlib::merkle_tree; -using namespace plonk::stdlib::types::turbo; -namespace tx_rollup = ::rollup::proofs::rollup; -using WorldState = ::rollup::world_state::WorldState; - -tx_rollup::rollup_tx create_inner_rollup(uint32_t num_txs, - uint32_t rollup_size, - join_split::circuit_data const& join_split_circuit_data, - barretenberg::fr const& data_tree_root, - WorldState& world_state, - bool mock_proofs) -{ - info("Generating a ", rollup_size, " rollup with ", num_txs, " txs..."); - auto proofs = std::vector>(num_txs); - for (size_t i = 0; i < num_txs; ++i) { - proofs[i] = - join_split::create_noop_join_split_proof(join_split_circuit_data, data_tree_root, true, mock_proofs); - } - return tx_rollup::create_rollup_tx(world_state, rollup_size, proofs); -} - -int main(int argc, char** argv) -{ - using serialize::write; - WorldState world_state; - - std::vector args(argv, argv + argc); - - if (args.size() < 4) { - info("usage:\n", - args[0], - " [output_file]"); - return -1; - } - - uint32_t num_txs = static_cast(std::stoul(args[1])); - const uint32_t inner_rollup_size = static_cast(std::stoul(args[2])); - const uint32_t outer_rollup_size = static_cast(std::stoul(args[3])); - const bool split_txns_across_rollups = args.size() > 4 ? args[4] == "true" : true; - const bool mock_proofs = args.size() > 5 ? args[5] == "true" : true; - const std::string output_file = args[6]; - - auto crs = std::make_shared("../srs_db/ignition"); - auto join_split_circuit_data = join_split::get_circuit_data(crs, mock_proofs); - auto data_root = world_state.data_tree.root(); - world_state.root_tree.update_element(0, data_root); - - Timer timer; - - std::vector> rollups_data; - const auto num_total_txs = num_txs; - while (num_txs > 0) { - auto n = split_txns_across_rollups ? (num_total_txs / outer_rollup_size) : std::min(num_txs, inner_rollup_size); - num_txs -= n; - - auto rollup = - create_inner_rollup(n, inner_rollup_size, join_split_circuit_data, data_root, world_state, mock_proofs); - - info("Sending tx rollup request with ", n, " txs..."); - write(std::cout, (uint32_t)0); - write(std::cout, rollup); - info("Sent."); - - std::vector proof_data; - bool verified; - read(std::cin, proof_data); - read(std::cin, verified); - if (!verified) { - throw std::runtime_error("Received an unverified proof."); - } - - rollups_data.push_back(proof_data); - } - - auto root_rollup = root_rollup::create_root_rollup_tx( - world_state, 0, world_state.defi_tree.root(), world_state.defi_tree.get_hash_path(0), rollups_data); - - info("Sending root rollup request..."); - write(std::cout, (uint32_t)1); - write(std::cout, root_rollup); - info("Sent."); - - std::vector root_rollup_proof_buf; - bool verified; - read(std::cin, root_rollup_proof_buf); - read(std::cin, verified); - if (!verified) { - throw std::runtime_error("Received an unverified root rollup proof."); - } - - info("Sending root verifier request..."); - write(std::cout, (uint32_t)3); - write(std::cout, root_rollup_proof_buf); - info("Sent."); - - std::vector proof_data; - read(std::cin, proof_data); - read(std::cin, verified); - - info("Verified: ", verified); - info("Time taken: ", timer.toString()); - - if (!output_file.empty()) { - std::ofstream of(output_file); - write(of, proof_data); - write(of, verified); - info("Saved proof to: ", output_file); - } - - return 0; -} diff --git a/cpp/src/aztec/rollup/world_state/world_state.hpp b/cpp/src/aztec/rollup/world_state/world_state.hpp deleted file mode 100644 index 3fae31ab69..0000000000 --- a/cpp/src/aztec/rollup/world_state/world_state.hpp +++ /dev/null @@ -1,69 +0,0 @@ -#pragma once -#include -#include "../proofs/notes/native/defi_interaction/note.hpp" -#include "../proofs/notes/native/value/value_note.hpp" -#include "../proofs/notes/native/account/account_note.hpp" -#include "../proofs/notes/native/claim/claim_note.hpp" -#include "../constants.hpp" - -namespace rollup { -namespace world_state { - -using namespace plonk::stdlib::merkle_tree; -using namespace proofs::notes::native; - -template class WorldState { - using Tree = MerkleTree; - - public: - WorldState() - : data_tree(store, DATA_TREE_DEPTH, 0) - , null_tree(store, NULL_TREE_DEPTH, 1) - , root_tree(store, ROOT_TREE_DEPTH, 2) - , defi_tree(store, DEFI_TREE_DEPTH, 3) - { - update_root_tree_with_data_root(); - } - - void update_root_tree_with_data_root() - { - auto data_root = data_tree.root(); - root_tree.update_element(root_tree.size(), data_root); - } - - void insert_data_entry(uint256_t index, fr const& commitment, fr const& input_nullifier) - { - data_tree.update_element(index, commitment); - input_nullifiers.resize(static_cast(data_tree.size())); - input_nullifiers[static_cast(index)] = input_nullifier; - } - - template void append_data_note(T const& note) - { - insert_data_entry(data_tree.size(), note.commit(), note.input_nullifier); - } - - void append_data_note(account::account_note const& note) - { - insert_data_entry(data_tree.size(), note.commit(), fr(0)); - } - - void add_defi_notes(std::vector const& din, uint32_t start_index) - { - for (uint32_t i = 0; i < din.size(); i++) { - defi_tree.update_element(start_index + i, din[i].commit()); - } - } - - void nullify(uint256_t index) { null_tree.update_element(index, { 1 }); } - - Store store; - Tree data_tree; - Tree null_tree; - Tree root_tree; - Tree defi_tree; - std::vector input_nullifiers; -}; - -} // namespace world_state -} // namespace rollup \ No newline at end of file From a1f7d0276b67bd8bd8e31b16c713672cbe13fc6e Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Fri, 3 Feb 2023 21:08:15 +0000 Subject: [PATCH 02/13] dockerfile, script, and ci changes now that rollup contents are gone except join split --- .circleci/config.yml | 64 ++----------------- cpp/dockerfiles/Dockerfile.x86_64-linux-clang | 6 +- cpp/dockerfiles/Dockerfile.x86_64-linux-gcc | 5 +- cpp/scripts/bb-tests | 4 -- 4 files changed, 7 insertions(+), 72 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2eebb5aea0..d281c525d3 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -172,7 +172,7 @@ jobs: command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert stdlib_recursion_tests - *save_logs - tx-rollup-tests: + join-split-tests: docker: - image: aztecprotocol/alpine-build-image resource_class: small @@ -181,55 +181,7 @@ jobs: - *setup_env - run: name: "Test" - command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert rollup_proofs_tx_rollup_tests --gtest_filter=-rollup_full_tests.* - - *save_logs - - tx-rollup-full-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Test" - command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert rollup_proofs_tx_rollup_tests --gtest_filter=rollup_full_tests.* - - *save_logs - - root-rollup-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Test" - command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert rollup_proofs_root_rollup_tests --gtest_filter=-root_rollup_full_tests.* - - *save_logs - - root-rollup-full-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Test" - command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert rollup_proofs_root_rollup_tests --gtest_filter=root_rollup_full_tests.* - - *save_logs - - root-verifier-tests: - docker: - - image: aztecprotocol/alpine-build-image - resource_class: small - steps: - - *checkout - - *setup_env - - run: - name: "Test" - command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert rollup_proofs_root_verifier_tests + command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert rollup_proofs_join_split_tests - *save_logs benchmark-aggregator: @@ -261,21 +213,13 @@ workflows: - barretenberg-tests: *bb_test - stdlib-primitives-tests: *bb_test - stdlib-recursion-tests: *bb_test - - tx-rollup-tests: *bb_test - - tx-rollup-full-tests: *bb_test - - root-rollup-tests: *bb_test - - root-rollup-full-tests: *bb_test - - root-verifier-tests: *bb_test + - join-split-tests: *bb_test - benchmark-aggregator: requires: - barretenberg-tests - stdlib-primitives-tests - stdlib-recursion-tests - - tx-rollup-tests - - tx-rollup-full-tests - - root-verifier-tests - - root-rollup-tests - - root-rollup-full-tests + - join-split-tests filters: branches: only: diff --git a/cpp/dockerfiles/Dockerfile.x86_64-linux-clang b/cpp/dockerfiles/Dockerfile.x86_64-linux-clang index 19c4018ac0..4fe770a97f 100644 --- a/cpp/dockerfiles/Dockerfile.x86_64-linux-clang +++ b/cpp/dockerfiles/Dockerfile.x86_64-linux-clang @@ -22,8 +22,4 @@ RUN mkdir build && cd build && cmake -DOpenMP_omp_LIBRARY=/usr/local/lib/libomp. FROM alpine:3.13 RUN apk update && apk add llvm10-libs -COPY --from=builder /usr/src/barretenberg/cpp/srs_db /usr/src/barretenberg/cpp/srs_db -COPY --from=builder /usr/src/barretenberg/cpp/build/bin/db_cli /usr/src/barretenberg/cpp/build/bin/db_cli -COPY --from=builder /usr/src/barretenberg/cpp/build/bin/rollup_cli /usr/src/barretenberg/cpp/build/bin/rollup_cli -COPY --from=builder /usr/src/barretenberg/cpp/build/bin/tx_factory /usr/src/barretenberg/cpp/build/bin/tx_factory -COPY --from=builder /usr/src/barretenberg/cpp/build/bin/keygen /usr/src/barretenberg/cpp/build/bin/keygen \ No newline at end of file +COPY --from=builder /usr/src/barretenberg/cpp/srs_db /usr/src/barretenberg/cpp/srs_db \ No newline at end of file diff --git a/cpp/dockerfiles/Dockerfile.x86_64-linux-gcc b/cpp/dockerfiles/Dockerfile.x86_64-linux-gcc index b71e6f8b3c..deb156a6d0 100644 --- a/cpp/dockerfiles/Dockerfile.x86_64-linux-gcc +++ b/cpp/dockerfiles/Dockerfile.x86_64-linux-gcc @@ -8,10 +8,9 @@ RUN apk update \ curl WORKDIR /usr/src/barretenberg/cpp COPY . . -# Build the entire project (not just rollup_cli and db_cli), as we want to check everything builds under gcc. +# Build the entire project, as we want to check everything builds under gcc. RUN mkdir build && cd build && cmake -DTOOLCHAIN=x86_64-linux-gcc -DCI=ON .. && cmake --build . --parallel FROM alpine:3.13 RUN apk update && apk add libstdc++ libgomp -COPY --from=builder /usr/src/barretenberg/cpp/build/bin/db_cli /usr/src/barretenberg/cpp/build/bin/db_cli -COPY --from=builder /usr/src/barretenberg/cpp/build/bin/rollup_cli /usr/src/barretenberg/cpp/build/bin/rollup_cli \ No newline at end of file +COPY --from=builder /usr/src/barretenberg/cpp/srs_db /usr/src/barretenberg/cpp/srs_db \ No newline at end of file diff --git a/cpp/scripts/bb-tests b/cpp/scripts/bb-tests index 806d8b637a..7095c3d149 100644 --- a/cpp/scripts/bb-tests +++ b/cpp/scripts/bb-tests @@ -1,4 +1,3 @@ -ci_failsafe_tests crypto_aes128_tests crypto_blake2s_tests crypto_ecdsa_tests @@ -9,11 +8,8 @@ ecc_tests numeric_tests plonk_tests polynomials_tests -rollup_proofs_account_tests -rollup_proofs_claim_tests rollup_proofs_inner_proof_data_tests rollup_proofs_join_split_tests -rollup_proofs_notes_tests rollup_proofs_standard_example_tests srs_tests stdlib_aes128_tests From c58691b1b7d25af237e3c71fd39aee02af3710d6 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Fri, 3 Feb 2023 21:43:54 +0000 Subject: [PATCH 03/13] remove more unused code from rollup/js dir --- .../aztec/rollup/proofs/account/account.hpp | 38 ---- .../rollup/proofs/account/account_tx.hpp | 89 ---------- .../proofs/account/compute_circuit_data.hpp | 64 ------- .../rollup/proofs/add_zero_public_inputs.hpp | 19 -- .../create_noop_join_split_proof.cpp | 46 ----- .../create_noop_join_split_proof.hpp | 17 -- .../aztec/rollup/proofs/join_split/index.hpp | 1 - cpp/src/aztec/rollup/proofs/notes/c_bind.cpp | 163 ------------------ .../defi_interaction/compute_nullifier.hpp | 26 --- .../notes/circuit/defi_interaction/index.hpp | 4 - .../notes/circuit/defi_interaction/note.hpp | 80 --------- .../circuit/defi_interaction/witness_data.hpp | 41 ----- .../rollup/proofs/notes/circuit/index.hpp | 1 - .../defi_interaction/compute_nullifier.hpp | 27 --- .../notes/native/defi_interaction/index.hpp | 3 - .../notes/native/defi_interaction/note.hpp | 88 ---------- .../rollup/proofs/notes/native/index.hpp | 1 - 17 files changed, 708 deletions(-) delete mode 100644 cpp/src/aztec/rollup/proofs/account/account.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/account_tx.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/account/compute_circuit_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/add_zero_public_inputs.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/c_bind.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/compute_nullifier.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/index.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/note.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/witness_data.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/compute_nullifier.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/index.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/note.hpp diff --git a/cpp/src/aztec/rollup/proofs/account/account.hpp b/cpp/src/aztec/rollup/proofs/account/account.hpp deleted file mode 100644 index 7f2a0c4f8b..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/account.hpp +++ /dev/null @@ -1,38 +0,0 @@ -#pragma once -#include "account_tx.hpp" -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace account { - -using namespace plonk::stdlib::types::turbo; - -void init_proving_key(std::shared_ptr const& crs_factory, bool mock); - -void init_proving_key(std::shared_ptr const& crs, waffle::proving_key_data&& pk_data); - -void release_key(); - -void init_verification_key(std::shared_ptr const& crs_factory); - -void init_verification_key(std::shared_ptr const& crs, - waffle::verification_key_data&& vk_data); - -void account_circuit(Composer& composer, account_tx const& tx); - -UnrolledProver new_account_prover(account_tx const& tx, bool mock); - -bool verify_proof(waffle::plonk_proof const& proof); - -std::shared_ptr get_proving_key(); - -std::shared_ptr get_verification_key(); - -size_t get_number_of_gates(); - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/account_tx.hpp b/cpp/src/aztec/rollup/proofs/account/account_tx.hpp deleted file mode 100644 index 4c9dbbc097..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/account_tx.hpp +++ /dev/null @@ -1,89 +0,0 @@ -#pragma once -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace account { - -using namespace barretenberg; -using namespace crypto::schnorr; - -struct account_tx { - barretenberg::fr merkle_root; - grumpkin::g1::affine_element account_public_key = grumpkin::g1::affine_one; - grumpkin::g1::affine_element new_account_public_key = grumpkin::g1::affine_one; - grumpkin::g1::affine_element new_signing_pub_key_1 = grumpkin::g1::affine_one; - grumpkin::g1::affine_element new_signing_pub_key_2 = grumpkin::g1::affine_one; - barretenberg::fr alias_hash; - bool create; - bool migrate; - - uint32_t account_note_index; - plonk::stdlib::merkle_tree::fr_hash_path account_note_path; - grumpkin::g1::affine_element signing_pub_key = grumpkin::g1::affine_one; - crypto::schnorr::signature signature; - - fr compute_account_alias_hash_nullifier() const; - fr compute_account_public_key_nullifier() const; - void sign(crypto::schnorr::key_pair const& keys); - - bool operator==(account_tx const&) const = default; -}; - -template inline void read(B& buf, account_tx& tx) -{ - using serialize::read; - read(buf, tx.merkle_root); - read(buf, tx.account_public_key); - read(buf, tx.new_account_public_key); - read(buf, tx.new_signing_pub_key_1); - read(buf, tx.new_signing_pub_key_2); - read(buf, tx.alias_hash); - read(buf, tx.create); - read(buf, tx.migrate); - read(buf, tx.account_note_index); - read(buf, tx.account_note_path); - read(buf, tx.signing_pub_key); - read(buf, tx.signature.s); - read(buf, tx.signature.e); -} - -template inline void write(B& buf, account_tx const& tx) -{ - using serialize::write; - write(buf, tx.merkle_root); - write(buf, tx.account_public_key); - write(buf, tx.new_account_public_key); - write(buf, tx.new_signing_pub_key_1); - write(buf, tx.new_signing_pub_key_2); - write(buf, tx.alias_hash); - write(buf, tx.create); - write(buf, tx.migrate); - write(buf, tx.account_note_index); - write(buf, tx.account_note_path); - write(buf, tx.signing_pub_key); - write(buf, tx.signature.s); - write(buf, tx.signature.e); -} - -inline std::ostream& operator<<(std::ostream& os, account_tx const& tx) -{ - return os << "merkle_root: " << tx.merkle_root << "\n" - << "account_public_key: " << tx.account_public_key << "\n" - << "new_account_public_key: " << tx.new_account_public_key << "\n" - << "new_signing_pub_key_1: " << tx.new_signing_pub_key_1 << "\n" - << "new_signing_pub_key_2: " << tx.new_signing_pub_key_2 << "\n" - << "alias_hash: " << tx.alias_hash << "\n" - << "create: " << tx.create << "\n" - << "migrate: " << tx.migrate << "\n" - << "account_note_index: " << tx.account_note_index << "\n" - << "account_note_path: " << tx.account_note_path << "\n" - << "signing_pub_key: " << tx.signing_pub_key << "\n" - << "signature: " << tx.signature << "\n"; -} - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/account/compute_circuit_data.hpp b/cpp/src/aztec/rollup/proofs/account/compute_circuit_data.hpp deleted file mode 100644 index 5ac1c263b9..0000000000 --- a/cpp/src/aztec/rollup/proofs/account/compute_circuit_data.hpp +++ /dev/null @@ -1,64 +0,0 @@ -#pragma once -#include "account.hpp" -#include -#include -#include "../compute_circuit_data.hpp" - -namespace rollup { -namespace proofs { -namespace account { - -using namespace plonk::stdlib::merkle_tree; - -/** - * @brief Create an account noop transaction that sets the members in account_tx to be random/zero values. - * Note that the noop account tx satisfies the circuit logic, and hence can be used to create "dummy" account proofs - * that pass verification. - * - * @warning This must not be used in any production code! - */ -inline account_tx noop_tx() -{ - grumpkin::fr priv_key = grumpkin::fr::random_element(); - grumpkin::g1::affine_element pub_key = grumpkin::g1::one * priv_key; - - grumpkin::fr new_priv_key = grumpkin::fr::random_element(); - grumpkin::g1::affine_element new_pub_key = grumpkin::g1::one * new_priv_key; - - auto gibberish_path = fr_hash_path(DATA_TREE_DEPTH, std::make_pair(fr::random_element(), fr::random_element())); - - account_tx tx = {}; - tx.merkle_root = fr::random_element(); - tx.account_public_key = pub_key; - tx.new_account_public_key = pub_key; - tx.new_signing_pub_key_1 = new_pub_key; - tx.new_signing_pub_key_2 = new_pub_key; - tx.alias_hash = (uint256_t(fr::random_element()) & 0xffffffff); - tx.create = true; - tx.migrate = false; - tx.account_note_index = 0; - tx.signing_pub_key = pub_key; - tx.account_note_path = gibberish_path; - tx.sign({ priv_key, pub_key }); - return tx; -} - -using circuit_data = proofs::circuit_data; - -inline circuit_data get_circuit_data(std::shared_ptr const& srs, bool mock = false) -{ - std::cerr << "Getting account circuit data..." << std::endl; - - auto build_circuit = [&](Composer& composer) { - account_tx tx(noop_tx()); - tx.account_note_path.resize(DATA_TREE_DEPTH); - account_circuit(composer, tx); - }; - - return proofs::get_circuit_data( - "account", "", srs, "", true, false, false, true, true, false, mock, build_circuit); -} - -} // namespace account -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/add_zero_public_inputs.hpp b/cpp/src/aztec/rollup/proofs/add_zero_public_inputs.hpp deleted file mode 100644 index 3ef3595a54..0000000000 --- a/cpp/src/aztec/rollup/proofs/add_zero_public_inputs.hpp +++ /dev/null @@ -1,19 +0,0 @@ -#pragma once -#include - -namespace rollup { -namespace proofs { - -using namespace plonk::stdlib::types::turbo; - -inline void add_zero_public_inputs(Composer& composer, size_t num) -{ - for (size_t i = 0; i < num; ++i) { - auto zero = field_ct(witness_ct(&composer, 0)); - zero.assert_is_zero(); - zero.set_public(); - } -} - -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.cpp b/cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.cpp deleted file mode 100644 index ab34fc44ef..0000000000 --- a/cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.cpp +++ /dev/null @@ -1,46 +0,0 @@ -#include "create_noop_join_split_proof.hpp" -#include "join_split_circuit.hpp" -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace join_split { - -using namespace barretenberg; -using namespace plonk::stdlib::types::turbo; -using namespace plonk::stdlib::merkle_tree; - -std::vector create_noop_join_split_proof(circuit_data const& circuit_data, - fr const& merkle_root, - bool valid, - bool mock) -{ - join_split_tx tx = noop_tx(); - tx.num_input_notes = valid ? 0 : 1; - tx.old_data_root = merkle_root; - - Composer composer = Composer(circuit_data.proving_key, circuit_data.verification_key, circuit_data.num_gates); - join_split_circuit(composer, tx); - - if (composer.failed) { - info("join split logic failed: ", composer.err); - } - - if (!mock) { - auto prover = composer.create_unrolled_prover(); - auto proof = prover.construct_proof(); - return proof.proof_data; - } else { - auto mock_proof_composer = Composer(circuit_data.srs); - ::rollup::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); - auto prover = mock_proof_composer.create_unrolled_prover(); - auto proof = prover.construct_proof(); - return proof.proof_data; - } -} - -} // namespace join_split -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.hpp b/cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.hpp deleted file mode 100644 index ccd53ecd5b..0000000000 --- a/cpp/src/aztec/rollup/proofs/join_split/create_noop_join_split_proof.hpp +++ /dev/null @@ -1,17 +0,0 @@ -#pragma once -#include "compute_circuit_data.hpp" -#include -#include - -namespace rollup { -namespace proofs { -namespace join_split { - -std::vector create_noop_join_split_proof(circuit_data const& circuit_data, - barretenberg::fr const& merkle_root, - bool valid = true, - bool mock = false); - -} // namespace join_split -} // namespace proofs -} // namespace rollup diff --git a/cpp/src/aztec/rollup/proofs/join_split/index.hpp b/cpp/src/aztec/rollup/proofs/join_split/index.hpp index 1dc4520357..4f13a60c10 100644 --- a/cpp/src/aztec/rollup/proofs/join_split/index.hpp +++ b/cpp/src/aztec/rollup/proofs/join_split/index.hpp @@ -1,7 +1,6 @@ #pragma once #include "c_bind.h" #include "compute_circuit_data.hpp" -#include "create_noop_join_split_proof.hpp" #include "create_proof.hpp" #include "join_split_circuit.hpp" #include "join_split_tx.hpp" diff --git a/cpp/src/aztec/rollup/proofs/notes/c_bind.cpp b/cpp/src/aztec/rollup/proofs/notes/c_bind.cpp deleted file mode 100644 index 1852e261cf..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/c_bind.cpp +++ /dev/null @@ -1,163 +0,0 @@ -#include "native/index.hpp" -#include -#include -#include - -using namespace barretenberg; -using namespace rollup::proofs::notes::native; - -#define WASM_EXPORT __attribute__((visibility("default"))) - -extern "C" { - -WASM_EXPORT void notes__value_note_partial_commitment(uint8_t const* note_secret_buffer, - uint8_t const* public_key_buffer, - uint8_t const* creator_pubkey_buffer, - bool account_required, - uint8_t* output) -{ - auto note_secret = from_buffer(note_secret_buffer); - auto public_key = from_buffer(public_key_buffer); - auto creator_pubkey = from_buffer(creator_pubkey_buffer); - auto partial_state = value::create_partial_commitment(note_secret, public_key, account_required, creator_pubkey); - write(output, partial_state); -} - -WASM_EXPORT void notes__value_note_commitment(uint8_t const* note_buffer, uint8_t* output) -{ - auto note = from_buffer(note_buffer); - auto note_commitment = note.commit(); - write(output, note_commitment); -} - -WASM_EXPORT void notes__value_note_nullifier(uint8_t const* commitment_buffer, - uint8_t* acc_pk_buffer, - bool is_real, - uint8_t* output) -{ - auto commitment = from_buffer(commitment_buffer); - auto acc_pk = from_buffer(acc_pk_buffer); - auto nullifier = compute_nullifier(commitment, acc_pk, is_real); - write(output, nullifier); -} - -WASM_EXPORT void notes__claim_note_partial_commitment(uint8_t const* note_buffer, uint8_t* output) -{ - auto note = from_buffer(note_buffer); - auto note_commitment = note.partial_commit(); - write(output, note_commitment); -} - -WASM_EXPORT void notes__claim_note_nullifier(uint8_t const* commitment_buffer, uint8_t* output) -{ - auto commitment = from_buffer(commitment_buffer); - auto nullifier = claim::compute_nullifier(commitment); - write(output, nullifier); -} - -WASM_EXPORT void notes__claim_note_complete_partial_commitment(uint8_t const* commitment_buffer, - uint32_t interaction_nonce, - uint8_t* fee, - uint8_t* output) -{ - auto commitment = from_buffer(commitment_buffer); - auto claim_fee = from_buffer(fee); - auto enc_note = claim::complete_partial_commitment(commitment, interaction_nonce, claim_fee); - write(output, enc_note); -} - -WASM_EXPORT void notes__defi_interaction_note_commitment(uint8_t const* note_buffer, uint8_t* output) -{ - auto note = from_buffer(note_buffer); - auto commitment = note.commit(); - write(output, commitment); -} - -/** - * This decrypts the AES encryption of the notes using the private keys of a user. - * The notes owned by a user are stored in two forms: - * (i) a Pedersen commitment to the note which is inserted in the data tree - * (ii) an AES encryption of the note data - * We need the AES encryption of the note to allow users to "view" the notes owned by them. - */ -WASM_EXPORT void notes__batch_decrypt_notes(uint8_t const* encrypted_notes_buffer, - uint8_t* private_key_buffer, - uint32_t numKeys, - uint8_t* output) -{ - constexpr size_t AES_CIPHERTEXT_LENGTH = 80; - std::vector aes_messages(AES_CIPHERTEXT_LENGTH * numKeys); - std::vector ephemeral_public_keys; - ephemeral_public_keys.reserve(numKeys); - grumpkin::fr private_key = from_buffer(private_key_buffer); - - uint8_t const* note_ptr = encrypted_notes_buffer; - uint8_t* aes_ptr = &aes_messages[0]; - std::vector key_on_curve; - key_on_curve.reserve(numKeys); - for (size_t i = 0; i < numKeys; ++i) { - auto pubkey = from_buffer(note_ptr + AES_CIPHERTEXT_LENGTH); - key_on_curve.push_back(pubkey.on_curve()); - ephemeral_public_keys.emplace_back(pubkey); - memcpy(aes_ptr, note_ptr, AES_CIPHERTEXT_LENGTH); - note_ptr += (AES_CIPHERTEXT_LENGTH + 64); - aes_ptr += AES_CIPHERTEXT_LENGTH; - } - - const auto shared_secrets = grumpkin::g1::element::batch_mul_with_endomorphism(ephemeral_public_keys, private_key); - - uint8_t* output_ptr = output; - for (size_t i = 0; i < numKeys; ++i) { - if (key_on_curve[i]) { - std::vector secret_buffer = to_buffer(shared_secrets[i]); - secret_buffer.emplace_back(1); // we append 1 to the shared secret buffer when deriving aes decryption keys - - auto secret_hash = sha256::sha256(secret_buffer); - - uint8_t* aes_key = &secret_hash[0]; - uint8_t aes_iv[16]; - // copy the aes_iv out of secret_hash. We need it for later and `decrypt_buffer_cbc` will mutate the iv - memcpy(&aes_iv[0], &secret_hash[16], 16); - uint8_t* aes_message = &aes_messages[i * AES_CIPHERTEXT_LENGTH]; - - crypto::aes128::decrypt_buffer_cbc(aes_message, &aes_iv[0], aes_key, AES_CIPHERTEXT_LENGTH); - - bool iv_match = true; - for (size_t j = 0; j < 8; ++j) { - iv_match = iv_match && (aes_message[j] == secret_hash[j + 16]); - } - output_ptr[0] = iv_match ? 1 : 0; - memcpy(output_ptr + 1, aes_message + 8, 72); - } else { - memset(output_ptr, 0, 73); - } - output_ptr += 73; - } -} - -WASM_EXPORT void notes__account_note_commitment(uint8_t const* account_alias_hash_buffer, - uint8_t const* owner_key_buf, - uint8_t const* signing_key_buf, - uint8_t* output) -{ - auto account_alias_hash = from_buffer(account_alias_hash_buffer); - auto owner_key = from_buffer(owner_key_buf); - auto signing_key = from_buffer(signing_key_buf); - auto note_commitment = account::generate_account_commitment(account_alias_hash, owner_key.x, signing_key.x); - write(output, note_commitment); -} - -WASM_EXPORT void notes__compute_account_alias_hash_nullifier(uint8_t const* id_buffer, uint8_t* output) -{ - auto account_alias_hash = from_buffer(id_buffer); - auto nullifier = account::compute_account_alias_hash_nullifier(account_alias_hash); - write(output, nullifier); -} - -WASM_EXPORT void notes__compute_account_public_key_nullifier(uint8_t const* public_key_buffer, uint8_t* output) -{ - auto account_public_key = from_buffer(public_key_buffer); - auto nullifier = account::compute_account_public_key_nullifier(account_public_key); - write(output, nullifier); -} -} diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/compute_nullifier.hpp b/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/compute_nullifier.hpp deleted file mode 100644 index 36e9ef65a4..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/compute_nullifier.hpp +++ /dev/null @@ -1,26 +0,0 @@ -#pragma once -#include -#include "../../constants.hpp" - -namespace rollup { -namespace proofs { -namespace notes { -namespace circuit { -namespace defi_interaction { - -using namespace plonk::stdlib::types::turbo; - -/** - * nonce - randomness provided by the user (sdk) to ensure uniqueness. - */ -inline field_ct compute_nullifier(field_ct const& defi_interaction_note_commitment, field_ct const& nonce) -{ - return pedersen::compress(std::vector{ defi_interaction_note_commitment, nonce }, - GeneratorIndex::DEFI_INTERACTION_NULLIFIER); -} - -} // namespace defi_interaction -} // namespace circuit -} // namespace notes -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/index.hpp b/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/index.hpp deleted file mode 100644 index 0eb912ffd5..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/index.hpp +++ /dev/null @@ -1,4 +0,0 @@ -#pragma once -#include "compute_nullifier.hpp" -#include "note.hpp" -#include "witness_data.hpp" \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/note.hpp b/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/note.hpp deleted file mode 100644 index 41727ff70a..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/note.hpp +++ /dev/null @@ -1,80 +0,0 @@ -#pragma once -#include -#include "../../native/defi_interaction/note.hpp" -#include "witness_data.hpp" - -namespace rollup { -namespace proofs { -namespace notes { -namespace circuit { -namespace defi_interaction { - -using namespace plonk::stdlib::types::turbo; - -struct note { - - // compress bridge_call_data to field - suint_ct bridge_call_data; - - // 32 bits - suint_ct interaction_nonce; - - // 252 bits - suint_ct total_input_value; - - // 252 bits - suint_ct total_output_value_a; - - // 252 bits. Force this to be 0 if bridge_call_data only uses 1 output note - suint_ct total_output_value_b; - - // if interaction failed, re-create original deposit note - bool_ct interaction_result; - - // commitment to the defi_interaction_note - field_ct commitment; - - note(witness_data const& note) - : bridge_call_data(note.bridge_call_data_local.to_safe_uint()) - , interaction_nonce(note.interaction_nonce) - , total_input_value(note.total_input_value) - , total_output_value_a(note.total_output_value_a) - , total_output_value_b(note.total_output_value_b) - , interaction_result(note.interaction_result) - , commitment(compute_commitment()) - {} - - operator byte_array_ct() const { return byte_array_ct(commitment); } - - byte_array_ct to_byte_array(Composer& composer, bool_ct is_real = 1) const - { - byte_array_ct arr(&composer); - - arr.write(bridge_call_data * is_real); - arr.write(interaction_nonce * is_real); - arr.write(total_input_value * is_real); - arr.write(total_output_value_a * is_real); - arr.write(total_output_value_b * is_real); - arr.write((field_ct(interaction_result) * is_real)); - - return arr; - } - - private: - field_ct compute_commitment() - { - return pedersen::compress({ bridge_call_data, - total_input_value, - total_output_value_a, - total_output_value_b, - interaction_nonce, - interaction_result }, - GeneratorIndex::DEFI_INTERACTION_NOTE_COMMITMENT); - } -}; - -} // namespace defi_interaction -} // namespace circuit -} // namespace notes -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/witness_data.hpp b/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/witness_data.hpp deleted file mode 100644 index 607a0b4521..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/circuit/defi_interaction/witness_data.hpp +++ /dev/null @@ -1,41 +0,0 @@ -#pragma once -#include -#include "../../native/defi_interaction/note.hpp" -#include "../bridge_call_data.hpp" - -namespace rollup { -namespace proofs { -namespace notes { -namespace circuit { -namespace defi_interaction { - -using namespace plonk::stdlib::types::turbo; - -struct witness_data { - bridge_call_data bridge_call_data_local; - suint_ct interaction_nonce; - suint_ct total_input_value; - suint_ct total_output_value_a; - suint_ct total_output_value_b; - bool_ct interaction_result; - - witness_data(Composer& composer, native::defi_interaction::note const& note_data) - { - bridge_call_data_local = bridge_call_data(&composer, note_data.bridge_call_data); - interaction_nonce = suint_ct( - witness_ct(&composer, note_data.interaction_nonce), DEFI_INTERACTION_NONCE_BIT_LENGTH, "interaction_nonce"); - total_input_value = - suint_ct(witness_ct(&composer, note_data.total_input_value), NOTE_VALUE_BIT_LENGTH, "total_input_value"); - total_output_value_a = suint_ct( - witness_ct(&composer, note_data.total_output_value_a), NOTE_VALUE_BIT_LENGTH, "total_output_value_a"); - total_output_value_b = suint_ct( - witness_ct(&composer, note_data.total_output_value_b), NOTE_VALUE_BIT_LENGTH, "total_output_value_b"); - interaction_result = witness_ct(&composer, note_data.interaction_result); - } -}; - -} // namespace defi_interaction -} // namespace circuit -} // namespace notes -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/index.hpp b/cpp/src/aztec/rollup/proofs/notes/circuit/index.hpp index 1819986ce8..e8886528ca 100644 --- a/cpp/src/aztec/rollup/proofs/notes/circuit/index.hpp +++ b/cpp/src/aztec/rollup/proofs/notes/circuit/index.hpp @@ -2,5 +2,4 @@ #include "bridge_call_data.hpp" #include "account/index.hpp" #include "claim/index.hpp" -#include "defi_interaction/index.hpp" #include "value/index.hpp" \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/compute_nullifier.hpp b/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/compute_nullifier.hpp deleted file mode 100644 index 3cd300a697..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/compute_nullifier.hpp +++ /dev/null @@ -1,27 +0,0 @@ -#pragma once -#include "../../constants.hpp" -#include -#include - -namespace rollup { -namespace proofs { -namespace notes { -namespace native { -namespace defi_interaction { - -using namespace barretenberg; - -/** - * nonce - randomness provided by the user (sdk) to ensure uniqueness - */ -inline auto compute_nullifier(grumpkin::fq const& defi_interaction_note_commitment, grumpkin::fq nonce) -{ - return crypto::pedersen::compress_native(std::vector{ defi_interaction_note_commitment, nonce }, - GeneratorIndex::DEFI_INTERACTION_NULLIFIER); -} - -} // namespace defi_interaction -} // namespace native -} // namespace notes -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/index.hpp b/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/index.hpp deleted file mode 100644 index 2a90776ba4..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/index.hpp +++ /dev/null @@ -1,3 +0,0 @@ -#pragma once -#include "compute_nullifier.hpp" -#include "note.hpp" \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/note.hpp b/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/note.hpp deleted file mode 100644 index 48ec206ef7..0000000000 --- a/cpp/src/aztec/rollup/proofs/notes/native/defi_interaction/note.hpp +++ /dev/null @@ -1,88 +0,0 @@ -#pragma once -#include -#include -#include -#include "../bridge_call_data.hpp" - -namespace rollup { -namespace proofs { -namespace notes { -namespace native { -namespace defi_interaction { - -struct note { - uint256_t bridge_call_data; - uint32_t interaction_nonce; - uint256_t total_input_value; - uint256_t total_output_value_a; - // output_b_value defaults to 0 if there is only one output note for a given defi bridge - uint256_t total_output_value_b; - // did the rollup smart contract call to the defi bridge succeed or fail? - bool interaction_result; - - bool operator==(note const&) const = default; - - auto commit() const - { - return crypto::pedersen::compress_native({ bridge_call_data, - total_input_value, - total_output_value_a, - total_output_value_b, - interaction_nonce, - interaction_result }, - GeneratorIndex::DEFI_INTERACTION_NOTE_COMMITMENT); - } - - // Returns a byte array where all input fields are treated as 32 bytes. - // Used for generating the previous_defi_interaction_hash. - std::vector to_byte_array() const - { - std::vector buf; - - write(buf, bridge_call_data); - write(buf, uint256_t(interaction_nonce)); - write(buf, total_input_value); - write(buf, total_output_value_a); - write(buf, total_output_value_b); - write(buf, uint256_t(interaction_result)); - - return buf; - } -}; - -inline std::ostream& operator<<(std::ostream& os, note const& note) -{ - os << "{ bridge_call_data: " << note.bridge_call_data << ", total_input_value: " << note.total_input_value - << ", total_output_value_a: " << note.total_output_value_a - << ", total_output_value_b: " << note.total_output_value_b << ", interaction_nonce: " << note.interaction_nonce - << ", interaction_result: " << note.interaction_result << " }"; - return os; -} - -template inline void read(B& buf, note& note) -{ - using serialize::read; - read(buf, note.bridge_call_data); - read(buf, note.total_input_value); - read(buf, note.total_output_value_a); - read(buf, note.total_output_value_b); - read(buf, note.interaction_nonce); - read(buf, note.interaction_result); -} - -template inline void write(B& buf, note const& note) -{ - using serialize::write; - write(buf, note.bridge_call_data); - write(buf, note.total_input_value); - write(buf, note.total_output_value_a); - write(buf, note.total_output_value_b); - write(buf, note.interaction_nonce); - write(buf, note.interaction_result); -} - -} // namespace defi_interaction -} // namespace native -} // namespace notes -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/notes/native/index.hpp b/cpp/src/aztec/rollup/proofs/notes/native/index.hpp index eba5566cc5..f477c95540 100644 --- a/cpp/src/aztec/rollup/proofs/notes/native/index.hpp +++ b/cpp/src/aztec/rollup/proofs/notes/native/index.hpp @@ -3,5 +3,4 @@ #include "bridge_call_data.hpp" #include "account/index.hpp" #include "claim/index.hpp" -#include "defi_interaction/index.hpp" #include "value/index.hpp" \ No newline at end of file From 4ce8c7059fed46e7f1ab0932d1d534ac573168b1 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Mon, 6 Feb 2023 15:43:54 +0000 Subject: [PATCH 04/13] removed standard example --- cpp/src/aztec/rollup/proofs/CMakeLists.txt | 6 +- .../proofs/standard_example/CMakeLists.txt | 9 --- .../rollup/proofs/standard_example/c_bind.cpp | 44 ------------- .../rollup/proofs/standard_example/c_bind.h | 17 ----- .../proofs/standard_example/c_bind.test.cpp | 41 ------------ .../standard_example/standard_example.cpp | 66 ------------------- .../standard_example/standard_example.hpp | 23 ------- .../standard_example.test.cpp | 26 -------- 8 files changed, 1 insertion(+), 231 deletions(-) delete mode 100644 cpp/src/aztec/rollup/proofs/standard_example/CMakeLists.txt delete mode 100644 cpp/src/aztec/rollup/proofs/standard_example/c_bind.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/standard_example/c_bind.h delete mode 100644 cpp/src/aztec/rollup/proofs/standard_example/c_bind.test.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/standard_example/standard_example.cpp delete mode 100644 cpp/src/aztec/rollup/proofs/standard_example/standard_example.hpp delete mode 100644 cpp/src/aztec/rollup/proofs/standard_example/standard_example.test.cpp diff --git a/cpp/src/aztec/rollup/proofs/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/CMakeLists.txt index efd647023b..33199f4865 100644 --- a/cpp/src/aztec/rollup/proofs/CMakeLists.txt +++ b/cpp/src/aztec/rollup/proofs/CMakeLists.txt @@ -1,7 +1,3 @@ add_subdirectory(inner_proof_data) add_subdirectory(join_split) -add_subdirectory(notes) - -if(NOT (WASM OR FUZZING)) - add_subdirectory(standard_example) -endif() \ No newline at end of file +add_subdirectory(notes) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/standard_example/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/standard_example/CMakeLists.txt deleted file mode 100644 index 2ca1a1fae7..0000000000 --- a/cpp/src/aztec/rollup/proofs/standard_example/CMakeLists.txt +++ /dev/null @@ -1,9 +0,0 @@ -barretenberg_module( - rollup_proofs_standard_example - crypto_schnorr - stdlib_blake2s - stdlib_sha256 - stdlib_pedersen - stdlib_schnorr - stdlib_primitives - stdlib_merkle_tree) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/standard_example/c_bind.cpp b/cpp/src/aztec/rollup/proofs/standard_example/c_bind.cpp deleted file mode 100644 index d12ba2d167..0000000000 --- a/cpp/src/aztec/rollup/proofs/standard_example/c_bind.cpp +++ /dev/null @@ -1,44 +0,0 @@ -#include "c_bind.h" -#include "standard_example.hpp" -#include -#include -#include -#include - -using namespace barretenberg; -using namespace plonk::stdlib::types::standard; - -#define WASM_EXPORT __attribute__((visibility("default"))) - -extern "C" { - -WASM_EXPORT void standard_example__init_proving_key() -{ - auto crs_factory = std::make_unique(); - rollup::proofs::standard_example::init_proving_key(std::move(crs_factory)); -} - -WASM_EXPORT void standard_example__init_verification_key(void* pippenger_ptr, uint8_t const* g2x) -{ - auto crs_factory = std::make_unique( - reinterpret_cast(pippenger_ptr), g2x); - rollup::proofs::standard_example::init_verification_key(std::move(crs_factory)); -} - -WASM_EXPORT void* standard_example__new_prover() -{ - auto prover = rollup::proofs::standard_example::new_prover(); - return new Prover(std::move(prover)); -} - -WASM_EXPORT void standard_example__delete_prover(void* prover) -{ - delete reinterpret_cast(prover); -} - -WASM_EXPORT bool standard_example__verify_proof(uint8_t* proof, uint32_t length) -{ - waffle::plonk_proof pp = { std::vector(proof, proof + length) }; - return rollup::proofs::standard_example::verify_proof(pp); -} -} diff --git a/cpp/src/aztec/rollup/proofs/standard_example/c_bind.h b/cpp/src/aztec/rollup/proofs/standard_example/c_bind.h deleted file mode 100644 index b6aaacc2b7..0000000000 --- a/cpp/src/aztec/rollup/proofs/standard_example/c_bind.h +++ /dev/null @@ -1,17 +0,0 @@ -#include - -#define WASM_EXPORT __attribute__((visibility("default"))) - -extern "C" { - -WASM_EXPORT void standard_example__init_proving_key(); - -WASM_EXPORT void standard_example__init_verification_key(void* pippenger_ptr, uint8_t const* g2x); - -WASM_EXPORT void* standard_example__new_prover(); - -WASM_EXPORT void standard_example__delete_prover(void* prover); - -WASM_EXPORT bool standard_example__verify_proof(uint8_t* proof, uint32_t length); - -} \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/standard_example/c_bind.test.cpp b/cpp/src/aztec/rollup/proofs/standard_example/c_bind.test.cpp deleted file mode 100644 index 1e8064217c..0000000000 --- a/cpp/src/aztec/rollup/proofs/standard_example/c_bind.test.cpp +++ /dev/null @@ -1,41 +0,0 @@ -#include "c_bind.h" -#include "standard_example.hpp" -#include -#include -#include -#include -#include -#include -#include - -using namespace barretenberg; -using namespace rollup::proofs::standard_example; - -TEST(client_proofs, test_standard_example_c_bindings) -{ - standard_example__init_proving_key(); - - Prover* prover = (Prover*)::standard_example__new_prover(); - - scalar_multiplication::Pippenger pippenger("../srs_db/ignition", 32768); - prover->key->reference_string = std::make_shared(&pippenger); - - auto& proof = prover->construct_proof(); - - // Read g2x. - std::vector g2x(128); - std::ifstream transcript; - int NUM_POINTS_IN_TRANSCRIPT = 5040000; - transcript.open("../srs_db/ignition/transcript00.dat", std::ifstream::binary); - transcript.seekg(28 + NUM_POINTS_IN_TRANSCRIPT * 64); - transcript.read((char*)g2x.data(), 128); - transcript.close(); - - standard_example__init_verification_key(&pippenger, g2x.data()); - - bool verified = standard_example__verify_proof(proof.proof_data.data(), (uint32_t)proof.proof_data.size()); - - standard_example__delete_prover(prover); - - EXPECT_TRUE(verified); -} \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/standard_example/standard_example.cpp b/cpp/src/aztec/rollup/proofs/standard_example/standard_example.cpp deleted file mode 100644 index 17ddae39af..0000000000 --- a/cpp/src/aztec/rollup/proofs/standard_example/standard_example.cpp +++ /dev/null @@ -1,66 +0,0 @@ -#include "standard_example.hpp" -#include -#include -#include - -namespace rollup { -namespace proofs { -namespace standard_example { - -using namespace plonk; - -static std::shared_ptr proving_key; -static std::shared_ptr verification_key; - -void build_circuit(Composer& composer) -{ - uint32_ct a(witness_ct(&composer, 123)); - uint32_ct b(public_witness_ct(&composer, 456)); - bool_ct r = (a + b) == 579; - r.assert_equal(true); -} - -void init_proving_key(std::unique_ptr&& crs_factory) -{ - Composer composer(std::move(crs_factory)); - build_circuit(composer); - proving_key = composer.compute_proving_key(); -} - -void init_verification_key(std::unique_ptr&& crs_factory) -{ - if (!proving_key) { - std::abort(); - } - // Patch the 'nothing' reference string fed to init_proving_key. - proving_key->reference_string = crs_factory->get_prover_crs(proving_key->n); - verification_key = - waffle::standard_composer::compute_verification_key(proving_key, crs_factory->get_verifier_crs()); -} - -Prover new_prover() -{ - Composer composer(proving_key, nullptr); - build_circuit(composer); - - info("composer gates: ", composer.get_num_gates()); - - Prover prover = composer.create_prover(); - - return prover; -} - -bool verify_proof(waffle::plonk_proof const& proof) -{ - Verifier verifier(verification_key, Composer::create_manifest(1)); - - std::unique_ptr> kate_commitment_scheme = - std::make_unique>(); - verifier.commitment_scheme = std::move(kate_commitment_scheme); - - return verifier.verify_proof(proof); -} - -} // namespace standard_example -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/standard_example/standard_example.hpp b/cpp/src/aztec/rollup/proofs/standard_example/standard_example.hpp deleted file mode 100644 index 612598eaf1..0000000000 --- a/cpp/src/aztec/rollup/proofs/standard_example/standard_example.hpp +++ /dev/null @@ -1,23 +0,0 @@ -#pragma once -#include -#include - -namespace rollup { -namespace proofs { -namespace standard_example { - -using namespace plonk::stdlib::types::standard; - -void init_proving_key(std::unique_ptr&& crs_factory); - -void init_verification_key(std::unique_ptr&& crs_factory); - -void build_circuit(plonk::stdlib::types::standard::Composer& composer); - -plonk::stdlib::types::standard::Prover new_prover(); - -bool verify_proof(waffle::plonk_proof const& proof); - -} // namespace standard_example -} // namespace proofs -} // namespace rollup \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/standard_example/standard_example.test.cpp b/cpp/src/aztec/rollup/proofs/standard_example/standard_example.test.cpp deleted file mode 100644 index 719330a932..0000000000 --- a/cpp/src/aztec/rollup/proofs/standard_example/standard_example.test.cpp +++ /dev/null @@ -1,26 +0,0 @@ -#include "../../fixtures/user_context.hpp" -#include "standard_example.hpp" -#include -#include - -using namespace barretenberg; -using namespace plonk::stdlib::types::standard; -using namespace rollup::proofs::standard_example; - -TEST(standard_example_tests, test_standard_example) -{ - Composer composer = Composer("../srs_db/ignition"); - build_circuit(composer); - - Prover prover = composer.create_prover(); - waffle::plonk_proof proof = prover.construct_proof(); - - std::cout << "gates: " << composer.get_num_gates() << std::endl; - std::cout << "proof size: " << proof.proof_data.size() << std::endl; - std::cout << "public inputs size: " << composer.public_inputs.size() << std::endl; - - auto verifier = composer.create_verifier(); - bool result = verifier.verify_proof(proof); - - EXPECT_TRUE(result); -} \ No newline at end of file From 34b9dafd28b1f2b27555375793712050f621862f Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Mon, 6 Feb 2023 15:52:53 +0000 Subject: [PATCH 05/13] rename rollup directory to join_split_example --- .circleci/config.yml | 2 +- cpp/scripts/bb-tests | 5 ++--- cpp/src/aztec/CMakeLists.txt | 2 +- cpp/src/aztec/{rollup => join_split_example}/CMakeLists.txt | 0 cpp/src/aztec/{rollup => join_split_example}/constants.hpp | 0 .../fixtures/user_context.hpp | 0 .../{rollup => join_split_example}/proofs/CMakeLists.txt | 0 .../proofs/compute_circuit_data.hpp | 0 .../proofs/inner_proof_data/CMakeLists.txt | 4 ++++ .../proofs/inner_proof_data/inner_proof_data.cpp | 0 .../proofs/inner_proof_data/inner_proof_data.hpp | 0 .../proofs/inner_proof_data/inner_proof_data.test.cpp | 0 .../proofs/join_split/CMakeLists.txt | 6 +++--- .../proofs/join_split/c_bind.cpp | 0 .../proofs/join_split/c_bind.h | 0 .../proofs/join_split/compute_circuit_data.cpp | 0 .../proofs/join_split/compute_circuit_data.hpp | 0 .../proofs/join_split/compute_signing_data.cpp | 0 .../proofs/join_split/compute_signing_data.hpp | 0 .../proofs/join_split/create_proof.hpp | 0 .../proofs/join_split/index.hpp | 0 .../proofs/join_split/join_split.cpp | 0 .../proofs/join_split/join_split.hpp | 0 .../proofs/join_split/join_split.test.cpp | 0 .../proofs/join_split/join_split_circuit.cpp | 0 .../proofs/join_split/join_split_circuit.hpp | 0 .../proofs/join_split/join_split_js_parity.test.cpp | 0 .../proofs/join_split/join_split_tx.cpp | 0 .../proofs/join_split/join_split_tx.hpp | 0 .../proofs/join_split/join_split_tx.test.cpp | 0 .../proofs/join_split/sign_join_split_tx.cpp | 0 .../proofs/join_split/sign_join_split_tx.hpp | 0 .../proofs/join_split/verify_signature.hpp | 0 .../proofs/mock/mock_circuit.hpp | 0 .../proofs/notes/CMakeLists.txt | 2 +- .../proofs/notes/circuit/account/account_note.hpp | 0 .../proofs/notes/circuit/account/commit.hpp | 0 .../proofs/notes/circuit/account/index.hpp | 0 .../proofs/notes/circuit/asset_id.cpp | 0 .../proofs/notes/circuit/asset_id.hpp | 0 .../proofs/notes/circuit/bridge_call_data.hpp | 0 .../proofs/notes/circuit/claim/claim_note.hpp | 0 .../notes/circuit/claim/complete_partial_commitment.hpp | 0 .../proofs/notes/circuit/claim/compute_nullifier.hpp | 0 .../notes/circuit/claim/create_partial_commitment.hpp | 0 .../proofs/notes/circuit/claim/index.hpp | 0 .../proofs/notes/circuit/claim/witness_data.hpp | 0 .../proofs/notes/circuit/index.hpp | 0 .../proofs/notes/circuit/value/commit.hpp | 0 .../notes/circuit/value/complete_partial_commitment.hpp | 0 .../proofs/notes/circuit/value/compute_nullifier.cpp | 0 .../proofs/notes/circuit/value/compute_nullifier.hpp | 0 .../proofs/notes/circuit/value/compute_nullifier.test.cpp | 0 .../notes/circuit/value/create_partial_commitment.hpp | 0 .../proofs/notes/circuit/value/index.hpp | 0 .../proofs/notes/circuit/value/value_note.hpp | 0 .../proofs/notes/circuit/value/value_note.test.cpp | 0 .../proofs/notes/circuit/value/witness_data.hpp | 0 .../proofs/notes/constants.hpp | 0 .../proofs/notes/native/account/account_note.cpp | 0 .../proofs/notes/native/account/account_note.hpp | 0 .../native/account/compute_account_alias_hash_nullifier.hpp | 0 .../native/account/compute_account_public_key_nullifier.hpp | 0 .../proofs/notes/native/account/index.hpp | 0 .../proofs/notes/native/asset_id.cpp | 0 .../proofs/notes/native/asset_id.hpp | 0 .../proofs/notes/native/bridge_call_data.hpp | 0 .../proofs/notes/native/claim/claim_note.hpp | 0 .../proofs/notes/native/claim/claim_note_tx_data.hpp | 0 .../notes/native/claim/complete_partial_commitment.hpp | 0 .../proofs/notes/native/claim/compute_nullifier.hpp | 0 .../proofs/notes/native/claim/create_partial_commitment.hpp | 0 .../proofs/notes/native/claim/index.hpp | 0 .../proofs/notes/native/index.hpp | 0 .../notes/native/value/complete_partial_commitment.hpp | 0 .../proofs/notes/native/value/compute_nullifier.cpp | 0 .../proofs/notes/native/value/compute_nullifier.hpp | 0 .../proofs/notes/native/value/create_partial_commitment.hpp | 0 .../proofs/notes/native/value/index.hpp | 0 .../proofs/notes/native/value/value_note.hpp | 0 .../aztec/{rollup => join_split_example}/proofs/verify.hpp | 0 cpp/src/aztec/rollup/proofs/inner_proof_data/CMakeLists.txt | 4 ---- 82 files changed, 12 insertions(+), 13 deletions(-) rename cpp/src/aztec/{rollup => join_split_example}/CMakeLists.txt (100%) rename cpp/src/aztec/{rollup => join_split_example}/constants.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/fixtures/user_context.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/CMakeLists.txt (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/compute_circuit_data.hpp (100%) create mode 100644 cpp/src/aztec/join_split_example/proofs/inner_proof_data/CMakeLists.txt rename cpp/src/aztec/{rollup => join_split_example}/proofs/inner_proof_data/inner_proof_data.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/inner_proof_data/inner_proof_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/inner_proof_data/inner_proof_data.test.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/CMakeLists.txt (55%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/c_bind.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/c_bind.h (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/compute_circuit_data.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/compute_circuit_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/compute_signing_data.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/compute_signing_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/create_proof.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split.test.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split_circuit.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split_circuit.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split_js_parity.test.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split_tx.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split_tx.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/join_split_tx.test.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/sign_join_split_tx.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/sign_join_split_tx.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/join_split/verify_signature.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/mock/mock_circuit.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/CMakeLists.txt (81%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/account/account_note.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/account/commit.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/account/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/asset_id.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/asset_id.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/bridge_call_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/claim/claim_note.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/claim/complete_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/claim/compute_nullifier.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/claim/create_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/claim/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/claim/witness_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/commit.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/complete_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/compute_nullifier.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/compute_nullifier.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/compute_nullifier.test.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/create_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/value_note.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/value_note.test.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/circuit/value/witness_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/constants.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/account/account_note.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/account/account_note.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/account/compute_account_public_key_nullifier.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/account/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/asset_id.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/asset_id.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/bridge_call_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/claim/claim_note.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/claim/claim_note_tx_data.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/claim/complete_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/claim/compute_nullifier.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/claim/create_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/claim/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/value/complete_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/value/compute_nullifier.cpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/value/compute_nullifier.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/value/create_partial_commitment.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/value/index.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/notes/native/value/value_note.hpp (100%) rename cpp/src/aztec/{rollup => join_split_example}/proofs/verify.hpp (100%) delete mode 100644 cpp/src/aztec/rollup/proofs/inner_proof_data/CMakeLists.txt diff --git a/.circleci/config.yml b/.circleci/config.yml index d281c525d3..c963a7416d 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -181,7 +181,7 @@ jobs: - *setup_env - run: name: "Test" - command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert rollup_proofs_join_split_tests + command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert joins_split_example_join_split_tests - *save_logs benchmark-aggregator: diff --git a/cpp/scripts/bb-tests b/cpp/scripts/bb-tests index 7095c3d149..c5e6e7fe11 100644 --- a/cpp/scripts/bb-tests +++ b/cpp/scripts/bb-tests @@ -8,9 +8,8 @@ ecc_tests numeric_tests plonk_tests polynomials_tests -rollup_proofs_inner_proof_data_tests -rollup_proofs_join_split_tests -rollup_proofs_standard_example_tests +join_split_example_inner_proof_data_tests +join_split_example_join_split_tests srs_tests stdlib_aes128_tests stdlib_blake2s_tests diff --git a/cpp/src/aztec/CMakeLists.txt b/cpp/src/aztec/CMakeLists.txt index a1c4b6e3ac..8377142bd6 100644 --- a/cpp/src/aztec/CMakeLists.txt +++ b/cpp/src/aztec/CMakeLists.txt @@ -34,7 +34,7 @@ add_subdirectory(crypto) add_subdirectory(polynomials) add_subdirectory(plonk) add_subdirectory(stdlib) -add_subdirectory(rollup) +add_subdirectory(join_split_example) if(BENCHMARKS) add_subdirectory(benchmark) diff --git a/cpp/src/aztec/rollup/CMakeLists.txt b/cpp/src/aztec/join_split_example/CMakeLists.txt similarity index 100% rename from cpp/src/aztec/rollup/CMakeLists.txt rename to cpp/src/aztec/join_split_example/CMakeLists.txt diff --git a/cpp/src/aztec/rollup/constants.hpp b/cpp/src/aztec/join_split_example/constants.hpp similarity index 100% rename from cpp/src/aztec/rollup/constants.hpp rename to cpp/src/aztec/join_split_example/constants.hpp diff --git a/cpp/src/aztec/rollup/fixtures/user_context.hpp b/cpp/src/aztec/join_split_example/fixtures/user_context.hpp similarity index 100% rename from cpp/src/aztec/rollup/fixtures/user_context.hpp rename to cpp/src/aztec/join_split_example/fixtures/user_context.hpp diff --git a/cpp/src/aztec/rollup/proofs/CMakeLists.txt b/cpp/src/aztec/join_split_example/proofs/CMakeLists.txt similarity index 100% rename from cpp/src/aztec/rollup/proofs/CMakeLists.txt rename to cpp/src/aztec/join_split_example/proofs/CMakeLists.txt diff --git a/cpp/src/aztec/rollup/proofs/compute_circuit_data.hpp b/cpp/src/aztec/join_split_example/proofs/compute_circuit_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/compute_circuit_data.hpp rename to cpp/src/aztec/join_split_example/proofs/compute_circuit_data.hpp diff --git a/cpp/src/aztec/join_split_example/proofs/inner_proof_data/CMakeLists.txt b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/CMakeLists.txt new file mode 100644 index 0000000000..cf08dccf71 --- /dev/null +++ b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/CMakeLists.txt @@ -0,0 +1,4 @@ +barretenberg_module( + join_split_example_proofs_inner_proof_data + numeric + ecc) \ No newline at end of file diff --git a/cpp/src/aztec/rollup/proofs/inner_proof_data/inner_proof_data.cpp b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/inner_proof_data/inner_proof_data.cpp rename to cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.cpp diff --git a/cpp/src/aztec/rollup/proofs/inner_proof_data/inner_proof_data.hpp b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/inner_proof_data/inner_proof_data.hpp rename to cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/inner_proof_data/inner_proof_data.test.cpp b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.test.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/inner_proof_data/inner_proof_data.test.cpp rename to cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.test.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/CMakeLists.txt b/cpp/src/aztec/join_split_example/proofs/join_split/CMakeLists.txt similarity index 55% rename from cpp/src/aztec/rollup/proofs/join_split/CMakeLists.txt rename to cpp/src/aztec/join_split_example/proofs/join_split/CMakeLists.txt index 32e65d4e54..560148e432 100644 --- a/cpp/src/aztec/rollup/proofs/join_split/CMakeLists.txt +++ b/cpp/src/aztec/join_split_example/proofs/join_split/CMakeLists.txt @@ -1,7 +1,7 @@ barretenberg_module( - rollup_proofs_join_split - rollup_proofs_inner_proof_data - rollup_proofs_notes + join_split_example_proofs_join_split + join_split_example_proofs_inner_proof_data + join_split_example_proofs_notes crypto_schnorr stdlib_blake2s stdlib_sha256 diff --git a/cpp/src/aztec/rollup/proofs/join_split/c_bind.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/c_bind.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/c_bind.h b/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.h similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/c_bind.h rename to cpp/src/aztec/join_split_example/proofs/join_split/c_bind.h diff --git a/cpp/src/aztec/rollup/proofs/join_split/compute_circuit_data.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/compute_circuit_data.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/compute_circuit_data.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/compute_circuit_data.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/compute_signing_data.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/compute_signing_data.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/compute_signing_data.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/compute_signing_data.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/create_proof.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/create_proof.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/create_proof.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/create_proof.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/index.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/index.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split.test.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split.test.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_circuit.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split_circuit.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_circuit.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split_circuit.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_js_parity.test.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_js_parity.test.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split_js_parity.test.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split_js_parity.test.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_tx.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split_tx.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_tx.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split_tx.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/join_split_tx.test.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.test.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/join_split_tx.test.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.test.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/sign_join_split_tx.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/sign_join_split_tx.cpp rename to cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.cpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/sign_join_split_tx.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/sign_join_split_tx.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.hpp diff --git a/cpp/src/aztec/rollup/proofs/join_split/verify_signature.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/verify_signature.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/join_split/verify_signature.hpp rename to cpp/src/aztec/join_split_example/proofs/join_split/verify_signature.hpp diff --git a/cpp/src/aztec/rollup/proofs/mock/mock_circuit.hpp b/cpp/src/aztec/join_split_example/proofs/mock/mock_circuit.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/mock/mock_circuit.hpp rename to cpp/src/aztec/join_split_example/proofs/mock/mock_circuit.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/CMakeLists.txt b/cpp/src/aztec/join_split_example/proofs/notes/CMakeLists.txt similarity index 81% rename from cpp/src/aztec/rollup/proofs/notes/CMakeLists.txt rename to cpp/src/aztec/join_split_example/proofs/notes/CMakeLists.txt index f1673a9865..58b7fd37fd 100644 --- a/cpp/src/aztec/rollup/proofs/notes/CMakeLists.txt +++ b/cpp/src/aztec/join_split_example/proofs/notes/CMakeLists.txt @@ -1,5 +1,5 @@ barretenberg_module( - rollup_proofs_notes + join_split_example_proofs_notes crypto_schnorr stdlib_blake2s stdlib_sha256 diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/account/account_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/account/account_note.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/account/account_note.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/account/account_note.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/account/commit.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/account/commit.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/account/commit.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/account/commit.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/account/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/account/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/account/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/account/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/asset_id.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/asset_id.cpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.cpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/asset_id.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/asset_id.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/bridge_call_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/bridge_call_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/bridge_call_data.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/bridge_call_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/claim/claim_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/claim_note.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/claim/claim_note.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/claim_note.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/claim/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/claim/complete_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/claim/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/claim/compute_nullifier.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/claim/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/claim/create_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/claim/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/claim/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/claim/witness_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/witness_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/claim/witness_data.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/witness_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/commit.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/commit.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/commit.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/commit.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/complete_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/compute_nullifier.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/compute_nullifier.cpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/compute_nullifier.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/compute_nullifier.test.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/compute_nullifier.test.cpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/create_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/value_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/value_note.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/value_note.test.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.test.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/value_note.test.cpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.test.cpp diff --git a/cpp/src/aztec/rollup/proofs/notes/circuit/value/witness_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/witness_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/circuit/value/witness_data.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/circuit/value/witness_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/constants.hpp b/cpp/src/aztec/join_split_example/proofs/notes/constants.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/constants.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/constants.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/account/account_note.cpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/account/account_note.cpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.cpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/account/account_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/account/account_note.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/account/compute_account_public_key_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_public_key_nullifier.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/account/compute_account_public_key_nullifier.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_public_key_nullifier.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/account/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/account/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/account/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/asset_id.cpp b/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/asset_id.cpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.cpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/asset_id.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/asset_id.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/bridge_call_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/bridge_call_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/bridge_call_data.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/bridge_call_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/claim/claim_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/claim/claim_note.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/claim/claim_note_tx_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note_tx_data.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/claim/claim_note_tx_data.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note_tx_data.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/claim/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/complete_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/claim/complete_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/claim/complete_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/claim/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/compute_nullifier.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/claim/compute_nullifier.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/claim/compute_nullifier.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/claim/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/create_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/claim/create_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/claim/create_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/claim/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/claim/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/claim/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/value/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/complete_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/value/complete_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/value/complete_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/value/compute_nullifier.cpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.cpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/value/compute_nullifier.cpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.cpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/value/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/value/compute_nullifier.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/value/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/create_partial_commitment.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/value/create_partial_commitment.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/value/create_partial_commitment.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/value/index.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/index.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/value/index.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/value/index.hpp diff --git a/cpp/src/aztec/rollup/proofs/notes/native/value/value_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/value_note.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/notes/native/value/value_note.hpp rename to cpp/src/aztec/join_split_example/proofs/notes/native/value/value_note.hpp diff --git a/cpp/src/aztec/rollup/proofs/verify.hpp b/cpp/src/aztec/join_split_example/proofs/verify.hpp similarity index 100% rename from cpp/src/aztec/rollup/proofs/verify.hpp rename to cpp/src/aztec/join_split_example/proofs/verify.hpp diff --git a/cpp/src/aztec/rollup/proofs/inner_proof_data/CMakeLists.txt b/cpp/src/aztec/rollup/proofs/inner_proof_data/CMakeLists.txt deleted file mode 100644 index 8b9cd98692..0000000000 --- a/cpp/src/aztec/rollup/proofs/inner_proof_data/CMakeLists.txt +++ /dev/null @@ -1,4 +0,0 @@ -barretenberg_module( - rollup_proofs_inner_proof_data - numeric - ecc) \ No newline at end of file From d53b1d830ae2123ecc494a4b6fafd495b2bab515 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Mon, 6 Feb 2023 20:28:06 +0000 Subject: [PATCH 06/13] filter out longer join split tests (leave only one full proof test in) for CI. fix bb-tests --- .circleci/config.yml | 2 +- cpp/scripts/bb-tests | 4 ++-- .../join_split_example/proofs/join_split/join_split.test.cpp | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index c963a7416d..7b974a93c6 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -181,7 +181,7 @@ jobs: - *setup_env - run: name: "Test" - command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert joins_split_example_join_split_tests + command: cond_spot_run_tests barretenberg-x86_64-linux-clang-assert join_split_example_proofs_join_split_tests --gtest_filter=-*full_proof* - *save_logs benchmark-aggregator: diff --git a/cpp/scripts/bb-tests b/cpp/scripts/bb-tests index c5e6e7fe11..49a7f72e0b 100644 --- a/cpp/scripts/bb-tests +++ b/cpp/scripts/bb-tests @@ -8,8 +8,8 @@ ecc_tests numeric_tests plonk_tests polynomials_tests -join_split_example_inner_proof_data_tests -join_split_example_join_split_tests +join_split_example_proofs_inner_proof_data_tests +join_split_example_proofs_join_split_tests srs_tests stdlib_aes128_tests stdlib_blake2s_tests diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp index b921c6bfdc..09986d690b 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp @@ -2277,7 +2277,8 @@ TEST_F(join_split_tests, test_incorrect_output_note_creator_pubkey_x) // Full proofs // ************************************************************************************************************* -TEST_F(join_split_tests, test_deposit_full_proof) +// Named differently from *_full_proof tests to let us run just this one full proof test in CI with a gtest filter +TEST_F(join_split_tests, test_deposit_construct_proof) { join_split_tx tx = zero_input_setup(); tx.proof_id = ProofIds::DEPOSIT; From c73216f0eea66b3cea471ade103238b3ba0b6cf1 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Mon, 6 Feb 2023 20:35:54 +0000 Subject: [PATCH 07/13] fix dockerfile now that rollup executables were removed --- cpp/dockerfiles/Dockerfile.x86_64-linux-clang | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/dockerfiles/Dockerfile.x86_64-linux-clang b/cpp/dockerfiles/Dockerfile.x86_64-linux-clang index 4fe770a97f..a72e51eeba 100644 --- a/cpp/dockerfiles/Dockerfile.x86_64-linux-clang +++ b/cpp/dockerfiles/Dockerfile.x86_64-linux-clang @@ -18,7 +18,7 @@ RUN git clone -b release/10.x --depth 1 https://github.com/llvm/llvm-project.git WORKDIR /usr/src/barretenberg/cpp COPY . . # Only build binaries that are needed upstream. -RUN mkdir build && cd build && cmake -DOpenMP_omp_LIBRARY=/usr/local/lib/libomp.a .. && cmake --build . --parallel --target db_cli --target rollup_cli --target tx_factory --target keygen +RUN mkdir build && cd build && cmake -DOpenMP_omp_LIBRARY=/usr/local/lib/libomp.a .. && cmake --build . --parallel FROM alpine:3.13 RUN apk update && apk add llvm10-libs From 0fba8b80e8e0f192e8c762762c204ace532239c9 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Mon, 6 Feb 2023 20:43:34 +0000 Subject: [PATCH 08/13] rename rollup namespace to join_split_example --- .../aztec/join_split_example/constants.hpp | 4 +- .../fixtures/user_context.hpp | 4 +- .../proofs/compute_circuit_data.hpp | 4 +- .../inner_proof_data/inner_proof_data.cpp | 4 +- .../inner_proof_data/inner_proof_data.hpp | 4 +- .../inner_proof_data.test.cpp | 2 +- .../proofs/join_split/c_bind.cpp | 2 +- .../join_split/compute_circuit_data.cpp | 8 ++-- .../join_split/compute_circuit_data.hpp | 4 +- .../join_split/compute_signing_data.cpp | 4 +- .../join_split/compute_signing_data.hpp | 4 +- .../proofs/join_split/create_proof.hpp | 4 +- .../proofs/join_split/join_split.cpp | 8 ++-- .../proofs/join_split/join_split.hpp | 4 +- .../proofs/join_split/join_split.test.cpp | 44 ++++++++++--------- .../proofs/join_split/join_split_circuit.cpp | 4 +- .../proofs/join_split/join_split_circuit.hpp | 4 +- .../join_split/join_split_js_parity.test.cpp | 10 ++--- .../proofs/join_split/join_split_tx.cpp | 4 +- .../proofs/join_split/join_split_tx.hpp | 4 +- .../proofs/join_split/join_split_tx.test.cpp | 2 +- .../proofs/join_split/sign_join_split_tx.cpp | 4 +- .../proofs/join_split/sign_join_split_tx.hpp | 4 +- .../proofs/join_split/verify_signature.hpp | 4 +- .../proofs/mock/mock_circuit.hpp | 4 +- .../notes/circuit/account/account_note.hpp | 4 +- .../proofs/notes/circuit/account/commit.hpp | 4 +- .../proofs/notes/circuit/asset_id.cpp | 4 +- .../proofs/notes/circuit/asset_id.hpp | 4 +- .../proofs/notes/circuit/bridge_call_data.hpp | 4 +- .../proofs/notes/circuit/claim/claim_note.hpp | 4 +- .../claim/complete_partial_commitment.hpp | 4 +- .../notes/circuit/claim/compute_nullifier.hpp | 4 +- .../claim/create_partial_commitment.hpp | 4 +- .../notes/circuit/claim/witness_data.hpp | 4 +- .../proofs/notes/circuit/value/commit.hpp | 4 +- .../value/complete_partial_commitment.hpp | 4 +- .../notes/circuit/value/compute_nullifier.cpp | 4 +- .../notes/circuit/value/compute_nullifier.hpp | 4 +- .../circuit/value/compute_nullifier.test.cpp | 4 +- .../value/create_partial_commitment.hpp | 4 +- .../proofs/notes/circuit/value/value_note.hpp | 4 +- .../notes/circuit/value/value_note.test.cpp | 10 ++--- .../notes/circuit/value/witness_data.hpp | 4 +- .../proofs/notes/constants.hpp | 4 +- .../notes/native/account/account_note.cpp | 4 +- .../notes/native/account/account_note.hpp | 4 +- .../compute_account_alias_hash_nullifier.hpp | 4 +- .../compute_account_public_key_nullifier.hpp | 4 +- .../proofs/notes/native/asset_id.cpp | 4 +- .../proofs/notes/native/asset_id.hpp | 4 +- .../proofs/notes/native/bridge_call_data.hpp | 4 +- .../proofs/notes/native/claim/claim_note.hpp | 4 +- .../notes/native/claim/claim_note_tx_data.hpp | 4 +- .../claim/complete_partial_commitment.hpp | 4 +- .../notes/native/claim/compute_nullifier.hpp | 4 +- .../claim/create_partial_commitment.hpp | 4 +- .../value/complete_partial_commitment.hpp | 4 +- .../notes/native/value/compute_nullifier.cpp | 4 +- .../notes/native/value/compute_nullifier.hpp | 4 +- .../value/create_partial_commitment.hpp | 4 +- .../proofs/notes/native/value/value_note.hpp | 4 +- .../join_split_example/proofs/verify.hpp | 6 +-- 63 files changed, 155 insertions(+), 153 deletions(-) diff --git a/cpp/src/aztec/join_split_example/constants.hpp b/cpp/src/aztec/join_split_example/constants.hpp index 1311e47b16..d598123806 100644 --- a/cpp/src/aztec/join_split_example/constants.hpp +++ b/cpp/src/aztec/join_split_example/constants.hpp @@ -4,7 +4,7 @@ #include #include -namespace rollup { +namespace join_split_example { constexpr size_t DATA_TREE_DEPTH = 32; constexpr size_t NULL_TREE_DEPTH = 256; @@ -73,4 +73,4 @@ namespace ProofIds { enum { PADDING = 0, DEPOSIT = 1, WITHDRAW = 2, SEND = 3, ACCOUNT = 4, DEFI_DEPOSIT = 5, DEFI_CLAIM = 6 }; }; -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/fixtures/user_context.hpp b/cpp/src/aztec/join_split_example/fixtures/user_context.hpp index 2eb53cf717..7bfc98e006 100644 --- a/cpp/src/aztec/join_split_example/fixtures/user_context.hpp +++ b/cpp/src/aztec/join_split_example/fixtures/user_context.hpp @@ -3,7 +3,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace fixtures { typedef crypto::schnorr::key_pair grumpkin_key_pair; @@ -39,4 +39,4 @@ inline user_context create_user_context(numeric::random::Engine* engine = nullpt } } // namespace fixtures -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/compute_circuit_data.hpp b/cpp/src/aztec/join_split_example/proofs/compute_circuit_data.hpp index ed9c2edbc1..5b7bb345b8 100644 --- a/cpp/src/aztec/join_split_example/proofs/compute_circuit_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/compute_circuit_data.hpp @@ -13,7 +13,7 @@ ? "StandardPlonk" \ : typeid(composer) == typeid(waffle::TurboComposer) ? "TurboPlonk" : "NULLPlonk") -namespace rollup { +namespace join_split_example { namespace proofs { struct circuit_data { @@ -264,4 +264,4 @@ circuit_data get_circuit_data(std::string const& name, } } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.cpp b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.cpp index d1f7775d0e..648847373e 100644 --- a/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.cpp +++ b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.cpp @@ -1,6 +1,6 @@ #include "inner_proof_data.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { inner_proof_data::inner_proof_data(std::vector const& proof_data) @@ -24,4 +24,4 @@ inner_proof_data::inner_proof_data(std::vector const& proof_data) } } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.hpp b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.hpp index 9079f7ff53..326de62ee1 100644 --- a/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.hpp @@ -5,7 +5,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { using namespace barretenberg; @@ -101,4 +101,4 @@ inline std::ostream& operator<<(std::ostream& os, inner_proof_data const& data) } } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.test.cpp b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.test.cpp index fb1c440c5d..e9d90145ad 100644 --- a/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.test.cpp +++ b/cpp/src/aztec/join_split_example/proofs/inner_proof_data/inner_proof_data.test.cpp @@ -2,7 +2,7 @@ #include using namespace barretenberg; -using namespace rollup::proofs; +using namespace join_split_example::proofs; namespace { auto& rand_engine = numeric::random::get_debug_engine(); diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp index 802b72248d..12b2dd4f3c 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/c_bind.cpp @@ -13,7 +13,7 @@ using namespace barretenberg; using namespace plonk::stdlib::types::turbo; -using namespace rollup::proofs::join_split; +using namespace join_split_example::proofs::join_split; #define WASM_EXPORT __attribute__((visibility("default"))) diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.cpp index 8475dbd000..4c7251d36f 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.cpp @@ -4,13 +4,13 @@ #include "../notes/native/index.hpp" #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { -using namespace rollup::proofs::join_split; +using namespace join_split_example::proofs::join_split; using namespace plonk::stdlib::types::turbo; -using namespace rollup::proofs::notes::native; +using namespace join_split_example::proofs::notes::native; using namespace plonk::stdlib::merkle_tree; join_split_tx noop_tx() @@ -73,4 +73,4 @@ circuit_data get_circuit_data(std::shared_ptr co } // namespace join_split } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.hpp index 3d1cba710c..a86760b4c2 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/compute_circuit_data.hpp @@ -2,7 +2,7 @@ #include "join_split_tx.hpp" #include "../compute_circuit_data.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -14,4 +14,4 @@ circuit_data get_circuit_data(std::shared_ptr co } // namespace join_split } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.cpp index 9d1c963f1f..c33e5ffc0b 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.cpp @@ -2,7 +2,7 @@ #include "../notes/native/index.hpp" #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -39,4 +39,4 @@ barretenberg::fr compute_signing_data(join_split_tx const& tx) } // namespace join_split } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.hpp index 98cbb35e6c..51cb6df0ae 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/compute_signing_data.hpp @@ -1,7 +1,7 @@ #pragma once #include "join_split_tx.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -9,4 +9,4 @@ barretenberg::fr compute_signing_data(join_split_tx const& tx); } // namespace join_split } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/create_proof.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/create_proof.hpp index 18092fd9e5..9260386b53 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/create_proof.hpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/create_proof.hpp @@ -4,7 +4,7 @@ #include "sign_join_split_tx.hpp" #include "../../fixtures/user_context.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -28,4 +28,4 @@ inline std::vector create_proof(join_split_tx const& tx, } // namespace join_split } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp index c3cb387950..9c0b853e40 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.cpp @@ -4,7 +4,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -31,7 +31,7 @@ void init_proving_key(std::shared_ptr const& crs Composer composer; join_split_circuit(composer, tx); Composer mock_proof_composer(crs_factory); - rollup::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); + join_split_example::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); proving_key = mock_proof_composer.compute_proving_key(); } } @@ -80,7 +80,7 @@ UnrolledProver new_join_split_prover(join_split_tx const& tx, bool mock) return composer.create_unrolled_prover(); } else { Composer mock_proof_composer(proving_key, nullptr); - rollup::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); + join_split_example::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); info("mock composer gates: ", mock_proof_composer.get_num_gates()); return mock_proof_composer.create_unrolled_prover(); } @@ -110,4 +110,4 @@ std::shared_ptr get_verification_key() } // namespace join_split } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp index ac75b13245..8c448500f6 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.hpp @@ -3,7 +3,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -31,4 +31,4 @@ std::shared_ptr get_verification_key(); } // namespace join_split } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp index 09986d690b..deb7f2f4f6 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split.test.cpp @@ -7,15 +7,15 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { using namespace barretenberg; using namespace plonk::stdlib::types::turbo; using namespace plonk::stdlib::merkle_tree; -using namespace rollup::proofs::notes::native; -using key_pair = rollup::fixtures::grumpkin_key_pair; +using namespace join_split_example::proofs::notes::native; +using key_pair = join_split_example::fixtures::grumpkin_key_pair; auto create_account_leaf_data(fr const& account_alias_hash, grumpkin::g1::affine_element const& owner_key, @@ -40,8 +40,8 @@ class join_split_tests : public ::testing::Test { { store = std::make_unique(); tree = std::make_unique>(*store, 32); - input_user = rollup::fixtures::create_user_context(); - output_user = rollup::fixtures::create_user_context(); + input_user = join_split_example::fixtures::create_user_context(); + output_user = join_split_example::fixtures::create_user_context(); default_value_note = { .value = 100, .asset_id = asset_id, @@ -60,7 +60,7 @@ class join_split_tests : public ::testing::Test { value_notes[0].creator_pubkey = input_user.owner.public_key.x; value_notes[1].value = 50; - value_notes[1].creator_pubkey = rollup::fixtures::create_key_pair(nullptr).public_key.x; + value_notes[1].creator_pubkey = join_split_example::fixtures::create_key_pair(nullptr).public_key.x; value_notes[2].value = 90; value_notes[2].account_required = true, @@ -146,7 +146,7 @@ class join_split_tests : public ::testing::Test { */ join_split_tx create_join_split_tx(std::array const& input_indices, std::array const& input_notes, - rollup::fixtures::user_context& output_user, + join_split_example::fixtures::user_context& output_user, uint32_t account_note_index = 0, bool account_required = false) { @@ -184,7 +184,8 @@ class join_split_tests : public ::testing::Test { tx.asset_id = tx_asset_id; tx.account_private_key = input_user.owner.private_key; tx.partial_claim_note.input_nullifier = 0; - tx.alias_hash = !account_required ? rollup::fixtures::generate_alias_hash("penguin") : input_user.alias_hash; + tx.alias_hash = + !account_required ? join_split_example::fixtures::generate_alias_hash("penguin") : input_user.alias_hash; tx.account_required = account_required; // default to no chaining: tx.backward_link = 0; @@ -199,7 +200,7 @@ class join_split_tests : public ::testing::Test { join_split_tx simple_setup(std::array const& input_indices = { 0, 1 }, uint32_t account_note_index = 0, bool account_required = false, - rollup::fixtures::user_context* tx_output_user = nullptr) + join_split_example::fixtures::user_context* tx_output_user = nullptr) { // The tree, user and notes are initialised in SetUp(). preload_value_notes(); @@ -260,7 +261,7 @@ class join_split_tests : public ::testing::Test { tx.output_note = { output_note1, output_note2 }; tx.partial_claim_note.input_nullifier = 0; tx.account_private_key = input_user.owner.private_key; - tx.alias_hash = rollup::fixtures::generate_alias_hash("penguin"); + tx.alias_hash = join_split_example::fixtures::generate_alias_hash("penguin"); tx.account_required = false; tx.account_note_index = 0; tx.account_note_path = tree->get_hash_path(0); @@ -306,8 +307,8 @@ class join_split_tests : public ::testing::Test { return verify_logic(tx); } - rollup::fixtures::user_context input_user; - rollup::fixtures::user_context output_user; + join_split_example::fixtures::user_context input_user; + join_split_example::fixtures::user_context output_user; std::unique_ptr store; std::unique_ptr> tree; bridge_call_data empty_bridge_call_data = { .bridge_address_id = 0, @@ -715,8 +716,9 @@ TEST_F(join_split_tests, test_0_input_notes_and_detect_circuit_change) auto number_of_gates_js = result.number_of_gates; auto vk_hash_js = get_verification_key()->sha256_hash(); // If the below assertions fail, consider changing the variable is_circuit_change_expected to 1 in - // rollup/constants.hpp and see if atleast the next power of two limit is not exceeded. Please change the constant - // values accordingly and set is_circuit_change_expected to 0 in rollup/constants.hpp before merging. + // join_split_example//constants.hpp and see if atleast the next power of two limit is not exceeded. Please change + // the constant values accordingly and set is_circuit_change_expected to 0 in join_split_example/constants.hpp + // before merging. if (!(circuit_gate_count::is_circuit_change_expected)) { EXPECT_EQ(number_of_gates_js, circuit_gate_count::JOIN_SPLIT) << "The gate count for the join_split circuit is changed."; @@ -1011,7 +1013,7 @@ TEST_F(join_split_tests, test_non_zero_tx_fee_zero_public_values) TEST_F(join_split_tests, test_max_tx_fee) { join_split_tx tx = zero_input_setup(); - auto tx_fee = (uint256_t(1) << rollup::TX_FEE_BIT_LENGTH) - 1; + auto tx_fee = (uint256_t(1) << join_split_example::TX_FEE_BIT_LENGTH) - 1; tx.proof_id = ProofIds::DEPOSIT; tx.public_value += tx_fee; tx.public_owner = fr::random_element(); @@ -1024,7 +1026,7 @@ TEST_F(join_split_tests, test_max_tx_fee) TEST_F(join_split_tests, test_overflow_tx_fee_fails) { join_split_tx tx = simple_setup(); - auto tx_fee = uint256_t(1) << rollup::TX_FEE_BIT_LENGTH; + auto tx_fee = uint256_t(1) << join_split_example::TX_FEE_BIT_LENGTH; tx.proof_id = ProofIds::DEPOSIT; tx.public_value += tx_fee; tx.public_owner = fr::random_element(); @@ -1234,7 +1236,7 @@ TEST_F(join_split_tests, test_spend_registered_notes_with_owner_key_fails) TEST_F(join_split_tests, test_wrong_alias_hash_fails) { join_split_tx tx = simple_setup({ 2, 3 }, ACCOUNT_INDEX, 1); - tx.alias_hash = rollup::fixtures::generate_alias_hash("chicken"); + tx.alias_hash = join_split_example::fixtures::generate_alias_hash("chicken"); auto result = sign_and_verify_logic(tx, input_user.owner); EXPECT_FALSE(result.valid); @@ -1244,7 +1246,7 @@ TEST_F(join_split_tests, test_wrong_alias_hash_fails) TEST_F(join_split_tests, test_nonregistered_signing_key_fails) { join_split_tx tx = simple_setup({ 2, 3 }, ACCOUNT_INDEX, 1); - auto keys = rollup::fixtures::create_key_pair(nullptr); + auto keys = join_split_example::fixtures::create_key_pair(nullptr); tx.signing_pub_key = keys.public_key; auto result = sign_and_verify_logic(tx, input_user.owner); @@ -2256,7 +2258,7 @@ TEST_F(join_split_tests, test_incorrect_output_note_creator_pubkey_x) { join_split_tx tx = simple_setup(); tx.output_note[0].creator_pubkey = - rollup::fixtures::create_key_pair(nullptr) + join_split_example::fixtures::create_key_pair(nullptr) .public_key.x; // setting creator to be different from sender (the owner of the input notes). auto result = sign_and_verify_logic(tx, input_user.owner); EXPECT_FALSE(result.valid); @@ -2265,7 +2267,7 @@ TEST_F(join_split_tests, test_incorrect_output_note_creator_pubkey_x) { join_split_tx tx = simple_setup(); tx.output_note[1].creator_pubkey = - rollup::fixtures::create_key_pair(nullptr) + join_split_example::fixtures::create_key_pair(nullptr) .public_key.x; // setting creator to be different from sender (the owner of the input notes). auto result = sign_and_verify_logic(tx, input_user.owner); EXPECT_FALSE(result.valid); @@ -2586,4 +2588,4 @@ TEST_F(join_split_tests, serialzed_proving_key_size) } // namespace join_split } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.cpp index ab3a0a756a..aaf4833835 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.cpp @@ -10,7 +10,7 @@ // #pragma GCC diagnostic ignored "-Wunused-variable" // #pragma GCC diagnostic ignored "-Wunused-parameter" -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -345,4 +345,4 @@ void join_split_circuit(Composer& composer, join_split_tx const& tx) } // namespace join_split } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.hpp index 7f8781e2c0..1b8256c067 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.hpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_circuit.hpp @@ -5,7 +5,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -55,4 +55,4 @@ void join_split_circuit(Composer& composer, join_split_tx const& tx); } // namespace join_split } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_js_parity.test.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_js_parity.test.cpp index 73d3db42d3..8a3dfb1981 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_js_parity.test.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_js_parity.test.cpp @@ -8,15 +8,15 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { using namespace barretenberg; using namespace plonk::stdlib::types::turbo; using namespace plonk::stdlib::merkle_tree; -using namespace rollup::proofs::notes::native; -using key_pair = rollup::fixtures::grumpkin_key_pair; +using namespace join_split_example::proofs::notes::native; +using key_pair = join_split_example::fixtures::grumpkin_key_pair; /** * This test mirrors the test in join_split_prover.test.ts @@ -120,7 +120,7 @@ TEST_F(join_split_js_parity_tests, test_full_proof) tx.partial_claim_note.note_secret = 0; tx.partial_claim_note.input_nullifier = 0; tx.account_private_key = private_key; - tx.alias_hash = rollup::fixtures::generate_alias_hash("penguin"); + tx.alias_hash = join_split_example::fixtures::generate_alias_hash("penguin"); tx.account_required = false; tx.account_note_index = 0; tx.account_note_path = tree->get_hash_path(0); @@ -164,4 +164,4 @@ TEST_F(join_split_js_parity_tests, test_full_proof) } // namespace join_split } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.cpp index b44c5e402f..2967293a85 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.cpp @@ -1,7 +1,7 @@ #include "join_split_tx.hpp" #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -93,4 +93,4 @@ std::ostream& operator<<(std::ostream& os, join_split_tx const& tx) } // namespace join_split } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.hpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.hpp index 5ce60783fb..1cbc7e263a 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.hpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.hpp @@ -5,7 +5,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -47,4 +47,4 @@ std::ostream& operator<<(std::ostream& os, join_split_tx const& tx); } // namespace join_split } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.test.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.test.cpp index 075c731273..a1b17f7290 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.test.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/join_split_tx.test.cpp @@ -12,7 +12,7 @@ #include using namespace barretenberg; -using namespace rollup::proofs::join_split; +using namespace join_split_example::proofs::join_split; namespace { auto& engine = numeric::random::get_debug_engine(); diff --git a/cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.cpp b/cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.cpp index 21643f9011..a4c44c3269 100644 --- a/cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.cpp +++ b/cpp/src/aztec/join_split_example/proofs/join_split/sign_join_split_tx.cpp @@ -2,7 +2,7 @@ #include "compute_signing_data.hpp" #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -21,4 +21,4 @@ signature sign_join_split_tx(join_split_tx const& tx, key_pair #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace join_split { @@ -29,4 +29,4 @@ inline bool_ct verify_signature(field_ct const& public_value, } // namespace join_split } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/mock/mock_circuit.hpp b/cpp/src/aztec/join_split_example/proofs/mock/mock_circuit.hpp index 23fe075ae9..626533573a 100644 --- a/cpp/src/aztec/join_split_example/proofs/mock/mock_circuit.hpp +++ b/cpp/src/aztec/join_split_example/proofs/mock/mock_circuit.hpp @@ -3,7 +3,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace mock { @@ -20,4 +20,4 @@ template void mock_circuit(Composer& composer, std::vector #include "commit.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -32,4 +32,4 @@ struct account_note { } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/account/commit.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/account/commit.hpp index 7a865226b0..9f4c8b44e5 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/account/commit.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/account/commit.hpp @@ -2,7 +2,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -27,4 +27,4 @@ inline auto commit(field_ct const& account_alias_hash, } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.cpp index 0393ea4306..0bcfd3fec3 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.cpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.cpp @@ -1,7 +1,7 @@ #include #include "../constants.hpp" -namespace rollup::proofs::notes::circuit { +namespace join_split_example::proofs::notes::circuit { using namespace plonk::stdlib::types::turbo; @@ -28,4 +28,4 @@ bool_ct get_asset_id_flag(suint_ct const& asset_id) return is_virtual; } -} // namespace rollup::proofs::notes::circuit \ No newline at end of file +} // namespace join_split_example::proofs::notes::circuit \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.hpp index c977f10bc3..4ee717ee90 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/asset_id.hpp @@ -1,7 +1,7 @@ #pragma once #include -namespace rollup::proofs::notes::circuit { +namespace join_split_example::proofs::notes::circuit { using namespace plonk::stdlib::types::turbo; @@ -9,4 +9,4 @@ std::pair deflag_asset_id(suint_ct const& asset_id); bool_ct get_asset_id_flag(suint_ct const& asset_id); -} // namespace rollup::proofs::notes::circuit \ No newline at end of file +} // namespace join_split_example::proofs::notes::circuit \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/bridge_call_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/bridge_call_data.hpp index e47dd919dd..7ac1df6642 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/bridge_call_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/bridge_call_data.hpp @@ -4,7 +4,7 @@ #include "./asset_id.hpp" #include "../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -219,4 +219,4 @@ inline std::ostream& operator<<(std::ostream& os, bridge_call_data const& bridge } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/claim_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/claim_note.hpp index 5f94d14952..88f5e625ae 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/claim_note.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/claim_note.hpp @@ -6,7 +6,7 @@ #include "create_partial_commitment.hpp" #include "complete_partial_commitment.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -65,4 +65,4 @@ struct claim_note { } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp index 53796108d6..c291667e4f 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/complete_partial_commitment.hpp @@ -2,7 +2,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -22,4 +22,4 @@ inline auto complete_partial_commitment(field_ct const& partial_commitment, } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp index b193e5f5f2..524ee3dec4 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/compute_nullifier.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -28,4 +28,4 @@ inline field_ct compute_nullifier(field_ct const& note_commitment) } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp index d713f22f96..0977c2aadb 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/create_partial_commitment.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -24,4 +24,4 @@ inline auto create_partial_commitment(field_ct const& deposit_value, } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/witness_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/witness_data.hpp index be86892916..85cb618ea9 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/witness_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/claim/witness_data.hpp @@ -5,7 +5,7 @@ #include "../../constants.hpp" #include "../bridge_call_data.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -69,4 +69,4 @@ inline std::ostream& operator<<(std::ostream& os, partial_claim_note_witness_dat } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/commit.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/commit.hpp index 638c5d07e6..80be9279f8 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/commit.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/commit.hpp @@ -3,7 +3,7 @@ #include "create_partial_commitment.hpp" #include "complete_partial_commitment.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -21,4 +21,4 @@ inline auto commit(const witness_data& plaintext) } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp index c7969a29c3..3d5d661c95 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/complete_partial_commitment.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -24,4 +24,4 @@ inline auto complete_partial_commitment(field_ct const& value_note_partial_commi } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp index f51938342a..bda67b50a4 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.cpp @@ -2,7 +2,7 @@ #include "../../constants.hpp" #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -49,4 +49,4 @@ field_ct compute_nullifier(field_ct const& note_commitment, } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp index e9221dcc47..b81a7cb818 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.hpp @@ -1,7 +1,7 @@ #pragma once #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -16,4 +16,4 @@ field_ct compute_nullifier(field_ct const& note_commitment, } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp index 4737c67fd4..bc4d5e76d9 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/compute_nullifier.test.cpp @@ -6,12 +6,12 @@ #include "../../native/value/value_note.hpp" #include -using namespace rollup::proofs::notes; +using namespace join_split_example::proofs::notes; using namespace plonk::stdlib::types::turbo; TEST(compute_nullifier_circuit, native_consistency) { - auto user = rollup::fixtures::create_user_context(); + auto user = join_split_example::fixtures::create_user_context(); auto priv_key = uint256_t(user.owner.private_key); auto native_input_note = diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp index 67679e76f8..786fc3720a 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/create_partial_commitment.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -24,4 +24,4 @@ inline auto create_partial_commitment(field_ct const& secret, } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.hpp index fde6b5d3cf..78c0fac96e 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.hpp @@ -3,7 +3,7 @@ #include "witness_data.hpp" #include "commit.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -39,4 +39,4 @@ struct value_note { } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.test.cpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.test.cpp index b46720eccd..a5d92c3f3b 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.test.cpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/value_note.test.cpp @@ -6,12 +6,12 @@ using namespace barretenberg; using namespace plonk::stdlib::types::turbo; -using namespace rollup::proofs::notes; -using namespace rollup::proofs::notes::circuit::value; +using namespace join_split_example::proofs::notes; +using namespace join_split_example::proofs::notes::circuit::value; TEST(value_note, commits) { - auto user = rollup::fixtures::create_user_context(); + auto user = join_split_example::fixtures::create_user_context(); Composer composer = Composer(); fr note_value = fr::random_element(); @@ -44,7 +44,7 @@ TEST(value_note, commits) TEST(value_note, commits_with_0_value) { - auto user = rollup::fixtures::create_user_context(); + auto user = join_split_example::fixtures::create_user_context(); Composer composer = Composer(); uint32_t asset_id_value = 0x2abbccddULL; // needs to be less than 30 bits @@ -78,7 +78,7 @@ TEST(value_note, commits_with_0_value) TEST(value_note, commit_with_oversized_asset_id_fails) { - auto user = rollup::fixtures::create_user_context(); + auto user = join_split_example::fixtures::create_user_context(); Composer composer = Composer(); native::value::value_note note = { diff --git a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/witness_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/witness_data.hpp index c10357a939..28a7742ac4 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/witness_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/circuit/value/witness_data.hpp @@ -3,7 +3,7 @@ #include "../../native/value/value_note.hpp" #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace circuit { @@ -37,4 +37,4 @@ struct witness_data { } // namespace circuit } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/constants.hpp b/cpp/src/aztec/join_split_example/proofs/notes/constants.hpp index fe20214e72..acc81e71c0 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/constants.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/constants.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { @@ -42,4 +42,4 @@ constexpr uint32_t DEFI_BRIDGE_AUX_DATA = 64; } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.cpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.cpp index d9da560092..8794066d47 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.cpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.cpp @@ -2,7 +2,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -25,4 +25,4 @@ grumpkin::fq account_note::commit() const } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.hpp index 3864bfc3e3..58edab1344 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/account/account_note.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -25,4 +25,4 @@ struct account_note { } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp index 15a7b7d425..02570ca49b 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_alias_hash_nullifier.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -21,4 +21,4 @@ inline fr compute_account_alias_hash_nullifier(fr const& alias_hash) } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_public_key_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_public_key_nullifier.hpp index 03e93b90ff..de16c589ad 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_public_key_nullifier.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/account/compute_account_public_key_nullifier.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -21,4 +21,4 @@ inline fr compute_account_public_key_nullifier(grumpkin::g1::affine_element cons } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup +} // namespace join_split_example diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.cpp b/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.cpp index 0520bd2461..9749ad14cf 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.cpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.cpp @@ -1,6 +1,6 @@ #include "../constants.hpp" -namespace rollup::proofs::notes::native { +namespace join_split_example::proofs::notes::native { std::pair deflag_asset_id(uint32_t const& asset_id) { @@ -18,4 +18,4 @@ bool get_asset_id_flag(uint32_t const& asset_id) return is_virtual; } -} // namespace rollup::proofs::notes::native \ No newline at end of file +} // namespace join_split_example::proofs::notes::native \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.hpp index 1a1b04be9c..82d19549a0 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/asset_id.hpp @@ -2,10 +2,10 @@ #include #include -namespace rollup::proofs::notes::native { +namespace join_split_example::proofs::notes::native { std::pair deflag_asset_id(uint32_t const& asset_id); bool get_asset_id_flag(uint32_t const& asset_id); -} // namespace rollup::proofs::notes::native \ No newline at end of file +} // namespace join_split_example::proofs::notes::native \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/bridge_call_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/bridge_call_data.hpp index 6eafe87f7e..e13bb50d06 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/bridge_call_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/bridge_call_data.hpp @@ -5,7 +5,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -182,4 +182,4 @@ inline std::ostream& operator<<(std::ostream& os, bridge_call_data const& bridge } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note.hpp index eaa6584c98..283918b463 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note.hpp @@ -6,7 +6,7 @@ #include "complete_partial_commitment.hpp" #include "../bridge_call_data.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -72,4 +72,4 @@ inline std::ostream& operator<<(std::ostream& os, claim_note const& note) } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note_tx_data.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note_tx_data.hpp index 97d207e540..d6868eba99 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note_tx_data.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/claim_note_tx_data.hpp @@ -4,7 +4,7 @@ #include #include "../bridge_call_data.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -47,4 +47,4 @@ inline void write(std::vector& buf, partial_claim_note_data const& note } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/complete_partial_commitment.hpp index 425bb0542c..3473e3e843 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/complete_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/complete_partial_commitment.hpp @@ -4,7 +4,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -22,4 +22,4 @@ inline auto complete_partial_commitment(grumpkin::fq const& claim_note_partial_c } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/compute_nullifier.hpp index c218f85a16..d5fa5d1a75 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/compute_nullifier.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/compute_nullifier.hpp @@ -4,7 +4,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -21,4 +21,4 @@ inline auto compute_nullifier(grumpkin::fq const& note_commitment) } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/create_partial_commitment.hpp index 12c15474d8..70035f637d 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/claim/create_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/claim/create_partial_commitment.hpp @@ -3,7 +3,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -23,4 +23,4 @@ inline auto create_partial_commitment(uint256_t const& deposit_value, } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/value/complete_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/complete_partial_commitment.hpp index 41d028f35f..e30654cff1 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/value/complete_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/value/complete_partial_commitment.hpp @@ -2,7 +2,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -21,4 +21,4 @@ inline auto complete_partial_commitment(grumpkin::fq const& partial_commitment, } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.cpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.cpp index e70c464cb7..c9b0e163a0 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.cpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.cpp @@ -3,7 +3,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -35,4 +35,4 @@ fr compute_nullifier(grumpkin::fq const& note_commitment, } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.hpp index 21b97730d7..19c03c9f84 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/value/compute_nullifier.hpp @@ -1,7 +1,7 @@ #pragma once #include -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -13,4 +13,4 @@ barretenberg::fr compute_nullifier(grumpkin::fq const& note_commitment, } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/value/create_partial_commitment.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/create_partial_commitment.hpp index 84e04a1a5e..5cb0e238a7 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/value/create_partial_commitment.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/value/create_partial_commitment.hpp @@ -4,7 +4,7 @@ #include #include "../../constants.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -23,4 +23,4 @@ inline auto create_partial_commitment(barretenberg::fr const& secret, } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/notes/native/value/value_note.hpp b/cpp/src/aztec/join_split_example/proofs/notes/native/value/value_note.hpp index 0bd0b38ddc..a92799dc54 100644 --- a/cpp/src/aztec/join_split_example/proofs/notes/native/value/value_note.hpp +++ b/cpp/src/aztec/join_split_example/proofs/notes/native/value/value_note.hpp @@ -5,7 +5,7 @@ #include "create_partial_commitment.hpp" #include "complete_partial_commitment.hpp" -namespace rollup { +namespace join_split_example { namespace proofs { namespace notes { namespace native { @@ -67,4 +67,4 @@ inline void write(std::vector& buf, value_note const& note) } // namespace native } // namespace notes } // namespace proofs -} // namespace rollup \ No newline at end of file +} // namespace join_split_example \ No newline at end of file diff --git a/cpp/src/aztec/join_split_example/proofs/verify.hpp b/cpp/src/aztec/join_split_example/proofs/verify.hpp index ab2a4fa6d0..7e0be5b457 100644 --- a/cpp/src/aztec/join_split_example/proofs/verify.hpp +++ b/cpp/src/aztec/join_split_example/proofs/verify.hpp @@ -4,7 +4,7 @@ #include #include -namespace rollup { +namespace join_split_example { namespace proofs { template struct verify_result { @@ -95,7 +95,7 @@ auto verify_internal( } } else { Composer mock_proof_composer = Composer(cd.proving_key, cd.verification_key, cd.num_gates); - ::rollup::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); + ::join_split_example::proofs::mock::mock_circuit(mock_proof_composer, composer.get_public_inputs()); if (unrolled) { auto prover = mock_proof_composer.create_unrolled_prover(); auto proof = prover.construct_proof(); @@ -128,4 +128,4 @@ auto verify_internal( } } // namespace proofs -} // namespace rollup +} // namespace join_split_example From e1473e246558b1b672c9fe9d6a4d76da02854ed2 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Mon, 6 Feb 2023 21:20:53 +0000 Subject: [PATCH 09/13] add rollup notes tests back into bb-tests --- cpp/scripts/bb-tests | 1 + 1 file changed, 1 insertion(+) diff --git a/cpp/scripts/bb-tests b/cpp/scripts/bb-tests index 49a7f72e0b..4eb6c1cea5 100644 --- a/cpp/scripts/bb-tests +++ b/cpp/scripts/bb-tests @@ -10,6 +10,7 @@ plonk_tests polynomials_tests join_split_example_proofs_inner_proof_data_tests join_split_example_proofs_join_split_tests +join_split_example_proofs_notes_tests srs_tests stdlib_aes128_tests stdlib_blake2s_tests From 1e507992cf3476db7dc7076f360cacdce9ed8121 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Mon, 6 Feb 2023 21:34:19 +0000 Subject: [PATCH 10/13] remove duplicated js test from bb-tests --- cpp/scripts/bb-tests | 1 - 1 file changed, 1 deletion(-) diff --git a/cpp/scripts/bb-tests b/cpp/scripts/bb-tests index 4eb6c1cea5..7a81d739c7 100644 --- a/cpp/scripts/bb-tests +++ b/cpp/scripts/bb-tests @@ -9,7 +9,6 @@ numeric_tests plonk_tests polynomials_tests join_split_example_proofs_inner_proof_data_tests -join_split_example_proofs_join_split_tests join_split_example_proofs_notes_tests srs_tests stdlib_aes128_tests From 68f4d52e9067f24ecb20a013261db4c2b7538dfc Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Tue, 7 Feb 2023 14:26:31 +0000 Subject: [PATCH 11/13] Removing non-join-split constants as per recommendation here https://github.com/AztecProtocol/barretenberg/pull/124\#discussion_r1098698470 --- .../aztec/join_split_example/constants.hpp | 25 +------------------ 1 file changed, 1 insertion(+), 24 deletions(-) diff --git a/cpp/src/aztec/join_split_example/constants.hpp b/cpp/src/aztec/join_split_example/constants.hpp index d598123806..5c262d073b 100644 --- a/cpp/src/aztec/join_split_example/constants.hpp +++ b/cpp/src/aztec/join_split_example/constants.hpp @@ -7,9 +7,6 @@ namespace join_split_example { constexpr size_t DATA_TREE_DEPTH = 32; -constexpr size_t NULL_TREE_DEPTH = 256; -constexpr size_t ROOT_TREE_DEPTH = 28; -constexpr size_t DEFI_TREE_DEPTH = 30; constexpr size_t MAX_NO_WRAP_INTEGER_BIT_LENGTH = grumpkin::MAX_NO_WRAP_INTEGER_BIT_LENGTH; constexpr size_t MAX_TXS_BIT_LENGTH = 10; @@ -22,9 +19,6 @@ constexpr size_t MAX_NUM_ASSETS_BIT_LENGTH = 30; constexpr size_t MAX_NUM_ASSETS = 1 << MAX_NUM_ASSETS_BIT_LENGTH; constexpr size_t ALIAS_HASH_BIT_LENGTH = 224; -constexpr uint32_t NUM_BRIDGE_CALLS_PER_BLOCK = 32; -constexpr uint32_t NUM_INTERACTION_RESULTS_PER_BLOCK = 32; - namespace circuit_gate_count { /* @@ -36,41 +30,24 @@ is_circuit_change_expected to zero and change the modified circuit gate counts a constexpr bool is_circuit_change_expected = 0; /* The below constants are only used for regression testing; to identify accidental changes to circuit constraints. They need to be changed when there is a circuit change. */ -constexpr uint32_t ACCOUNT = 23967; constexpr uint32_t JOIN_SPLIT = 64047; -constexpr uint32_t CLAIM = 22684; -constexpr uint32_t ROLLUP = 1173221; -constexpr uint32_t ROOT_ROLLUP = 5481327; -constexpr uint32_t ROOT_VERIFIER = 7435892; }; // namespace circuit_gate_count namespace circuit_gate_next_power_of_two { /* The below constants are used in tests to detect undesirable circuit changes. They should not be changed unless we want to exceed the next power of two limit. */ -constexpr uint32_t ACCOUNT = 32768; constexpr uint32_t JOIN_SPLIT = 65536; -constexpr uint32_t CLAIM = 32768; -constexpr uint32_t ROLLUP = 2097152; -constexpr uint32_t ROOT_ROLLUP = 8388608; -constexpr uint32_t ROOT_VERIFIER = 8388608; }; // namespace circuit_gate_next_power_of_two namespace circuit_vk_hash { /* These below constants are only used for regression testing; to identify accidental changes to circuit constraints. They need to be changed when there is a circuit change. Note that they are written in the reverse order to comply with the from_buffer<>() method. */ -constexpr auto ACCOUNT = uint256_t(0xcd6d70c733eaf823, 0x6505d3402817ad3d, 0xbf9e2b6a262589cf, 0xafcc546b55cc45e3); constexpr auto JOIN_SPLIT = uint256_t(0xb23c7772f47bc823, 0x5493625d4f08603c, 0x21ac50a5929576f9, 0xb7b3113c131460e5); -constexpr auto CLAIM = uint256_t(0x878301ebba40ab60, 0x931466762c62d661, 0x40aad71ec3496905, 0x9f47aaa109759d0a); -constexpr auto ROLLUP = uint256_t(0x8712bcbeb11180c5, 0x598412e4f700c484, 0xfe50ad453c8e4288, 0xa7340fac5feb663f); -constexpr auto ROOT_ROLLUP = uint256_t(0xcf2fee21f089b32f, 0x90c6187354cf70d4, 0x3a5a90b8c86d8c64, 0xd55af088ddc86db7); -; -constexpr auto ROOT_VERIFIER = - uint256_t(0xe91df73df393fb5f, 0x99a9fa13abfbb206, 0x2ffe8c891cbde8c2, 0xdcb051e8ca06df5e); }; // namespace circuit_vk_hash namespace ProofIds { -enum { PADDING = 0, DEPOSIT = 1, WITHDRAW = 2, SEND = 3, ACCOUNT = 4, DEFI_DEPOSIT = 5, DEFI_CLAIM = 6 }; +enum { PADDING = 0, DEPOSIT = 1, WITHDRAW = 2, SEND = 3, DEFI_DEPOSIT = 5 }; }; } // namespace join_split_example \ No newline at end of file From 837a81076f802fec5e598491dbb7378cde18be0c Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Tue, 7 Feb 2023 14:35:28 +0000 Subject: [PATCH 12/13] add back defi claim constant --- cpp/src/aztec/join_split_example/constants.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/src/aztec/join_split_example/constants.hpp b/cpp/src/aztec/join_split_example/constants.hpp index 5c262d073b..6795809651 100644 --- a/cpp/src/aztec/join_split_example/constants.hpp +++ b/cpp/src/aztec/join_split_example/constants.hpp @@ -47,7 +47,7 @@ constexpr auto JOIN_SPLIT = uint256_t(0xb23c7772f47bc823, 0x5493625d4f08603c, 0x }; // namespace circuit_vk_hash namespace ProofIds { -enum { PADDING = 0, DEPOSIT = 1, WITHDRAW = 2, SEND = 3, DEFI_DEPOSIT = 5 }; +enum { PADDING = 0, DEPOSIT = 1, WITHDRAW = 2, SEND = 3, DEFI_DEPOSIT = 4, DEFI_CLAIM = 5 }; }; } // namespace join_split_example \ No newline at end of file From 1eec0a46f5db21bb2f451ed3e76fde57aea624b3 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Tue, 7 Feb 2023 16:10:25 +0000 Subject: [PATCH 13/13] join split constants revert, don't want vk change --- cpp/src/aztec/join_split_example/constants.hpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/src/aztec/join_split_example/constants.hpp b/cpp/src/aztec/join_split_example/constants.hpp index 6795809651..a93dd11715 100644 --- a/cpp/src/aztec/join_split_example/constants.hpp +++ b/cpp/src/aztec/join_split_example/constants.hpp @@ -47,7 +47,7 @@ constexpr auto JOIN_SPLIT = uint256_t(0xb23c7772f47bc823, 0x5493625d4f08603c, 0x }; // namespace circuit_vk_hash namespace ProofIds { -enum { PADDING = 0, DEPOSIT = 1, WITHDRAW = 2, SEND = 3, DEFI_DEPOSIT = 4, DEFI_CLAIM = 5 }; +enum { PADDING = 0, DEPOSIT = 1, WITHDRAW = 2, SEND = 3, ACCOUNT = 4, DEFI_DEPOSIT = 5, DEFI_CLAIM = 6 }; }; } // namespace join_split_example \ No newline at end of file