privacy-ethereum · CPerezz · Aug 24, 2022 · May 18, 2022 · May 21, 2022 · May 24, 2022
diff --git a/Makefile b/Makefile
@@ -26,7 +26,7 @@ test_doc: ## Test the docs
 test_benches: ## Compiles the benchmarks
 	@cargo test --verbose --release --all-features -p circuit-benchmarks --no-run
 
-test-all: fmt doc clippy test_doc test_benches test ## Run all the CI checks locally (in your actual toolchain) 
+test-all: fmt doc clippy test_doc test_benches test ## Run all the CI checks locally (in your actual toolchain)
 
 evm_bench: ## Run Evm Circuit benchmarks
 	@cargo test --profile bench bench_evm_circuit_prover -p circuit-benchmarks --features benches  -- --nocapture
@@ -37,6 +37,15 @@ state_bench: ## Run State Circuit benchmarks
 keccak_round_bench: ## Run State Circuit benchmarks
 	@cargo test --profile bench bench_keccak_round -p circuit-benchmarks --features benches  -- --nocapture
 
+bit_keccak_bench: ## Run Bit Keccak Circuit benchmarks
+	@cargo test --profile bench bench_bit_keccak_circuit_prover -p circuit-benchmarks --features benches  -- --nocapture
+
+packed_keccak_bench: ## Run Packed Keccak Circuit benchmarks
+	@cargo test --profile bench bench_packed_keccak_circuit_prover -p circuit-benchmarks --features benches  -- --nocapture
+
+packed_multi_keccak_bench: ## Run Packed Multi Keccak Circuit benchmarks
+	@cargo test --profile bench bench_packed_multi_keccak_circuit_prover -p circuit-benchmarks --features benches  -- --nocapture
+
 circuit_benches: evm_bench state_bench ## Run All Circuit benchmarks
 
 

diff --git a/circuit-benchmarks/src/bit_keccak.rs b/circuit-benchmarks/src/bit_keccak.rs
@@ -0,0 +1,82 @@
+//! State circuit benchmarks
+
+#[cfg(test)]
+mod tests {
+    use ark_std::{end_timer, start_timer};
+    use halo2_proofs::plonk::{create_proof, keygen_pk, keygen_vk, verify_proof, SingleVerifier};
+    use halo2_proofs::{
+        pairing::bn256::{Bn256, G1Affine},
+        poly::commitment::{Params, ParamsVerifier},
+        transcript::{Blake2bRead, Blake2bWrite, Challenge255},
+    };
+    use rand::SeedableRng;
+    use rand_xorshift::XorShiftRng;
+    use std::env::var;
+    use zkevm_circuits::keccak_circuit::keccak_bit::KeccakBitCircuit;
+
+    #[cfg_attr(not(feature = "benches"), ignore)]
+    #[test]
+    fn bench_bit_keccak_circuit_prover() {
+        let degree: u32 = var("DEGREE")
+            .expect("No DEGREE env var was provided")
+            .parse()
+            .expect("Cannot parse DEGREE env var as u32");
+
+        // Create the circuit
+        let mut circuit = KeccakBitCircuit::new(2usize.pow(degree));
+
+        // Use the complete circuit
+        let inputs = vec![(0u8..135).collect::<Vec<_>>(); circuit.capacity()];
+        circuit.generate_witness(&inputs);
+
+        // Initialize the polynomial commitment parameters
+        let rng = XorShiftRng::from_seed([
+            0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
+            0xbc, 0xe5,
+        ]);
+
+        // Bench setup generation
+        let setup_message = format!("Setup generation with degree = {}", degree);
+        let start1 = start_timer!(|| setup_message);
+        let general_params: Params<G1Affine> = Params::<G1Affine>::unsafe_setup::<Bn256>(degree);
+        let verifier_params: ParamsVerifier<Bn256> =
+            general_params.verifier(degree as usize * 2).unwrap();
+        end_timer!(start1);
+
+        // Initialize the proving key
+        let vk = keygen_vk(&general_params, &circuit).expect("keygen_vk should not fail");
+        let pk = keygen_pk(&general_params, vk, &circuit).expect("keygen_pk should not fail");
+        // Create a proof
+        let mut transcript = Blake2bWrite::<_, _, Challenge255<_>>::init(vec![]);
+
+        // Bench proof generation time
+        let proof_message = format!("Bit Keccak Proof generation with {} rows", degree);
+        let start2 = start_timer!(|| proof_message);
+        create_proof(
+            &general_params,
+            &pk,
+            &[circuit],
+            &[&[]],
+            rng,
+            &mut transcript,
+        )
+        .expect("proof generation should not fail");
+        let proof = transcript.finalize();
+        end_timer!(start2);
+
+        // Bench verification time
+        let start3 = start_timer!(|| "Keccak Proof verification");
+        let mut verifier_transcript = Blake2bRead::<_, _, Challenge255<_>>::init(&proof[..]);
+        let strategy = SingleVerifier::new(&verifier_params);
+
+        verify_proof(
+            &verifier_params,
+            pk.get_vk(),
+            strategy,
+            &[&[]],
+            &mut verifier_transcript,
+        )
+        .expect("failed to verify bench circuit");
+        end_timer!(start3);
+    }
+}
diff --git a/circuit-benchmarks/src/lib.rs b/circuit-benchmarks/src/lib.rs
@@ -19,3 +19,15 @@ pub mod tx_circuit;
 #[cfg(test)]
 #[cfg(feature = "benches")]
 pub mod super_circuit;
+
+#[cfg(test)]
+#[cfg(feature = "benches")]
+pub mod bit_keccak;
+
+#[cfg(test)]
+#[cfg(feature = "benches")]
+pub mod packed_keccak;
+
+#[cfg(test)]
+#[cfg(feature = "benches")]
+pub mod packed_multi_keccak;
diff --git a/circuit-benchmarks/src/packed_keccak.rs b/circuit-benchmarks/src/packed_keccak.rs
@@ -0,0 +1,82 @@
+//! State circuit benchmarks
+
+#[cfg(test)]
+mod tests {
+    use ark_std::{end_timer, start_timer};
+    use halo2_proofs::plonk::{create_proof, keygen_pk, keygen_vk, verify_proof, SingleVerifier};
+    use halo2_proofs::{
+        pairing::bn256::{Bn256, G1Affine},
+        poly::commitment::{Params, ParamsVerifier},
+        transcript::{Blake2bRead, Blake2bWrite, Challenge255},
+    };
+    use rand::SeedableRng;
+    use rand_xorshift::XorShiftRng;
+    use std::env::var;
+    use zkevm_circuits::keccak_circuit::keccak_packed::KeccakPackedCircuit;
+
+    #[cfg_attr(not(feature = "benches"), ignore)]
+    #[test]
+    fn bench_packed_keccak_circuit_prover() {
+        let degree: u32 = var("DEGREE")
+            .expect("No DEGREE env var was provided")
+            .parse()
+            .expect("Cannot parse DEGREE env var as u32");
+
+        // Create the circuit
+        let mut circuit = KeccakPackedCircuit::new(2usize.pow(degree));
+
+        // Use the complete circuit
+        let inputs = vec![(0u8..135).collect::<Vec<_>>(); circuit.capacity()];
+        circuit.generate_witness(&inputs);
+
+        // Initialize the polynomial commitment parameters
+        let rng = XorShiftRng::from_seed([
+            0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
+            0xbc, 0xe5,
+        ]);
+
+        // Bench setup generation
+        let setup_message = format!("Setup generation with degree = {}", degree);
+        let start1 = start_timer!(|| setup_message);
+        let general_params: Params<G1Affine> = Params::<G1Affine>::unsafe_setup::<Bn256>(degree);
+        let verifier_params: ParamsVerifier<Bn256> =
+            general_params.verifier(degree as usize * 2).unwrap();
+        end_timer!(start1);
+
+        // Initialize the proving key
+        let vk = keygen_vk(&general_params, &circuit).expect("keygen_vk should not fail");
+        let pk = keygen_pk(&general_params, vk, &circuit).expect("keygen_pk should not fail");
+        // Create a proof
+        let mut transcript = Blake2bWrite::<_, _, Challenge255<_>>::init(vec![]);
+
+        // Bench proof generation time
+        let proof_message = format!("Packed Keccak Proof generation with {} rows", degree);
+        let start2 = start_timer!(|| proof_message);
+        create_proof(
+            &general_params,
+            &pk,
+            &[circuit],
+            &[&[]],
+            rng,
+            &mut transcript,
+        )
+        .expect("proof generation should not fail");
+        let proof = transcript.finalize();
+        end_timer!(start2);
+
+        // Bench verification time
+        let start3 = start_timer!(|| "Keccak Proof verification");
+        let mut verifier_transcript = Blake2bRead::<_, _, Challenge255<_>>::init(&proof[..]);
+        let strategy = SingleVerifier::new(&verifier_params);
+
+        verify_proof(
+            &verifier_params,
+            pk.get_vk(),
+            strategy,
+            &[&[]],
+            &mut verifier_transcript,
+        )
+        .expect("failed to verify bench circuit");
+        end_timer!(start3);
+    }
+}
diff --git a/circuit-benchmarks/src/packed_multi_keccak.rs b/circuit-benchmarks/src/packed_multi_keccak.rs
@@ -0,0 +1,82 @@
+//! State circuit benchmarks
+
+#[cfg(test)]
+mod tests {
+    use ark_std::{end_timer, start_timer};
+    use halo2_proofs::plonk::{create_proof, keygen_pk, keygen_vk, verify_proof, SingleVerifier};
+    use halo2_proofs::{
+        pairing::bn256::{Bn256, G1Affine},
+        poly::commitment::{Params, ParamsVerifier},
+        transcript::{Blake2bRead, Blake2bWrite, Challenge255},
+    };
+    use rand::SeedableRng;
+    use rand_xorshift::XorShiftRng;
+    use std::env::var;
+    use zkevm_circuits::keccak_circuit::keccak_packed_multi::KeccakPackedCircuit;
+
+    #[cfg_attr(not(feature = "benches"), ignore)]
+    #[test]
+    fn bench_packed_multi_keccak_circuit_prover() {
+        let degree: u32 = var("DEGREE")
+            .expect("No DEGREE env var was provided")
+            .parse()
+            .expect("Cannot parse DEGREE env var as u32");
+
+        // Create the circuit
+        let mut circuit = KeccakPackedCircuit::new(2usize.pow(degree));
+
+        // Use the complete circuit
+        let inputs = vec![(0u8..135).collect::<Vec<_>>(); circuit.capacity()];
+        circuit.generate_witness(&inputs);
+
+        // Initialize the polynomial commitment parameters
+        let rng = XorShiftRng::from_seed([
+            0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
+            0xbc, 0xe5,
+        ]);
+
+        // Bench setup generation
+        let setup_message = format!("Setup generation with degree = {}", degree);
+        let start1 = start_timer!(|| setup_message);
+        let general_params: Params<G1Affine> = Params::<G1Affine>::unsafe_setup::<Bn256>(degree);
+        let verifier_params: ParamsVerifier<Bn256> =
+            general_params.verifier(degree as usize * 2).unwrap();
+        end_timer!(start1);
+
+        // Initialize the proving key
+        let vk = keygen_vk(&general_params, &circuit).expect("keygen_vk should not fail");
+        let pk = keygen_pk(&general_params, vk, &circuit).expect("keygen_pk should not fail");
+        // Create a proof
+        let mut transcript = Blake2bWrite::<_, _, Challenge255<_>>::init(vec![]);
+
+        // Bench proof generation time
+        let proof_message = format!("Packed Keccak Multi Proof generation with {} rows", degree);
+        let start2 = start_timer!(|| proof_message);
+        create_proof(
+            &general_params,
+            &pk,
+            &[circuit],
+            &[&[]],
+            rng,
+            &mut transcript,
+        )
+        .expect("proof generation should not fail");
+        let proof = transcript.finalize();
+        end_timer!(start2);
+
+        // Bench verification time
+        let start3 = start_timer!(|| "Keccak Proof verification");
+        let mut verifier_transcript = Blake2bRead::<_, _, Challenge255<_>>::init(&proof[..]);
+        let strategy = SingleVerifier::new(&verifier_params);
+
+        verify_proof(
+            &verifier_params,
+            pk.get_vk(),
+            strategy,
+            &[&[]],
+            &mut verifier_transcript,
+        )
+        .expect("failed to verify bench circuit");
+        end_timer!(start3);
+    }
+}
diff --git a/gadgets/src/util.rs b/gadgets/src/util.rs
@@ -78,6 +78,23 @@ pub mod not {
     }
 }
 
+/// Returns `a ^ b`.
+/// `a` and `b` needs to be boolean
+pub mod xor {
+    use crate::util::Expr;
+    use halo2_proofs::{arithmetic::FieldExt, plonk::Expression};
+
+    /// Returns an expression that represents the XOR of the given expression.
+    pub fn expr<F: FieldExt, E: Expr<F>>(a: E, b: E) -> Expression<F> {
+        a.expr() + b.expr() - 2.expr() * a.expr() * b.expr()
+    }
+
+    /// Returns a value that represents the XOR of the given value.
+    pub fn value<F: FieldExt>(a: F, b: F) -> F {
+        a + b - F::from(2u64) * a * b
+    }
+}
+
 /// Returns `when_true` when `selector == 1`, and returns `when_false` when
 /// `selector == 0`. `selector` needs to be boolean.
 pub mod select {

diff --git a/zkevm-circuits/src/evm_circuit/util/constraint_builder.rs b/zkevm-circuits/src/evm_circuit/util/constraint_builder.rs
@@ -227,6 +227,10 @@ impl<F: Field> BaseConstraintBuilder<F> {
             .clone()
             .into_iter()
             .map(|(name, constraint)| (name, selector.clone() * constraint))
+            .filter(|(name, constraint)| {
+                self.validate_degree(constraint.degree(), name);
+                true
+            })
             .collect()
     }
 }

diff --git a/zkevm-circuits/src/keccak_circuit.rs b/zkevm-circuits/src/keccak_circuit.rs
@@ -0,0 +1,10 @@
+//! The keccak circuit implementation.
+
+/// Keccak bit
+pub mod keccak_bit;
+/// Keccak packed
+pub mod keccak_packed;
+/// Keccak packed multi
+pub mod keccak_packed_multi;
+/// Util
+pub mod util;