pk writing bug

succinctlabs · Aug 30, 2023 · 9032901 · 9032901
1 parent f0b21ae
commit 9032901
Show file tree

Hide file tree

Showing 6 changed files with 105 additions and 27 deletions.
diff --git a/plonky2x-verifier/circuit.go b/plonky2x-verifier/circuit.go
@@ -3,6 +3,7 @@ package main
 import (
 	"bufio"
 	"fmt"
+	"io"
 	"os"
 	"time"
 
@@ -84,23 +85,23 @@ func VerifierCircuitTest(circuitPath string, dummyCircuitPath string) error {
 	verifierOnlyCircuitData := verifier.DeserializeVerifierOnlyCircuitData(dummyCircuitPath + "/verifier_only_circuit_data.json")
 	proofWithPis := verifier.DeserializeProofWithPublicInputs(dummyCircuitPath + "/proof_with_public_inputs.json")
 	circuit := Plonky2xVerifierCircuit{
-		ProofWithPis: proofWithPis,
-		VerifierData: verifierOnlyCircuitData,
+		ProofWithPis:   proofWithPis,
+		VerifierData:   verifierOnlyCircuitData,
 		VerifierDigest: new(frontend.Variable),
-		InputHash:    new(frontend.Variable),
-		OutputHash:    new(frontend.Variable),
-		CircuitPath:  dummyCircuitPath,
+		InputHash:      new(frontend.Variable),
+		OutputHash:     new(frontend.Variable),
+		CircuitPath:    dummyCircuitPath,
 	}
 
 	verifierOnlyCircuitData = verifier.DeserializeVerifierOnlyCircuitData(circuitPath + "/verifier_only_circuit_data.json")
 	proofWithPis = verifier.DeserializeProofWithPublicInputs(circuitPath + "/proof_with_public_inputs.json")
 	witness := Plonky2xVerifierCircuit{
-		ProofWithPis: proofWithPis,
-		VerifierData: verifierOnlyCircuitData,
+		ProofWithPis:   proofWithPis,
+		VerifierData:   verifierOnlyCircuitData,
 		VerifierDigest: new(frontend.Variable),
-		InputHash:    new(frontend.Variable),
-		OutputHash:    new(frontend.Variable),
-		CircuitPath:  dummyCircuitPath,
+		InputHash:      new(frontend.Variable),
+		OutputHash:     new(frontend.Variable),
+		CircuitPath:    dummyCircuitPath,
 	}
 	return test.IsSolved(&circuit, &witness, ecc.BN254.ScalarField())
 }
@@ -110,12 +111,12 @@ func CompileVerifierCircuit(dummyCircuitPath string) (constraint.ConstraintSyste
 	verifierOnlyCircuitData := verifier.DeserializeVerifierOnlyCircuitData(dummyCircuitPath + "/verifier_only_circuit_data.json")
 	proofWithPis := verifier.DeserializeProofWithPublicInputs(dummyCircuitPath + "/proof_with_public_inputs.json")
 	circuit := Plonky2xVerifierCircuit{
-		ProofWithPis: proofWithPis,
-		VerifierData: verifierOnlyCircuitData,
+		ProofWithPis:   proofWithPis,
+		VerifierData:   verifierOnlyCircuitData,
 		VerifierDigest: new(frontend.Variable),
-		InputHash:    new(frontend.Variable),
-		OutputHash:    new(frontend.Variable),
-		CircuitPath:  dummyCircuitPath,
+		InputHash:      new(frontend.Variable),
+		OutputHash:     new(frontend.Variable),
+		CircuitPath:    dummyCircuitPath,
 	}
 	r1cs, err := frontend.Compile(ecc.BN254.ScalarField(), r1cs.NewBuilder, &circuit)
 	if err != nil {
@@ -142,7 +143,7 @@ func SaveVerifierCircuit(path string, r1cs constraint.ConstraintSystem, pk groth
 	if err != nil {
 		return fmt.Errorf("failed to create r1cs file: %w", err)
 	}
-	r1csWriter := bufio.NewWriter(r1csFile)
+	r1csWriter := io.Writer(r1csFile)
 	start := time.Now()
 	r1cs.WriteTo(r1csWriter)
 	r1csFile.Close()
@@ -154,9 +155,8 @@ func SaveVerifierCircuit(path string, r1cs constraint.ConstraintSystem, pk groth
 	if err != nil {
 		return fmt.Errorf("failed to create pk file: %w", err)
 	}
-	pkWriter := bufio.NewWriter(pkFile)
 	start = time.Now()
-	pk.WriteRawTo(pkWriter)
+	pk.WriteRawTo(pkFile)
 	pkFile.Close()
 	elapsed = time.Since(start)
 	log.Debug().Msg("Successfully saved proving key, time: " + elapsed.String())

diff --git a/plonky2x-verifier/cli.go b/plonky2x-verifier/cli.go
@@ -17,6 +17,7 @@ func main() {
 	verifyFlag := flag.Bool("verify", false, "verify a proof")
 	testFlag := flag.Bool("test", false, "test the circuit")
 	compileFlag := flag.Bool("compile", false, "Compile and save the universal verifier circuit")
+	contractFlag := flag.Bool("contract", true, "Generate solidity contract")
 	flag.Parse()
 
 	log := logger.Logger()
@@ -52,6 +53,15 @@ func main() {
 			log.Error().Msg("failed to save verifier circuit:" + err.Error())
 			os.Exit(1)
 		}
+
+		if *contractFlag {
+			log.Info().Msg("generating solidity contract")
+			err := ExportIFunctionVerifierSolidity("./build", vk)
+			if err != nil {
+				log.Error().Msg("failed to generate solidity contract:" + err.Error())
+				os.Exit(1)
+			}
+		}
 	}
 
 	if *proofFlag {

diff --git a/plonky2x-verifier/prover.go b/plonky2x-verifier/prover.go
@@ -57,12 +57,12 @@ func Prove(circuitPath string, r1cs constraint.ConstraintSystem, pk groth16.Prov
 
 	// Circuit assignment
 	assignment := &Plonky2xVerifierCircuit{
-		ProofWithPis: proofWithPis,
-		VerifierData: verifierOnlyCircuitData,
+		ProofWithPis:   proofWithPis,
+		VerifierData:   verifierOnlyCircuitData,
 		VerifierDigest: new(frontend.Variable),
-		InputHash:    new(frontend.Variable),
-		OutputHash:    new(frontend.Variable),
-		CircuitPath:  circuitPath,
+		InputHash:      new(frontend.Variable),
+		OutputHash:     new(frontend.Variable),
+		CircuitPath:    circuitPath,
 	}
 
 	log.Debug().Msg("Generating witness")

diff --git a/plonky2x-verifier/veifier_test.go b/plonky2x-verifier/veifier_test.go
@@ -22,8 +22,8 @@ func TestPlonky2xVerifierCircuit(t *testing.T) {
 			ProofWithPis:   proofWithPis,
 			VerifierData:   verifierOnlyCircuitData,
 			VerifierDigest: new(frontend.Variable),
-			InputHash:    new(frontend.Variable),
-			OutputHash:    new(frontend.Variable),
+			InputHash:      new(frontend.Variable),
+			OutputHash:     new(frontend.Variable),
 			CircuitPath:    dummyCircuitPath,
 		}
 
@@ -33,8 +33,8 @@ func TestPlonky2xVerifierCircuit(t *testing.T) {
 			ProofWithPis:   proofWithPis,
 			VerifierData:   verifierOnlyCircuitData,
 			VerifierDigest: new(frontend.Variable),
-			InputHash:    new(frontend.Variable),
-			OutputHash:    new(frontend.Variable),
+			InputHash:      new(frontend.Variable),
+			OutputHash:     new(frontend.Variable),
 			CircuitPath:    dummyCircuitPath,
 		}
 		return test.IsSolved(&circuit, &witness, ecc.BN254.ScalarField())

diff --git a/plonky2x-verifier/verifier.go b/plonky2x-verifier/verifier.go
@@ -1,10 +1,13 @@
 package main
 
 import (
+	"bufio"
+	"bytes"
 	"encoding/json"
 	"fmt"
 	"io"
 	"os"
+	"strings"
 	"time"
 
 	"github.com/consensys/gnark-crypto/ecc"
@@ -76,3 +79,63 @@ func LoadProof(circuitPath string) (groth16.Proof, error) {
 
 	return proof, nil
 }
+
+func ExportIFunctionVerifierSolidity(path string, vk groth16.VerifyingKey) error {
+	log := logger.Logger()
+	// Create a new buffer and export the VerifyingKey into it as a Solidity contract and
+	// convert the buffer content to a string for further manipulation.
+	buf := new(bytes.Buffer)
+	err := vk.ExportSolidity(buf)
+	if err != nil {
+		log.Err(err).Msg("failed to export verifying key to solidity")
+		return err
+	}
+	content := buf.String()
+
+	contractFile, err := os.Create(path + "/FunctionVerifier.sol")
+	if err != nil {
+		return err
+	}
+	w := bufio.NewWriter(contractFile)
+
+	// Custom replacements to make compatible with IFunctionVerifier.
+	content = strings.ReplaceAll(content, "uint256[2] calldata input", "uint256[2] memory input")
+	content = strings.ReplaceAll(content, "pragma solidity ^0.8.0;", "pragma solidity ^0.8.16;")
+	// write the new content to the writer
+	_, err = w.Write([]byte(content))
+	if err != nil {
+		return err
+	}
+
+	// Generate the IFunctionVerifier interface and FunctionVerifier contract.
+	solidityIFunctionVerifier := `
+interface IFunctionVerifier {
+    function verify(bytes32 _circuitDigest, bytes32 _inputHash, bytes32 _outputHash, bytes memory _proof) external view returns (bool);
+
+    function verificationKeyHash() external pure returns (bytes32);
+}
+
+contract FunctionVerifier is IFunctionVerifier, Verifier {
+    function verify(bytes32 _circuitDigest, bytes32 _inputHash, bytes32 _outputHash, bytes memory _proof) external view returns (bool) {
+        (uint256[2] memory a, uint256[2][2] memory b, uint256[2] memory c) =
+            abi.decode(_proof, (uint256[2], uint256[2][2], uint256[2]));
+
+        uint256[3] memory input = [uint256(_circuitDigest), uint256(_inputHash), uint256(_outputHash)];
+        input[0] = input[0] & ((1 << 253) - 1);
+        input[1] = input[1] & ((1 << 253) - 1);
+		input[2] = input[2] & ((1 << 253) - 1); 
+
+        return verifyProof(a, b, c, input);
+    }
+
+    function verificationKeyHash() external pure returns (bytes32) {
+        return keccak256(abi.encode(verifyingKey()));
+    }
+}
+`
+	// write the IFunctionVerifier and FunctionVerifier to the writer
+
+	_, err = w.Write([]byte(solidityIFunctionVerifier))
+	contractFile.Close()
+	return err
+}
diff --git a/plonky2x/src/frontend/recursion/verifier.rs b/plonky2x/src/frontend/recursion/verifier.rs
@@ -0,0 +1,5 @@
+// /// A variable encoding the verifier circuit data for a plonky2x proof.
+// #[derive(Debug, Clone)]
+// pub struct VerifierVariable {
+//     pub constants_sigmas_cap: MerkleCapVariable,
+// }