arnaucube/ark-curves-cherry-picked
1
0
Fork 0
mirror of https://github.com/arnaucube/ark-curves-cherry-picked.git synced 2026-01-08 15:01:29 +01:00
Code Issues Projects Releases Wiki Activity

Make constraint tests check all allocation modes (#35)

Browse Source
This commit is contained in:
Pratyush Mishra
2021-01-08 23:03:52 -08:00
committed by GitHub
parent 39c58df3a6
commit 04b5ef1265
1 changed files with 472 additions and 403 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
curve-constraint-tests/src/lib.rs
View File

@@ -1,4 +1,3 @@
#![no_std]
#![macro_use]
extern crate ark_relations;
@@ -20,13 +19,19 @@ pub mod fields {
AF: TwoBitLookupGadget<ConstraintF, TableConstant = F>,
for<'a> &'a AF: FieldOpsBounds<'a, F, AF>,
{
let modes = [
AllocationMode::Input,
AllocationMode::Witness,
AllocationMode::Constant,
];
for &mode in &modes {
let cs = ConstraintSystem::<ConstraintF>::new_ref();
let mut rng = test_rng();
let a_native = F::rand(&mut rng);
let b_native = F::rand(&mut rng);
let a = AF::new_witness(ark_relations::ns!(cs, "generate_a"), || Ok(a_native))?;
let b = AF::new_witness(ark_relations::ns!(cs, "generate_b"), || Ok(b_native))?;
let a = AF::new_variable(ark_relations::ns!(cs, "generate_a"), || Ok(a_native), mode)?;
let b = AF::new_variable(ark_relations::ns!(cs, "generate_b"), || Ok(b_native), mode)?;
let b_const = AF::new_constant(ark_relations::ns!(cs, "b_as_constant"), b_native)?;
let zero = AF::zero();
@@ -119,7 +124,7 @@ pub mod fields {
assert_eq!(aa.value()?, a_squared.value()?);
assert_eq!(aa.value()?, a_native.square());
let aa = &a * a.value()?;
let aa = &a * a_native;
a_squared.enforce_equal(&aa)?;
assert_eq!(aa.value()?, a_squared.value()?);
assert_eq!(aa.value()?, a_native.square());
@@ -147,7 +152,6 @@ pub mod fields {
assert_eq!(a_native.pow([0x3]), a.pow_by_constant(&[0x3])?.value()?);
assert!(cs.is_satisfied().unwrap());
// a * a * a = a^3
let mut constants = [F::zero(); 4];
for c in &mut constants {
*c = UniformRand::rand(&mut test_rng());
@@ -162,13 +166,14 @@ pub mod fields {
let f = F::from(1u128 << 64);
let f_bits = ark_ff::BitIteratorLE::new(&[0u64, 1u64]).collect::<Vec<_>>();
let fv = AF::new_witness(ark_relations::ns!(cs, "alloc u128"), || Ok(f))?;
let fv = AF::new_variable(ark_relations::ns!(cs, "alloc u128"), || Ok(f), mode)?;
assert_eq!(fv.to_bits_le()?.value().unwrap()[..128], f_bits[..128]);
assert!(cs.is_satisfied().unwrap());
let r_native: F = UniformRand::rand(&mut test_rng());
let r = AF::new_witness(ark_relations::ns!(cs, "r_native"), || Ok(r_native)).unwrap();
let r = AF::new_variable(ark_relations::ns!(cs, "r_native"), || Ok(r_native), mode)
.unwrap();
let _ = r.to_non_unique_bits_le()?;
assert!(cs.is_satisfied().unwrap());
let _ = r.to_bits_le()?;
@@ -182,14 +187,19 @@ pub mod fields {
assert!(cs.is_satisfied().unwrap());
let ab_false = &a + (AF::from(Boolean::Constant(false)) * b_native);
assert_eq!(ab_false.value()?, a_native);
let ab_true = &a + (AF::from(Boolean::Constant(true)) * b_native);
assert_eq!(ab_false.value()?, a_native);
assert_eq!(ab_true.value()?, a_native + &b_native);
if !cs.is_satisfied().unwrap() {
panic!("{:?}", cs.which_is_unsatisfied().unwrap());
panic!(
"Unsatisfied in mode {:?}.\n{:?}",
mode,
cs.which_is_unsatisfied().unwrap()
);
}
assert!(cs.is_satisfied().unwrap());
}
Ok(())
}
@@ -200,11 +210,17 @@ pub mod fields {
AF: FieldVar<F, ConstraintF>,
for<'a> &'a AF: FieldOpsBounds<'a, F, AF>,
{
let modes = [
AllocationMode::Input,
AllocationMode::Witness,
AllocationMode::Constant,
];
for &mode in &modes {
let cs = ConstraintSystem::<ConstraintF>::new_ref();
let mut rng = XorShiftRng::seed_from_u64(1231275789u64);
for i in 0..=maxpower {
let mut a = F::rand(&mut rng);
let mut a_gadget = AF::new_witness(ark_relations::ns!(cs, "a"), || Ok(a))?;
let mut a_gadget = AF::new_variable(ark_relations::ns!(cs, "a"), || Ok(a), mode)?;
a_gadget.frobenius_map_in_place(i)?;
a.frobenius_map(i);
@@ -212,6 +228,7 @@ pub mod fields {
}
assert!(cs.is_satisfied().unwrap());
}
Ok(())
}
}
@@ -234,13 +251,21 @@ pub mod curves {
GG: CurveVar<C, ConstraintF>,
for<'a> &'a GG: GroupOpsBounds<'a, C, GG>,
{
let modes = [
AllocationMode::Input,
AllocationMode::Witness,
AllocationMode::Constant,
];
for &mode in &modes {
let cs = ConstraintSystem::<ConstraintF>::new_ref();
let mut rng = test_rng();
let a_native = C::rand(&mut rng);
let b_native = C::rand(&mut rng);
let a = GG::new_witness(ark_relations::ns!(cs, "generate_a"), || Ok(a_native)).unwrap();
let b = GG::new_witness(ark_relations::ns!(cs, "generate_b"), || Ok(b_native)).unwrap();
let a = GG::new_variable(ark_relations::ns!(cs, "generate_a"), || Ok(a_native), mode)
.unwrap();
let b = GG::new_variable(ark_relations::ns!(cs, "generate_b"), || Ok(b_native), mode)
.unwrap();
let zero = GG::zero();
assert_eq!(zero.value()?, zero.value()?);
@@ -293,9 +318,14 @@ pub mod curves {
let _ = b.to_bytes()?;
let _ = b.to_non_unique_bytes()?;
if !cs.is_satisfied().unwrap() {
panic!("{:?}", cs.which_is_unsatisfied().unwrap());
panic!(
"Unsatisfied in mode {:?}.\n{:?}",
mode,
cs.which_is_unsatisfied().unwrap()
);
}
assert!(cs.is_satisfied().unwrap());
}
Ok(())
}
@@ -305,8 +335,14 @@ pub mod curves {
GG: CurveVar<SWProjective<P>, <P::BaseField as Field>::BasePrimeField>,
for<'a> &'a GG: GroupOpsBounds<'a, SWProjective<P>, GG>,
{
let modes = [
AllocationMode::Input,
AllocationMode::Witness,
AllocationMode::Constant,
];
for &mode in &modes {
use ark_ec::group::Group;
use ark_ff::BitIteratorLE;
use ark_ff::{BitIteratorLE, Zero};
use ark_r1cs_std::prelude::*;
use ark_std::UniformRand;
@@ -322,8 +358,9 @@ pub mod curves {
let b_affine = b.into_affine();
let ns = ark_relations::ns!(cs, "allocating variables");
let mut gadget_a = GG::new_witness(cs.clone(), || Ok(a))?;
let gadget_b = GG::new_witness(cs.clone(), || Ok(b))?;
let mut gadget_a = GG::new_variable(cs.clone(), || Ok(a), mode)?;
let gadget_b = GG::new_variable(cs.clone(), || Ok(b), mode)?;
let zero = GG::zero();
drop(ns);
assert_eq!(gadget_a.value()?.into_affine().x, a_affine.x);
assert_eq!(gadget_a.value()?.into_affine().y, a_affine.y);
@@ -342,6 +379,9 @@ pub mod curves {
assert_eq!(ab_val, ab_affine, "Result of addition is unequal");
assert!(cs.is_satisfied().unwrap());
let gadget_a_zero = &gadget_a + &zero;
gadget_a_zero.enforce_equal(&gadget_a)?;
// Check doubling
let aa = Group::double(&a);
let aa_affine = aa.into_affine();
@@ -369,11 +409,26 @@ pub mod curves {
);
assert!(cs.is_satisfied().unwrap());
let result = zero.scalar_mul_le(input.iter())?;
let result_val = result.value()?.into_affine();
result.enforce_equal(&zero)?;
assert_eq!(
result_val,
SWProjective::zero(),
"gadget & native values are diff. after scalar mul of zero"
);
assert!(cs.is_satisfied().unwrap());
if !cs.is_satisfied().unwrap() {
panic!("{:?}", cs.which_is_unsatisfied().unwrap());
panic!(
"Unsatisfied in mode {:?}.\n{:?}",
mode,
cs.which_is_unsatisfied().unwrap()
);
}
assert!(cs.is_satisfied().unwrap());
}
Ok(())
}
@@ -383,6 +438,12 @@ pub mod curves {
GG: CurveVar<TEProjective<P>, <P::BaseField as Field>::BasePrimeField>,
for<'a> &'a GG: GroupOpsBounds<'a, TEProjective<P>, GG>,
{
let modes = [
AllocationMode::Input,
AllocationMode::Witness,
AllocationMode::Constant,
];
for &mode in &modes {
use ark_ec::group::Group;
use ark_ff::BitIteratorLE;
use ark_std::UniformRand;
@@ -399,8 +460,8 @@ pub mod curves {
let b_affine = b.into_affine();
let ns = ark_relations::ns!(cs, "allocating variables");
let mut gadget_a = GG::new_witness(cs.clone(), || Ok(a))?;
let gadget_b = GG::new_witness(cs.clone(), || Ok(b))?;
let mut gadget_a = GG::new_variable(cs.clone(), || Ok(a), mode)?;
let gadget_b = GG::new_variable(cs.clone(), || Ok(b), mode)?;
drop(ns);
assert_eq!(gadget_a.value()?.into_affine().x, a_affine.x);
@@ -448,10 +509,15 @@ pub mod curves {
assert!(cs.is_satisfied().unwrap());
if !cs.is_satisfied().unwrap() {
panic!("{:?}", cs.which_is_unsatisfied().unwrap());
panic!(
"Unsatisfied in mode {:?}.\n{:?}",
mode,
cs.which_is_unsatisfied().unwrap()
);
}
assert!(cs.is_satisfied().unwrap());
}
Ok(())
}
}
@@ -470,6 +536,12 @@ pub mod pairing {
for<'a> &'a P::G2Var: GroupOpsBounds<'a, E::G2Projective, P::G2Var>,
for<'a> &'a P::GTVar: FieldOpsBounds<'a, E::Fqk, P::GTVar>,
{
let modes = [
AllocationMode::Input,
AllocationMode::Witness,
AllocationMode::Constant,
];
for &mode in &modes {
let cs = ConstraintSystem::<E::Fq>::new_ref();
let mut rng = test_rng();
@@ -482,10 +554,10 @@ pub mod pairing {
let mut sb = b;
sb *= s;
let a_g = P::G1Var::new_witness(cs.clone(), || Ok(a.into_affine()))?;
let b_g = P::G2Var::new_witness(cs.clone(), || Ok(b.into_affine()))?;
let sa_g = P::G1Var::new_witness(cs.clone(), || Ok(sa.into_affine()))?;
let sb_g = P::G2Var::new_witness(cs.clone(), || Ok(sb.into_affine()))?;
let a_g = P::G1Var::new_variable(cs.clone(), || Ok(a.into_affine()), mode)?;
let b_g = P::G2Var::new_variable(cs.clone(), || Ok(b.into_affine()), mode)?;
let sa_g = P::G1Var::new_variable(cs.clone(), || Ok(sa.into_affine()), mode)?;
let sb_g = P::G2Var::new_variable(cs.clone(), || Ok(sb.into_affine()), mode)?;
let mut _preparation_num_constraints = cs.num_constraints();
let a_prep_g = P::prepare_g1(&a_g)?;
@@ -537,18 +609,15 @@ pub mod pairing {
assert_eq!(ans2_g.value()?, ans3_g.value()?, "Failed ans2 == ans3");
if !cs.is_satisfied().unwrap() {
panic!("Unsatisfied: {:?}", cs.which_is_unsatisfied());
panic!(
"Unsatisfied in mode {:?}.\n{:?}",
mode,
cs.which_is_unsatisfied().unwrap()
);
}
assert!(cs.is_satisfied().unwrap(), "cs is not satisfied");
}
Ok(())
}
}
#[cfg(test)]
mod tests {
#[test]
fn it_works() {
assert_eq!(2 + 2, 4);
}
}