Add solidity groth16, kzg10 and final decider verifiers in a dedicated workspace (#70)

* change: Refactor structure into workspace

* chore: Add empty readme

* change: Transform repo into workspace

* add: Create folding-verifier-solidity crate

* add: Include askama.toml for `sol` extension escaper

* add: Jordi's old Groth16 verifier .sol template and adapt it

* tmp: create simple template struct to test

* Update FoldingSchemes trait, fit Nova+CycleFold

- update lib.rs's `FoldingScheme` trait interface
- fit Nova+CycleFold into the `FoldingScheme` trait
- refactor `src/nova/*`

* chore: add serialization assets for testing

Now we include an `assets` folder with a serialized proof & vk for tests

* Add `examples` dir, with Nova's `FoldingScheme` example

* polishing

* expose poseidon_test_config outside tests

* change: Refactor structure into workspace

* chore: Add empty readme

* change: Transform repo into workspace

* add: Create folding-verifier-solidity crate

* add: Include askama.toml for `sol` extension escaper

* add: Jordi's old Groth16 verifier .sol template and adapt it

* tmp: create simple template struct to test

* feat: templating kzg working

* chore: add emv and revm

* feat: start evm file

* chore: add ark-poly-commit

* chore: move `commitment` to `folding-schemes`

* chore: update `.gitignore` to ignore generated contracts

* chore: update template with bn254 lib on it (avoids import), update for loop to account for whitespaces

* refactor: update template with no lib

* feat: add evm deploy code, compile and create kzg verifier

* chore: update `Cargo.toml` to have `folding-schemes` available with verifiers

* feat: start kzg prove and verify with sol

* chore: compute crs from kzg prover

* feat: evm kzg verification passing

* tmp

* change: Swap order of G2 coordinates within the template

* Update way to serialize proof with correct order

* chore: update `Cargo.toml`

* chore: add revm

* chore: add `save_solidity`

* refactor: verifiers in dedicated mod

* refactor: have dedicated `utils` module

* chore: expose modules

* chore: update verifier for kzg

* chore: rename templates

* fix: look for binary using also name of contract

* refactor: generate groth16 proof for sha256 pre-image, generate groth16 template with verifying key

* chore: template renaming

* fix: switch circuit for circuit that simply adds

* feat: generates test data on the fly

* feat: update to latest groth16 verifier

* refactor: rename folder, update `.gitignore`

* chore: update `Cargo.toml`

* chore: update templates extension to indicate that they are templates

* chore: rename templates, both files and structs

* fix: template inheritance working

* feat: template spdx and pragma statements

* feat: decider verifier compiles, update test for kzg10 and groth16 templates

* feat: parameterize which size of the crs should be stored on the contract

* chore: add comment on how the groth16 and kzg10 proofs will be linked together

* chore: cargo clippy run

* chore: cargo clippy tests

* chore: cargo fmt

* refactor: remove unused lifetime parameter

* chore: end merge

* chore: move examples to `folding-schemes` workspace

* get latest main changes

* fix: temp fix clippy warnings, will remove lints once not used in tests only

* fix: cargo clippy lint added on `code_size`

* fix: update path to test circuit and add step for installing solc

* chore: remove `save_solidity` steps

* fix: the borrowed expression implements the required traits

* chore: update `Cargo.toml`

* chore: remove extra `[patch.crates-io]`

* fix: update to patch at the workspace level and add comment explaining this

* refactor: correct `staticcall` with valid input/output sizes and change return syntax for pairing

* refactor: expose modules and remove `dead_code` calls

* chore: update `README.md`, add additional comments on `kzg10` template and update `groth16` template comments

* chore: be clearer on attributions on `kzg10`

---------

Co-authored-by: CPerezz <c.perezbaro@gmail.com>
Co-authored-by: arnaucube <root@arnaucube.com>

folding-schemes/src/lib.rs

@@ -0,0 +1,156 @@
+#![allow(non_snake_case)]
+#![allow(non_upper_case_globals)]
+#![allow(non_camel_case_types)]
+#![allow(clippy::upper_case_acronyms)]
+
+use ark_ec::CurveGroup;
+use ark_ff::PrimeField;
+use ark_std::rand::CryptoRng;
+use ark_std::{fmt::Debug, rand::RngCore};
+use thiserror::Error;
+
+use crate::frontend::FCircuit;
+
+pub mod ccs;
+pub mod commitment;
+pub mod constants;
+pub mod folding;
+pub mod frontend;
+pub mod transcript;
+pub mod utils;
+
+#[derive(Debug, Error)]
+pub enum Error {
+    #[error("ark_relations::r1cs::SynthesisError")]
+    SynthesisError(#[from] ark_relations::r1cs::SynthesisError),
+    #[error("ark_serialize::SerializationError")]
+    SerializationError(#[from] ark_serialize::SerializationError),
+    #[error("ark_poly_commit::Error")]
+    PolyCommitError(#[from] ark_poly_commit::Error),
+    #[error("crate::utils::espresso::virtual_polynomial::ArithErrors")]
+    ArithError(#[from] utils::espresso::virtual_polynomial::ArithErrors),
+    #[error("{0}")]
+    Other(String),
+
+    #[error("Relation not satisfied")]
+    NotSatisfied,
+    #[error("Not equal")]
+    NotEqual,
+    #[error("Vectors should have the same length ({0}: {1}, {2}: {3})")]
+    NotSameLength(String, usize, String, usize),
+    #[error("Vector's length ({0}) is not the expected ({1})")]
+    NotExpectedLength(usize, usize),
+    #[error("Can not be empty")]
+    Empty,
+    #[error("Pedersen parameters length is not suficient (generators.len={0} < vector.len={1} unsatisfied)")]
+    PedersenParamsLen(usize, usize),
+    #[error("Commitment verification failed")]
+    CommitmentVerificationFail,
+    #[error("IVC verification failed")]
+    IVCVerificationFail,
+    #[error("R1CS instance is expected to not be relaxed")]
+    R1CSUnrelaxedFail,
+    #[error("Could not find the inner ConstraintSystem")]
+    NoInnerConstraintSystem,
+    #[error("Sum-check prove failed: {0}")]
+    SumCheckProveError(String),
+    #[error("Sum-check verify failed: {0}")]
+    SumCheckVerifyError(String),
+    #[error("Value out of bounds")]
+    OutOfBounds,
+    #[error("Could not construct the Evaluation Domain")]
+    NewDomainFail,
+    #[error("Feature '{0}' not supported yet")]
+    NotSupportedYet(String),
+
+    #[error(transparent)]
+    ProtoGalaxy(folding::protogalaxy::ProtoGalaxyError),
+}
+
+/// FoldingScheme defines trait that is implemented by the diverse folding schemes. It is defined
+/// over a cycle of curves (C1, C2), where:
+/// - C1 is the main curve, which ScalarField we use as our F for al the field operations
+/// - C2 is the auxiliary curve, which we use for the commitments, whose BaseField (for point
+/// coordinates) are in the C1::ScalarField.
+/// In other words, C1.Fq == C2.Fr, and C1.Fr == C2.Fq.
+pub trait FoldingScheme<C1: CurveGroup, C2: CurveGroup, FC>: Clone + Debug
+where
+    C1: CurveGroup<BaseField = C2::ScalarField, ScalarField = C2::BaseField>,
+    C2::BaseField: PrimeField,
+    FC: FCircuit<C1::ScalarField>,
+{
+    type PreprocessorParam: Debug;
+    type ProverParam: Debug;
+    type VerifierParam: Debug;
+    type CommittedInstanceWithWitness: Debug;
+    type CFCommittedInstanceWithWitness: Debug; // CycleFold CommittedInstance & Witness
+
+    fn preprocess(
+        prep_param: &Self::PreprocessorParam,
+    ) -> Result<(Self::ProverParam, Self::VerifierParam), Error>;
+
+    fn init(
+        pp: &Self::ProverParam,
+        step_circuit: FC,
+        z_0: Vec<C1::ScalarField>, // initial state
+    ) -> Result<Self, Error>;
+
+    fn prove_step(&mut self) -> Result<(), Error>;
+
+    // returns the state at the current step
+    fn state(&self) -> Vec<C1::ScalarField>;
+
+    // returns the instances at the current step
+    fn instances(
+        &self,
+    ) -> (
+        Self::CommittedInstanceWithWitness,
+        Self::CommittedInstanceWithWitness,
+        Self::CFCommittedInstanceWithWitness,
+    );
+
+    fn verify(
+        vp: Self::VerifierParam,
+        z_0: Vec<C1::ScalarField>, // initial state
+        z_i: Vec<C1::ScalarField>, // last state
+        // number of steps between the initial state and the last state
+        num_steps: C1::ScalarField,
+        running_instance: Self::CommittedInstanceWithWitness,
+        incomming_instance: Self::CommittedInstanceWithWitness,
+        cyclefold_instance: Self::CFCommittedInstanceWithWitness,
+    ) -> Result<(), Error>;
+}
+
+pub trait Decider<
+    C1: CurveGroup,
+    C2: CurveGroup,
+    FC: FCircuit<C1::ScalarField>,
+    FS: FoldingScheme<C1, C2, FC>,
+> where
+    C1: CurveGroup<BaseField = C2::ScalarField, ScalarField = C2::BaseField>,
+    C2::BaseField: PrimeField,
+{
+    type ProverParam: Clone;
+    type Proof: Clone;
+    type VerifierParam;
+    type PublicInput: Debug;
+    type CommittedInstanceWithWitness: Debug;
+    type CommittedInstance: Clone + Debug;
+
+    fn prove(
+        pp: &Self::ProverParam,
+        rng: impl RngCore + CryptoRng,
+        folding_scheme: FS,
+    ) -> Result<Self::Proof, Error>;
+
+    fn verify(
+        vp: &Self::VerifierParam,
+        i: C1::ScalarField,
+        z_0: Vec<C1::ScalarField>,
+        z_i: Vec<C1::ScalarField>,
+        running_instance: &Self::CommittedInstance,
+        proof: Self::Proof,
+        // returns `Result<bool, Error>` to differentiate between an error occurred while performing
+        // the verification steps, and the verification logic of the scheme not passing.
+    ) -> Result<bool, Error>;
+}