implement spartan verifier as a circuit and verify it with groth16

benches/nizk.rs

@@ -1,4 +1,3 @@
-#![allow(clippy::assertions_on_result_states)]
 extern crate byteorder;
 extern crate core;
 extern crate criterion;
@@ -7,89 +6,137 @@ extern crate libspartan;
 extern crate merlin;
 extern crate sha3;
 
+use std::time::{Duration, SystemTime};
+
 use libspartan::{
-  parameters::poseidon_params, poseidon_transcript::PoseidonTranscript, Instance, NIZKGens, NIZK,
+  parameters::POSEIDON_PARAMETERS_FR_377, poseidon_transcript::PoseidonTranscript, Instance, NIZK,
 };
-use merlin::Transcript;
 
 use criterion::*;
 
 fn nizk_prove_benchmark(c: &mut Criterion) {
-  for &s in [10, 12, 16].iter() {
-    let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
-    let mut group = c.benchmark_group("NIZK_prove_benchmark");
-    group.plot_config(plot_config);
+  for &s in [24, 28, 30].iter() {
+    let mut group = c.benchmark_group("R1CS_prove_benchmark");
 
     let num_vars = (2_usize).pow(s as u32);
     let num_cons = num_vars;
     let num_inputs = 10;
-
-    let params = poseidon_params();
-
+    let start = SystemTime::now();
     let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
+    let end = SystemTime::now();
+    let duration = end.duration_since(start).unwrap();
+    println!(
+      "Generating r1cs instance with {} constraints took {} ms",
+      num_cons,
+      duration.as_millis()
+    );
 
-    let gens = NIZKGens::new(num_cons, num_vars, num_inputs);
-
-    let name = format!("NIZK_prove_{}", num_vars);
-    group.bench_function(&name, move |b| {
-      b.iter(|| {
-        let mut prover_transcript = PoseidonTranscript::new(&params);
-        NIZK::prove(
-          black_box(&inst),
-          black_box(vars.clone()),
-          black_box(&inputs),
-          black_box(&gens),
-          black_box(&mut prover_transcript),
-        );
+    let name = format!("R1CS_prove_{}", num_vars);
+    group
+      .measurement_time(Duration::from_secs(60))
+      .bench_function(&name, move |b| {
+        b.iter(|| {
+          let mut prover_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+          NIZK::prove(
+            black_box(&inst),
+            black_box(vars.clone()),
+            black_box(&inputs),
+            black_box(&mut prover_transcript),
+          );
+        });
       });
-    });
     group.finish();
   }
 }
 
 fn nizk_verify_benchmark(c: &mut Criterion) {
-  for &s in [10, 12, 16].iter() {
-    let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
-    let mut group = c.benchmark_group("NIZK_verify_benchmark");
-    group.plot_config(plot_config);
+  for &s in [4, 6, 8, 10, 12, 16, 20, 24, 28, 30].iter() {
+    let mut group = c.benchmark_group("R1CS_verify_benchmark");
 
     let num_vars = (2_usize).pow(s as u32);
     let num_cons = num_vars;
+    // these are the public io
     let num_inputs = 10;
+    let start = SystemTime::now();
     let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
-
-    let gens = NIZKGens::new(num_cons, num_vars, num_inputs);
-    let params = poseidon_params();
+    let end = SystemTime::now();
+    let duration = end.duration_since(start).unwrap();
+    println!(
+      "Generating r1cs instance with {} constraints took {} ms",
+      num_cons,
+      duration.as_millis()
+    );
     // produce a proof of satisfiability
-    let mut prover_transcript = PoseidonTranscript::new(&params);
-    let proof = NIZK::prove(&inst, vars, &inputs, &gens, &mut prover_transcript);
+    let mut prover_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+    let proof = NIZK::prove(&inst, vars, &inputs, &mut prover_transcript);
 
-    let name = format!("NIZK_verify_{}", num_cons);
-    group.bench_function(&name, move |b| {
-      b.iter(|| {
-        let mut verifier_transcript = PoseidonTranscript::new(&params);
-        assert!(proof
-          .verify(
-            black_box(&inst),
-            black_box(&inputs),
-            black_box(&mut verifier_transcript),
-            black_box(&gens)
-          )
-          .is_ok());
+    let name = format!("R1CS_verify_{}", num_cons);
+    group
+      .measurement_time(Duration::from_secs(60))
+      .bench_function(&name, move |b| {
+        b.iter(|| {
+          let mut verifier_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+          assert!(proof
+            .verify(
+              black_box(&inst),
+              black_box(&inputs),
+              black_box(&mut verifier_transcript),
+            )
+            .is_ok());
+        });
+      });
+    group.finish();
+  }
+}
+
+fn nizk_verify_groth16_benchmark(c: &mut Criterion) {
+  for &s in [4, 6, 8, 10, 12, 16, 20, 24, 28, 30].iter() {
+    let mut group = c.benchmark_group("R1CS_verify_groth16_benchmark");
+
+    let num_vars = (2_usize).pow(s as u32);
+    let num_cons = num_vars;
+    // these are the public io
+    let num_inputs = 10;
+    let start = SystemTime::now();
+    let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
+    let end = SystemTime::now();
+    let duration = end.duration_since(start).unwrap();
+    println!(
+      "Generating r1cs instance with {} constraints took {} ms",
+      num_cons,
+      duration.as_millis()
+    );
+    // produce a proof of satisfiability
+    let mut prover_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+    let proof = NIZK::prove(&inst, vars, &inputs, &mut prover_transcript);
+
+    let name = format!("R1CS_verify_groth16_{}", num_cons);
+    group
+      .measurement_time(Duration::from_secs(60))
+      .bench_function(&name, move |b| {
+        b.iter(|| {
+          let mut verifier_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+          assert!(proof
+            .verify_groth16(
+              black_box(&inst),
+              black_box(&inputs),
+              black_box(&mut verifier_transcript),
+            )
+            .is_ok());
+        });
       });
-    });
     group.finish();
   }
 }
 
 fn set_duration() -> Criterion {
-  Criterion::default().sample_size(10)
+  Criterion::default().sample_size(2)
 }
 
 criterion_group! {
 name = benches_nizk;
 config = set_duration();
-targets = nizk_prove_benchmark, nizk_verify_benchmark
+targets =   nizk_prove_benchmark, nizk_verify_benchmark, nizk_verify_groth16_benchmark
 }
 
 criterion_main!(benches_nizk);

benches/r1cs.rs

@@ -0,0 +1,68 @@
+use std::time::Instant;
+
+use libspartan::{
+  parameters::POSEIDON_PARAMETERS_FR_377, poseidon_transcript::PoseidonTranscript, Instance, NIZK,
+};
+use serde::Serialize;
+
+#[derive(Default, Clone, Serialize)]
+struct BenchmarkResults {
+  power: usize,
+  input_constraints: usize,
+  spartan_verifier_circuit_constraints: usize,
+  r1cs_instance_generation_time: u128,
+  spartan_proving_time: u128,
+  groth16_setup_time: u128,
+  groth16_proving_time: u128,
+  groth16_verification_time: u128,
+  testudo_proving_time: u128,
+}
+
+fn main() {
+  let mut writer = csv::Writer::from_path("testudo.csv").expect("unable to open csv writer");
+  for &s in [
+    10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26,
+  ]
+  .iter()
+  {
+    println!("Running for {} inputs", s);
+    let mut br = BenchmarkResults::default();
+    let num_vars = (2_usize).pow(s as u32);
+    let num_cons = num_vars;
+    br.power = s;
+    br.input_constraints = num_cons;
+    let num_inputs = 10;
+
+    let start = Instant::now();
+    let (inst, vars, inputs) = Instance::produce_synthetic_r1cs(num_cons, num_vars, num_inputs);
+    let duration = start.elapsed().as_millis();
+    br.r1cs_instance_generation_time = duration;
+    let mut prover_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+    let start = Instant::now();
+    let proof = NIZK::prove(&inst, vars, &inputs, &mut prover_transcript);
+    let duration = start.elapsed().as_millis();
+    println!("{:?}", duration);
+    br.spartan_proving_time = duration;
+
+    let mut verifier_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+    let res = proof.verify(&inst, &inputs, &mut verifier_transcript);
+    assert!(res.is_ok());
+    br.spartan_verifier_circuit_constraints = res.unwrap();
+
+    let mut verifier_transcript = PoseidonTranscript::new(&POSEIDON_PARAMETERS_FR_377);
+    let res = proof.verify_groth16(&inst, &inputs, &mut verifier_transcript);
+    assert!(res.is_ok());
+
+    let (ds, dp, dv) = res.unwrap();
+    br.groth16_setup_time = ds;
+    br.groth16_proving_time = dp;
+    br.groth16_verification_time = dv;
+
+    br.testudo_proving_time = br.spartan_proving_time + br.groth16_proving_time;
+
+    writer
+      .serialize(br)
+      .expect("unable to write results to csv");
+    writer.flush().expect("wasn't able to flush");
+  }
+}

benches/snark.rs

@@ -1,13 +1,9 @@
-#![allow(clippy::assertions_on_result_states)]
 extern crate libspartan;
 extern crate merlin;
 
 use libspartan::{
-  parameters::poseidon_params,
-  poseidon_transcript::{self, PoseidonTranscript},
-  Instance, SNARKGens, SNARK,
+  parameters::poseidon_params, poseidon_transcript::PoseidonTranscript, Instance, SNARKGens, SNARK,
 };
-use merlin::Transcript;
 
 use criterion::*;
 
@@ -133,7 +129,7 @@ fn set_duration() -> Criterion {
 criterion_group! {
 name = benches_snark;
 config = set_duration();
-targets = snark_encode_benchmark, snark_prove_benchmark, snark_verify_benchmark
+targets =  snark_verify_benchmark
 }
 
 criterion_main!(benches_snark);