Merge branch 'master' into 02-23-refactor_renamings_of_state_var_wrap…

…pers
AztecProtocol · Feb 26, 2024 · 49f72ca · 49f72ca
2 parents 5ed77a4 + 7402517
commit 49f72ca
Show file tree

Hide file tree

Showing 23 changed files with 333 additions and 95 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -1389,16 +1389,15 @@ workflows:
       # Yarn Project
       - yarn-project-base:
           requires:
-            - avm-transpiler
-            - l1-contracts
             - bb-js
             - noir-packages
-            - noir-projects
-            - boxes-files
           <<: *defaults
       - yarn-project:
           requires:
             - yarn-project-base
+            - l1-contracts
+            - noir-projects
+            - boxes-files
           <<: *defaults
       - yarn-project-prod: *defaults_yarn_project
       - yarn-project-formatting: *defaults_yarn_project

diff --git a/barretenberg/cpp/CMakePresets.json b/barretenberg/cpp/CMakePresets.json
@@ -131,6 +131,18 @@
         "FUZZING": "ON"
       }
     },
+    {
+      "name": "fuzzing-asan",
+      "displayName": "Build with fuzzing",
+      "description": "Build default preset but with fuzzing enabled",
+      "inherits": "clang16-dbg",
+      "binaryDir": "build-fuzzing",
+      "cacheVariables": {
+        "FUZZING": "ON",
+        "ENABLE_ASAN": "ON",
+        "DISABLE_ASM": "ON"
+      }
+    },
     {
       "name": "smt-verification",
       "displayName": "Build with smt verificaiton",
@@ -377,6 +389,11 @@
       "inherits": "clang16",
       "configurePreset": "fuzzing"
     },
+{
+      "name": "fuzzing-asan",
+      "inherits": "clang16-dbg",
+      "configurePreset": "fuzzing-asan"
+    },
     {
       "name": "gperftools",
       "inherits": "clang16",
@@ -501,6 +518,11 @@
       "inherits": "default",
       "configurePreset": "fuzzing"
     },
+{
+      "name": "fuzzing-asan",
+      "inherits": "clang16-dbg",
+      "configurePreset": "fuzzing-asan"
+    },
     {
       "name": "smt-verification",
       "inherits": "clang16",

diff --git a/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_translator.fuzzer.hpp b/barretenberg/cpp/src/barretenberg/proof_system/circuit_builder/goblin_translator.fuzzer.hpp
@@ -0,0 +1,84 @@
+/**
+ * @file goblin_translator.fuzzer.hpp
+ * @author Rumata888
+ * @brief Contains common procedures used by the circuit builder fuzzer and the composer fuzzer
+ * @date 2024-02-25
+ *
+ */
+#include "barretenberg/numeric/uint256/uint256.hpp"
+#include "goblin_translator_circuit_builder.hpp"
+
+using namespace bb;
+
+using Fr = curve::BN254::ScalarField;
+using Fq = curve::BN254::BaseField;
+using G1 = curve::BN254::AffineElement;
+
+/**
+ * @brief Parse raw operations for ECCOpQueue from the data stream
+ *
+ * @param data pointer to data
+ * @param size size in bytes
+ * @return std::vector<ECCOpQueue::ECCVMOperation>
+ */
+std::vector<ECCOpQueue::ECCVMOperation> parse_operations(const unsigned char* data, size_t size)
+{
+    std::vector<ECCOpQueue::ECCVMOperation> raw_ops;
+
+    size_t size_left = size;
+    // Just iterate and parse until there's no data left
+    while (size_left >= sizeof(ECCOpQueue::ECCVMOperation)) {
+        raw_ops.emplace_back((ECCOpQueue::ECCVMOperation*)(data + (size - size_left)));
+        size_left -= sizeof(ECCOpQueue::ECCVMOperation);
+    }
+    return raw_ops;
+}
+
+/**
+ * @brief Try to parse out the batching and evaluating challenges and then the ECCOpQUeue from the data
+ *
+ * @param data pointer to the buffer
+ * @param size size of the buffer
+ * @return std::optional<std::tuple<Fq, Fq, std::shared_ptr<ECCOpQueue>>>
+ */
+std::optional<std::tuple<Fq, Fq, std::shared_ptr<ECCOpQueue>>> parse_and_construct_opqueue(const unsigned char* data,
+                                                                                           size_t size)
+{
+    std::vector<ECCOpQueue::ECCVMOperation> raw_ops;
+
+    // Try to parse batching challenge
+    size_t size_left = size;
+    if (size_left < sizeof(uint256_t)) {
+        return {};
+    }
+    const auto batching_challenge = Fq(*((uint256_t*)data));
+
+    // Try to parse evaluation challenge
+    size_left -= sizeof(uint256_t);
+    if (size_left < sizeof(uint256_t)) {
+        return {};
+    }
+    const auto x = Fq(*((uint256_t*)data));
+    if (x.is_zero()) {
+        return {};
+    }
+    size_left -= sizeof(uint256_t);
+
+    // Try to parse operations
+    raw_ops = parse_operations(data + (size - size_left), size_left);
+    if (raw_ops.empty()) {
+        return {};
+    }
+
+    // Add a padding element to avoid non-zero commitments
+    const auto p_x = uint256_t(0xd3c208c16d87cfd3, 0xd97816a916871ca8, 0x9b85045b68181585, 0x30644e72e131a02);
+    const auto p_y = uint256_t(0x3ce1cc9c7e645a83, 0x2edac647851e3ac5, 0xd0cbe61fced2bc53, 0x1a76dae6d3272396);
+    auto padding_element = G1(p_x, p_y);
+    auto padding_scalar = -Fr::one();
+    auto ecc_op_queue = std::make_shared<ECCOpQueue>();
+    ecc_op_queue->raw_ops = raw_ops;
+    ecc_op_queue->mul_accumulate(padding_element, padding_scalar);
+
+    // Create circuit builder and feed the queue inside
+    return std::make_tuple(batching_challenge, x, ecc_op_queue);
+}
diff --git a/...rc/barretenberg/proof_system/circuit_builder/goblin_translator_circuit_builder.fuzzer.cpp b/...rc/barretenberg/proof_system/circuit_builder/goblin_translator_circuit_builder.fuzzer.cpp
@@ -0,0 +1,46 @@
+#include "barretenberg/proof_system/circuit_builder/goblin_translator.fuzzer.hpp"
+/**
+ * @brief A very primitive fuzzing harness, no interesting mutations, just parse and throw at the circuit builder
+ *
+ */
+extern "C" int LLVMFuzzerTestOneInput(const unsigned char* data, size_t size)
+{
+    // Parse the queue and challenges
+    // TODO(Rumata888): composer generates the initial challenge through FS, so we have to do that, too
+    auto parsing_result = parse_and_construct_opqueue(data, size);
+    if (!parsing_result.has_value()) {
+        return 0;
+    }
+    auto [batching_challenge, x, op_queue] = parsing_result.value();
+    // Construct the circuit
+    auto circuit_builder = GoblinTranslatorCircuitBuilder(batching_challenge, x, op_queue);
+
+    Fq x_inv = x.invert();
+    auto op_accumulator = Fq(0);
+    auto p_x_accumulator = Fq(0);
+    auto p_y_accumulator = Fq(0);
+    auto z_1_accumulator = Fq(0);
+    auto z_2_accumulator = Fq(0);
+    // Compute the batched evaluation of polynomials (multiplying by inverse to go from lower to higher)
+    for (auto& ecc_op : op_queue->raw_ops) {
+        op_accumulator = op_accumulator * x_inv + ecc_op.get_opcode_value();
+        p_x_accumulator = p_x_accumulator * x_inv + ecc_op.base_point.x;
+        p_y_accumulator = p_y_accumulator * x_inv + ecc_op.base_point.y;
+        z_1_accumulator = z_1_accumulator * x_inv + ecc_op.z1;
+        z_2_accumulator = z_2_accumulator * x_inv + ecc_op.z2;
+    }
+    Fq x_pow = x.pow(op_queue->raw_ops.size() - 1);
+
+    // Multiply by an appropriate power of x to get rid of the inverses
+    Fq result = ((((z_2_accumulator * batching_challenge + z_1_accumulator) * batching_challenge + p_y_accumulator) *
+                      batching_challenge +
+                  p_x_accumulator) *
+                     batching_challenge +
+                 op_accumulator) *
+                x_pow;
+
+    // The data is malformed, so just call check_circuit, but ignore the output
+    circuit_builder.check_circuit();
+    (void)result;
+    return 0;
+}
diff --git a/barretenberg/cpp/src/barretenberg/translator_vm/goblin_translator_composer.fuzzer.cpp b/barretenberg/cpp/src/barretenberg/translator_vm/goblin_translator_composer.fuzzer.cpp
@@ -0,0 +1,47 @@
+#include "barretenberg/translator_vm/goblin_translator_composer.hpp"
+#include "barretenberg/proof_system/circuit_builder/goblin_translator.fuzzer.hpp"
+#include "barretenberg/translator_vm/goblin_translator_prover.hpp"
+extern "C" void LLVMFuzzerInitialize(int*, char***)
+{
+    srs::init_crs_factory("../srs_db/ignition");
+}
+/**
+ * @brief A very primitive fuzzer for the composer
+ *
+ * @details Super-slow. Shouldn't be run on its own. First you need to run the circuit builder fuzzer, then minimize the
+ * corpus and then just use that corpus
+ *
+ */
+extern "C" int LLVMFuzzerTestOneInput(const unsigned char* data, size_t size)
+{
+    // Parse challenges and opqueue from data
+    auto parsing_result = parse_and_construct_opqueue(data, size);
+    if (!parsing_result.has_value()) {
+        return 0;
+    }
+    auto [batching_challenge_init, x, op_queue] = parsing_result.value();
+    auto prover_transcript = std::make_shared<bb::GoblinTranslatorFlavor::Transcript>();
+    prover_transcript->send_to_verifier("init", batching_challenge_init);
+    prover_transcript->export_proof();
+    Fq translation_batching_challenge = prover_transcript->template get_challenge<Fq>("Translation:batching_challenge");
+
+    // Construct circuit
+    auto circuit_builder = GoblinTranslatorCircuitBuilder(translation_batching_challenge, x, op_queue);
+
+    // Check that the circuit passes
+    bool checked = circuit_builder.check_circuit();
+
+    // Construct proof
+    auto composer = bb::GoblinTranslatorComposer();
+    auto prover = composer.create_prover(circuit_builder, prover_transcript);
+    auto proof = prover.construct_proof();
+
+    // Verify proof
+    auto verifier_transcript = std::make_shared<bb::GoblinTranslatorFlavor::Transcript>(prover_transcript->proof_data);
+    verifier_transcript->template receive_from_prover<Fq>("init");
+    auto verifier = composer.create_verifier(circuit_builder, verifier_transcript);
+    bool verified = verifier.verify_proof(proof);
+    (void)checked;
+    (void)verified;
+    return 0;
+}
diff --git a/boxes/.dockerignore b/boxes/.dockerignore
@@ -5,4 +5,5 @@ node_modules
 .tsbuildinfo
 Dockerfile*
 .dockerignore
-docker-compose.yml
+docker-compose.yml
+**/artifacts
diff --git a/boxes/Dockerfile b/boxes/Dockerfile
@@ -6,11 +6,12 @@ FROM 278380418400.dkr.ecr.eu-west-2.amazonaws.com/noir-projects as noir-projects
 
 # We need yarn. Start fresh container.
 FROM node:18.19.0
+RUN apt update && apt install netcat-openbsd
 COPY --from=aztec /usr/src /usr/src
 COPY --from=noir /usr/src/noir/target/release/nargo /usr/src/noir/target/release/nargo
 COPY --from=noir-projects /usr/src/noir-projects/aztec-nr /usr/src/noir-projects/aztec-nr
 WORKDIR /usr/src/boxes
 ENV AZTEC_NARGO=/usr/src/noir/target/release/nargo
 ENV AZTEC_CLI=/usr/src/yarn-project/cli/aztec-cli-dest
 RUN yarn && yarn build
-ENTRYPOINT ["yarn", "workspace"]
+ENTRYPOINT ["/bin/sh", "-c"]
diff --git a/boxes/docker-compose.yml b/boxes/docker-compose.yml
@@ -18,7 +18,11 @@ services:
 
   boxes:
     image: aztecprotocol/boxes
-    command: "@aztec/$BOX test"
+    entrypoint: >
+      sh -c '
+        while ! nc -z aztec 8080; do sleep 1; done;
+        yarn workspace @aztec/$BOX test
+      '
     environment:
       DEBUG: "aztec:*"
       DEBUG_COLORS: "true"

diff --git a/boxes/react/package.json b/boxes/react/package.json
@@ -14,7 +14,7 @@
     "serve": "serve -p 3000 ./dist",
     "formatting": "prettier --check ./src && eslint ./src",
     "formatting:fix": "prettier -w ./src",
-    "test": "yarn prep && NODE_NO_WARNINGS=1 node --experimental-vm-modules $(yarn bin jest) --runInBand"
+    "test": "NODE_NO_WARNINGS=1 node --experimental-vm-modules $(yarn bin jest) --runInBand"
   },
   "jest": {
     "preset": "ts-jest/presets/default-esm",

diff --git a/build_manifest.yml b/build_manifest.yml
@@ -135,13 +135,8 @@ yarn-project-base:
     - ^yarn-project/yarn.lock
     - ^yarn-project/.*/package.json$
   dependencies:
-    - l1-contracts
     - bb.js
-    - noir
     - noir-packages
-    - boxes-files
-    - avm-transpiler
-    - noir-projects
 
 yarn-project:
   buildDir: yarn-project
@@ -151,6 +146,9 @@ yarn-project:
     - ^yarn-project/cli/aztec-cli
   dependencies:
     - yarn-project-base
+    - l1-contracts
+    - boxes-files
+    - noir-projects
 
 yarn-project-prod:
   buildDir: yarn-project