✅ Add BitDecomposition circuit and test

Yoii-Inc · Apr 2, 2024 · 7f9f917 · 7f9f917
1 parent c122490
commit 7f9f917
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 1 deletion.
diff --git a/src/circuits.rs b/src/circuits.rs
@@ -6,3 +6,5 @@ pub mod werewolf;
 pub use werewolf::*;
 pub mod equality_zero;
 pub use equality_zero::*;
+pub mod bit_decomposition;
+pub use bit_decomposition::*;
diff --git a/src/circuits/bit_decomposition.rs b/src/circuits/bit_decomposition.rs
@@ -0,0 +1,43 @@
+use ark_ff::PrimeField;
+use ark_r1cs_std::{
+    alloc::AllocVar,
+    boolean::Boolean,
+    eq::EqGadget,
+    fields::{fp::FpVar, FieldVar},
+    ToBitsGadget,
+};
+use ark_relations::r1cs::{ConstraintSynthesizer, ConstraintSystemRef, SynthesisError};
+use mpc_algebra::{
+    malicious_majority::MpcField, MpcBoolean, MpcEqGadget, MpcFpVar, MpcToBitsGadget,
+};
+
+type Fr = ark_bls12_377::Fr;
+type MFr = MpcField<Fr>;
+
+pub struct BitDecompositionCircuit<F: PrimeField> {
+    pub a: F,
+}
+
+impl ConstraintSynthesizer<MFr> for BitDecompositionCircuit<MFr> {
+    fn generate_constraints(self, cs: ConstraintSystemRef<MFr>) -> Result<(), SynthesisError> {
+        let a_var = MpcFpVar::new_witness(cs.clone(), || Ok(self.a))?;
+
+        let bits = a_var.to_bits_le()?;
+
+        // a_var.is_zero()?.enforce_equal(&MpcBoolean::TRUE)?;
+
+        Ok(())
+    }
+}
+
+impl ConstraintSynthesizer<Fr> for BitDecompositionCircuit<Fr> {
+    fn generate_constraints(self, cs: ConstraintSystemRef<Fr>) -> Result<(), SynthesisError> {
+        let a_var = FpVar::new_witness(cs.clone(), || Ok(self.a))?;
+
+        // a_var.is_zero()?.enforce_equal(&Boolean::TRUE)?;
+
+        let bits = a_var.to_bits_le()?;
+
+        Ok(())
+    }
+}
diff --git a/src/marlin.rs b/src/marlin.rs
@@ -15,7 +15,10 @@ use mpc_net::{MpcMultiNet, MpcNet};
 use ark_std::{One, Zero};
 
 use crate::{
-    circuits::{circuit::MyCircuit, EqualityZeroCircuit, LocalOrMPC, PedersenComCircuit},
+    circuits::{
+        circuit::MyCircuit, BitDecompositionCircuit, EqualityZeroCircuit, LocalOrMPC,
+        PedersenComCircuit,
+    },
     input::{MpcInputTrait, SampleMpcInput},
 };
 
@@ -302,3 +305,24 @@ pub fn test_equality_zero(n_iters: usize) {
         assert!(!is_not_valid);
     }
 }
+
+pub fn test_bit_decomposition(n_iters: usize) {
+    let rng = &mut test_rng();
+
+    let srs = LocalMarlin::universal_setup(10000, 50, 100, rng).unwrap();
+
+    let local_circuit = BitDecompositionCircuit { a: Fr::zero() };
+
+    let (index_pk, index_vk) = LocalMarlin::index(&srs, local_circuit).unwrap();
+    let mpc_index_pk = IndexProverKey::from_public(index_pk);
+
+    for _ in 0..n_iters {
+        let mpc_circuit = BitDecompositionCircuit { a: MFr::rand(rng) };
+
+        let mpc_proof = MpcMarlin::prove(&mpc_index_pk, mpc_circuit, rng).unwrap();
+        let proof = pf_publicize(mpc_proof);
+
+        let is_valid = LocalMarlin::verify(&index_vk, &[], &proof, rng).unwrap();
+        assert!(is_valid);
+    }
+}