Merge branch 'master' into linear-acvm

noir-lang · Jul 5, 2023 · fefa4fb · fefa4fb
2 parents 48d963f + f1c7940
commit fefa4fb
Show file tree

Hide file tree

Showing 9 changed files with 59 additions and 55 deletions.
diff --git a/acir/src/circuit/black_box_functions.rs b/acir/src/circuit/black_box_functions.rs
@@ -22,7 +22,12 @@ pub enum BlackBoxFunc {
     SHA256,
     /// Calculates the Blake2s hash of the inputs.
     Blake2s,
-    /// Verifies a Schnorr signature over the embedded curve.
+    /// Verifies a Schnorr signature over a curve which is "pairing friendly" with the curve on which the ACIR circuit is defined.
+    ///
+    /// The exact curve which this signature uses will vary based on the curve being used by ACIR.
+    /// For example, the BN254 curve supports Schnorr signatures over the [Grumpkin][grumpkin] curve.
+    ///
+    /// [grumpkin]: https://hackmd.io/@aztec-network/ByzgNxBfd#2-Grumpkin---A-curve-on-top-of-BN-254-for-SNARK-efficient-group-operations
     SchnorrVerify,
     /// Calculates a Pedersen commitment to the inputs.
     Pedersen,

diff --git a/acir/src/circuit/opcodes/black_box_function_call.rs b/acir/src/circuit/opcodes/black_box_function_call.rs
@@ -42,8 +42,7 @@ pub enum BlackBoxFuncCall {
     SchnorrVerify {
         public_key_x: FunctionInput,
         public_key_y: FunctionInput,
-        signature_s: FunctionInput,
-        signature_e: FunctionInput,
+        signature: Vec<FunctionInput>,
         message: Vec<FunctionInput>,
         output: Witness,
     },
@@ -126,8 +125,7 @@ impl BlackBoxFuncCall {
             BlackBoxFunc::SchnorrVerify => BlackBoxFuncCall::SchnorrVerify {
                 public_key_x: FunctionInput::dummy(),
                 public_key_y: FunctionInput::dummy(),
-                signature_s: FunctionInput::dummy(),
-                signature_e: FunctionInput::dummy(),
+                signature: vec![],
                 message: vec![],
                 output: Witness(0),
             },
@@ -201,16 +199,14 @@ impl BlackBoxFuncCall {
             BlackBoxFuncCall::SchnorrVerify {
                 public_key_x,
                 public_key_y,
-                signature_s,
-                signature_e,
+                signature,
                 message,
                 ..
             } => {
-                let mut inputs = Vec::with_capacity(4 + message.len());
+                let mut inputs = Vec::with_capacity(2 + signature.len() + message.len());
                 inputs.push(*public_key_x);
                 inputs.push(*public_key_y);
-                inputs.push(*signature_s);
-                inputs.push(*signature_e);
+                inputs.extend(signature.iter().copied());
                 inputs.extend(message.iter().copied());
                 inputs
             }

diff --git a/acvm/src/lib.rs b/acvm/src/lib.rs
@@ -20,7 +20,7 @@ pub use acir::FieldElement;
 
 /// Supported NP complete languages
 /// This might need to be in ACIR instead
-#[derive(Debug, Clone)]
+#[derive(Debug, Clone, Copy)]
 pub enum Language {
     R1CS,
     PLONKCSat { width: usize },
@@ -76,8 +76,7 @@ pub trait BlackBoxFunctionSolver {
         &self,
         public_key_x: &FieldElement,
         public_key_y: &FieldElement,
-        signature_s: &FieldElement,
-        signature_e: &FieldElement,
+        signature: &[u8],
         message: &[u8],
     ) -> Result<bool, OpcodeResolutionError>;
     fn pedersen(

diff --git a/acvm/src/pwg/blackbox/mod.rs b/acvm/src/pwg/blackbox/mod.rs
@@ -101,17 +101,15 @@ pub(crate) fn solve(
         BlackBoxFuncCall::SchnorrVerify {
             public_key_x,
             public_key_y,
-            signature_s,
-            signature_e,
+            signature,
             message,
             output,
         } => schnorr_verify(
             backend,
             initial_witness,
             *public_key_x,
             *public_key_y,
-            *signature_s,
-            *signature_e,
+            signature,
             message,
             *output,
         ),

diff --git a/acvm/src/pwg/blackbox/signature/schnorr.rs b/acvm/src/pwg/blackbox/signature/schnorr.rs
@@ -17,21 +17,19 @@ pub(crate) fn schnorr_verify(
     initial_witness: &mut WitnessMap,
     public_key_x: FunctionInput,
     public_key_y: FunctionInput,
-    signature_s: FunctionInput,
-    signature_e: FunctionInput,
+    signature: &[FunctionInput],
     message: &[FunctionInput],
     output: Witness,
 ) -> Result<OpcodeResolution, OpcodeResolutionError> {
     let public_key_x: &FieldElement = witness_to_value(initial_witness, public_key_x.witness)?;
     let public_key_y: &FieldElement = witness_to_value(initial_witness, public_key_y.witness)?;
 
-    let signature_s: &FieldElement = witness_to_value(initial_witness, signature_s.witness)?;
-    let signature_e: &FieldElement = witness_to_value(initial_witness, signature_e.witness)?;
+    let signature = to_u8_vec(initial_witness, signature)?;
 
     let message = to_u8_vec(initial_witness, message)?;
 
     let valid_signature =
-        backend.schnorr_verify(public_key_x, public_key_y, signature_s, signature_e, &message)?;
+        backend.schnorr_verify(public_key_x, public_key_y, &signature, &message)?;
 
     insert_value(&output, FieldElement::from(valid_signature), initial_witness)?;
 

diff --git a/acvm/tests/solver.rs b/acvm/tests/solver.rs
@@ -23,8 +23,7 @@ impl BlackBoxFunctionSolver for StubbedBackend {
         &self,
         _public_key_x: &FieldElement,
         _public_key_y: &FieldElement,
-        _signature_s: &FieldElement,
-        _signature_e: &FieldElement,
+        _signature: &[u8],
         _message: &[u8],
     ) -> Result<bool, OpcodeResolutionError> {
         panic!("Path not trodden by this test")

diff --git a/brillig_vm/src/foreign_call.rs b/brillig_vm/src/foreign_call.rs
@@ -0,0 +1,36 @@
+use crate::value::Value;
+use serde::{Deserialize, Serialize};
+
+/// Single output of a [foreign call][crate::Opcode::ForeignCall].
+#[derive(Debug, PartialEq, Eq, Serialize, Deserialize, Clone)]
+pub enum ForeignCallOutput {
+    Single(Value),
+    Array(Vec<Value>),
+}
+
+/// Represents the full output of a [foreign call][crate::Opcode::ForeignCall].
+///
+/// See [`VMStatus::ForeignCallWait`][crate::VMStatus::ForeignCallWait] for more information.
+#[derive(Debug, PartialEq, Eq, Serialize, Deserialize, Clone)]
+pub struct ForeignCallResult {
+    /// Resolved output values of the foreign call.
+    pub values: Vec<ForeignCallOutput>,
+}
+
+impl From<Value> for ForeignCallResult {
+    fn from(value: Value) -> Self {
+        ForeignCallResult { values: vec![ForeignCallOutput::Single(value)] }
+    }
+}
+
+impl From<Vec<Value>> for ForeignCallResult {
+    fn from(values: Vec<Value>) -> Self {
+        ForeignCallResult { values: vec![ForeignCallOutput::Array(values)] }
+    }
+}
+
+impl From<Vec<ForeignCallOutput>> for ForeignCallResult {
+    fn from(values: Vec<ForeignCallOutput>) -> Self {
+        ForeignCallResult { values }
+    }
+}
diff --git a/brillig_vm/src/lib.rs b/brillig_vm/src/lib.rs
@@ -10,17 +10,18 @@
 //! [acvm]: https://crates.io/crates/acvm
 
 mod black_box;
+mod foreign_call;
 mod memory;
 mod opcodes;
 mod registers;
 mod value;
 
 pub use black_box::BlackBoxOp;
+pub use foreign_call::{ForeignCallOutput, ForeignCallResult};
 pub use memory::Memory;
 pub use opcodes::{BinaryFieldOp, BinaryIntOp, HeapArray, HeapVector, RegisterOrMemory};
 pub use opcodes::{Label, Opcode};
 pub use registers::{RegisterIndex, Registers};
-use serde::{Deserialize, Serialize};
 pub use value::Typ;
 pub use value::Value;
 
@@ -46,34 +47,6 @@ pub enum VMStatus {
     },
 }
 
-/// Single output of a [foreign call][Opcode::ForeignCall].
-#[derive(Debug, PartialEq, Eq, Serialize, Deserialize, Clone)]
-pub enum ForeignCallOutput {
-    Single(Value),
-    Array(Vec<Value>),
-}
-
-/// Represents the full output of a [foreign call][Opcode::ForeignCall].
-///
-/// See [`VMStatus::ForeignCallWait`] for more information.
-#[derive(Debug, PartialEq, Eq, Serialize, Deserialize, Clone)]
-pub struct ForeignCallResult {
-    /// Resolved output values of the foreign call.
-    pub values: Vec<ForeignCallOutput>,
-}
-
-impl From<Value> for ForeignCallResult {
-    fn from(value: Value) -> Self {
-        ForeignCallResult { values: vec![ForeignCallOutput::Single(value)] }
-    }
-}
-
-impl From<Vec<Value>> for ForeignCallResult {
-    fn from(values: Vec<Value>) -> Self {
-        ForeignCallResult { values: vec![ForeignCallOutput::Array(values)] }
-    }
-}
-
 #[derive(Debug, PartialEq, Eq, Clone)]
 /// VM encapsulates the state of the Brillig VM during execution.
 pub struct VM {
@@ -213,8 +186,7 @@ impl VM {
                     return self.wait_for_foreign_call(function.clone(), resolved_inputs);
                 }
 
-                let ForeignCallResult { values } =
-                    &self.foreign_call_results[self.foreign_call_counter];
+                let values = &self.foreign_call_results[self.foreign_call_counter].values;
 
                 let mut invalid_foreign_call_result = false;
                 for (destination, output) in destinations.iter().zip(values) {

diff --git a/cspell.json b/cspell.json
@@ -21,6 +21,7 @@
         "endianness",
         "euclidian",
         "funcs",
+        "grumpkin",
         "hasher",
         "keccak",
         "Merkle",