feat!: Add big int opcodes (without implementation) (#4050)

Adds the biginteger opcode skeleton #4040 The PR adds ACIR opcodes for bigint operations. It does not provide any implantation of the opcodes, neither in BB, in the solver or in Brillig. --------- Co-authored-by: kevaundray <[email protected]>
noir-lang · Jan 24, 2024 · 7dba0a1 · 7dba0a1
1 parent 602f23f
commit 7dba0a1
Show file tree

Hide file tree

Showing 11 changed files with 1,040 additions and 19 deletions.
diff --git a/acvm-repo/acir/codegen/acir.cpp b/acvm-repo/acir/codegen/acir.cpp
diff --git a/acvm-repo/acir/src/circuit/black_box_functions.rs b/acvm-repo/acir/src/circuit/black_box_functions.rs
@@ -49,6 +49,18 @@ pub enum BlackBoxFunc {
     EmbeddedCurveAdd,
     /// Point doubling over the embedded curve on which [`FieldElement`][acir_field::FieldElement] is defined.
     EmbeddedCurveDouble,
+    /// BigInt addition
+    BigIntAdd,
+    /// BigInt subtraction
+    BigIntNeg,
+    /// BigInt multiplication
+    BigIntMul,
+    /// BigInt division
+    BigIntDiv,
+    /// BigInt from le bytes
+    BigIntFromLeBytes,
+    /// BigInt to le bytes
+    BigIntToLeBytes,
 }
 
 impl std::fmt::Display for BlackBoxFunc {
@@ -77,8 +89,15 @@ impl BlackBoxFunc {
             BlackBoxFunc::Keccakf1600 => "keccakf1600",
             BlackBoxFunc::RecursiveAggregation => "recursive_aggregation",
             BlackBoxFunc::EcdsaSecp256r1 => "ecdsa_secp256r1",
+            BlackBoxFunc::BigIntAdd => "bigint_add",
+            BlackBoxFunc::BigIntNeg => "bigint_neg",
+            BlackBoxFunc::BigIntMul => "bigint_mul",
+            BlackBoxFunc::BigIntDiv => "bigint_div",
+            BlackBoxFunc::BigIntFromLeBytes => "bigint_from_le_bytes",
+            BlackBoxFunc::BigIntToLeBytes => "bigint_to_le_bytes",
         }
     }
+
     pub fn lookup(op_name: &str) -> Option<BlackBoxFunc> {
         match op_name {
             "sha256" => Some(BlackBoxFunc::SHA256),
@@ -98,6 +117,12 @@ impl BlackBoxFunc {
             "keccak256" => Some(BlackBoxFunc::Keccak256),
             "keccakf1600" => Some(BlackBoxFunc::Keccakf1600),
             "recursive_aggregation" => Some(BlackBoxFunc::RecursiveAggregation),
+            "bigint_add" => Some(BlackBoxFunc::BigIntAdd),
+            "bigint_neg" => Some(BlackBoxFunc::BigIntNeg),
+            "bigint_mul" => Some(BlackBoxFunc::BigIntMul),
+            "bigint_div" => Some(BlackBoxFunc::BigIntDiv),
+            "bigint_from_le_bytes" => Some(BlackBoxFunc::BigIntFromLeBytes),
+            "bigint_to_le_bytes" => Some(BlackBoxFunc::BigIntToLeBytes),
             _ => None,
         }
     }

diff --git a/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs b/acvm-repo/acir/src/circuit/opcodes/black_box_function_call.rs
@@ -120,6 +120,35 @@ pub enum BlackBoxFuncCall {
         /// key provided to the circuit matches the key produced by the circuit creator
         key_hash: FunctionInput,
     },
+    BigIntAdd {
+        lhs: u32,
+        rhs: u32,
+        output: u32,
+    },
+    BigIntNeg {
+        lhs: u32,
+        rhs: u32,
+        output: u32,
+    },
+    BigIntMul {
+        lhs: u32,
+        rhs: u32,
+        output: u32,
+    },
+    BigIntDiv {
+        lhs: u32,
+        rhs: u32,
+        output: u32,
+    },
+    BigIntFromLeBytes {
+        inputs: Vec<FunctionInput>,
+        modulus: Vec<u8>,
+        output: u32,
+    },
+    BigIntToLeBytes {
+        input: u32,
+        outputs: Vec<Witness>,
+    },
 }
 
 impl BlackBoxFuncCall {
@@ -143,6 +172,12 @@ impl BlackBoxFuncCall {
             BlackBoxFuncCall::Keccak256VariableLength { .. } => BlackBoxFunc::Keccak256,
             BlackBoxFuncCall::Keccakf1600 { .. } => BlackBoxFunc::Keccakf1600,
             BlackBoxFuncCall::RecursiveAggregation { .. } => BlackBoxFunc::RecursiveAggregation,
+            BlackBoxFuncCall::BigIntAdd { .. } => BlackBoxFunc::BigIntAdd,
+            BlackBoxFuncCall::BigIntNeg { .. } => BlackBoxFunc::BigIntNeg,
+            BlackBoxFuncCall::BigIntMul { .. } => BlackBoxFunc::BigIntMul,
+            BlackBoxFuncCall::BigIntDiv { .. } => BlackBoxFunc::BigIntDiv,
+            BlackBoxFuncCall::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes,
+            &BlackBoxFuncCall::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes,
         }
     }
 
@@ -158,10 +193,16 @@ impl BlackBoxFuncCall {
             | BlackBoxFuncCall::Keccak256 { inputs, .. }
             | BlackBoxFuncCall::Keccakf1600 { inputs, .. }
             | BlackBoxFuncCall::PedersenCommitment { inputs, .. }
-            | BlackBoxFuncCall::PedersenHash { inputs, .. } => inputs.to_vec(),
+            | BlackBoxFuncCall::PedersenHash { inputs, .. }
+            | BlackBoxFuncCall::BigIntFromLeBytes { inputs, .. } => inputs.to_vec(),
             BlackBoxFuncCall::AND { lhs, rhs, .. } | BlackBoxFuncCall::XOR { lhs, rhs, .. } => {
                 vec![*lhs, *rhs]
             }
+            BlackBoxFuncCall::BigIntAdd { .. }
+            | BlackBoxFuncCall::BigIntNeg { .. }
+            | BlackBoxFuncCall::BigIntMul { .. }
+            | BlackBoxFuncCall::BigIntDiv { .. }
+            | BlackBoxFuncCall::BigIntToLeBytes { .. } => Vec::new(),
             BlackBoxFuncCall::FixedBaseScalarMul { low, high, .. } => vec![*low, *high],
             BlackBoxFuncCall::EmbeddedCurveAdd {
                 input1_x, input1_y, input2_x, input2_y, ..
@@ -249,7 +290,8 @@ impl BlackBoxFuncCall {
             | BlackBoxFuncCall::Blake2s { outputs, .. }
             | BlackBoxFuncCall::Blake3 { outputs, .. }
             | BlackBoxFuncCall::Keccak256 { outputs, .. }
-            | BlackBoxFuncCall::Keccakf1600 { outputs, .. } => outputs.to_vec(),
+            | BlackBoxFuncCall::Keccakf1600 { outputs, .. }
+            | BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } => outputs.to_vec(),
             BlackBoxFuncCall::AND { output, .. }
             | BlackBoxFuncCall::XOR { output, .. }
             | BlackBoxFuncCall::SchnorrVerify { output, .. }
@@ -260,10 +302,16 @@ impl BlackBoxFuncCall {
             | BlackBoxFuncCall::PedersenCommitment { outputs, .. }
             | BlackBoxFuncCall::EmbeddedCurveAdd { outputs, .. }
             | BlackBoxFuncCall::EmbeddedCurveDouble { outputs, .. } => vec![outputs.0, outputs.1],
-            BlackBoxFuncCall::RANGE { .. } | BlackBoxFuncCall::RecursiveAggregation { .. } => {
+            BlackBoxFuncCall::RANGE { .. }
+            | BlackBoxFuncCall::RecursiveAggregation { .. }
+            | BlackBoxFuncCall::BigIntFromLeBytes { .. }
+            | BlackBoxFuncCall::BigIntAdd { .. }
+            | BlackBoxFuncCall::BigIntNeg { .. }
+            | BlackBoxFuncCall::BigIntMul { .. }
+            | BlackBoxFuncCall::BigIntDiv { .. } => {
                 vec![]
             }
-            BlackBoxFuncCall::Keccak256VariableLength { outputs, .. } => outputs.to_vec(),
+            BlackBoxFuncCall::BigIntToLeBytes { outputs, .. } => outputs.to_vec(),
         }
     }
 }

diff --git a/acvm-repo/acvm/src/compiler/transformers/mod.rs b/acvm-repo/acvm/src/compiler/transformers/mod.rs
@@ -105,7 +105,12 @@ pub(super) fn transform_internal(
                         transformer.mark_solvable(*output);
                     }
                     acir::circuit::opcodes::BlackBoxFuncCall::RANGE { .. }
-                    | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { .. } => (),
+                    | acir::circuit::opcodes::BlackBoxFuncCall::RecursiveAggregation { .. }
+                    | acir::circuit::opcodes::BlackBoxFuncCall::BigIntFromLeBytes { .. }
+                    | acir::circuit::opcodes::BlackBoxFuncCall::BigIntAdd { .. }
+                    | acir::circuit::opcodes::BlackBoxFuncCall::BigIntNeg { .. }
+                    | acir::circuit::opcodes::BlackBoxFuncCall::BigIntMul { .. }
+                    | acir::circuit::opcodes::BlackBoxFuncCall::BigIntDiv { .. } => (),
                     acir::circuit::opcodes::BlackBoxFuncCall::SHA256 { outputs, .. }
                     | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256 { outputs, .. }
                     | acir::circuit::opcodes::BlackBoxFuncCall::Keccak256VariableLength {
@@ -114,7 +119,10 @@ pub(super) fn transform_internal(
                     }
                     | acir::circuit::opcodes::BlackBoxFuncCall::Keccakf1600 { outputs, .. }
                     | acir::circuit::opcodes::BlackBoxFuncCall::Blake2s { outputs, .. }
-                    | acir::circuit::opcodes::BlackBoxFuncCall::Blake3 { outputs, .. } => {
+                    | acir::circuit::opcodes::BlackBoxFuncCall::Blake3 { outputs, .. }
+                    | acir::circuit::opcodes::BlackBoxFuncCall::BigIntToLeBytes {
+                        outputs, ..
+                    } => {
                         for witness in outputs {
                             transformer.mark_solvable(*witness);
                         }

diff --git a/acvm-repo/acvm/src/pwg/blackbox/mod.rs b/acvm-repo/acvm/src/pwg/blackbox/mod.rs
@@ -185,5 +185,11 @@ pub(crate) fn solve(
         }
         // Recursive aggregation will be entirely handled by the backend and is not solved by the ACVM
         BlackBoxFuncCall::RecursiveAggregation { .. } => Ok(()),
+        BlackBoxFuncCall::BigIntAdd { .. } => todo!(),
+        BlackBoxFuncCall::BigIntNeg { .. } => todo!(),
+        BlackBoxFuncCall::BigIntMul { .. } => todo!(),
+        BlackBoxFuncCall::BigIntDiv { .. } => todo!(),
+        BlackBoxFuncCall::BigIntFromLeBytes { .. } => todo!(),
+        BlackBoxFuncCall::BigIntToLeBytes { .. } => todo!(),
     }
 }
diff --git a/acvm-repo/brillig/src/black_box.rs b/acvm-repo/brillig/src/black_box.rs
@@ -6,15 +6,30 @@ use serde::{Deserialize, Serialize};
 #[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
 pub enum BlackBoxOp {
     /// Calculates the SHA256 hash of the inputs.
-    Sha256 { message: HeapVector, output: HeapArray },
+    Sha256 {
+        message: HeapVector,
+        output: HeapArray,
+    },
     /// Calculates the Blake2s hash of the inputs.
-    Blake2s { message: HeapVector, output: HeapArray },
+    Blake2s {
+        message: HeapVector,
+        output: HeapArray,
+    },
     /// Calculates the Blake3 hash of the inputs.
-    Blake3 { message: HeapVector, output: HeapArray },
+    Blake3 {
+        message: HeapVector,
+        output: HeapArray,
+    },
     /// Calculates the Keccak256 hash of the inputs.
-    Keccak256 { message: HeapVector, output: HeapArray },
+    Keccak256 {
+        message: HeapVector,
+        output: HeapArray,
+    },
     /// Keccak Permutation function of 1600 width
-    Keccakf1600 { message: HeapVector, output: HeapArray },
+    Keccakf1600 {
+        message: HeapVector,
+        output: HeapArray,
+    },
     /// Verifies a ECDSA signature over the secp256k1 curve.
     EcdsaSecp256k1 {
         hashed_msg: HeapVector,
@@ -40,11 +55,23 @@ pub enum BlackBoxOp {
         result: RegisterIndex,
     },
     /// Calculates a Pedersen commitment to the inputs.
-    PedersenCommitment { inputs: HeapVector, domain_separator: RegisterIndex, output: HeapArray },
+    PedersenCommitment {
+        inputs: HeapVector,
+        domain_separator: RegisterIndex,
+        output: HeapArray,
+    },
     /// Calculates a Pedersen hash to the inputs.
-    PedersenHash { inputs: HeapVector, domain_separator: RegisterIndex, output: RegisterIndex },
+    PedersenHash {
+        inputs: HeapVector,
+        domain_separator: RegisterIndex,
+        output: RegisterIndex,
+    },
     /// Performs scalar multiplication over the embedded curve.
-    FixedBaseScalarMul { low: RegisterIndex, high: RegisterIndex, result: HeapArray },
+    FixedBaseScalarMul {
+        low: RegisterIndex,
+        high: RegisterIndex,
+        result: HeapArray,
+    },
     /// Performs addition over the embedded curve.
     EmbeddedCurveAdd {
         input1_x: RegisterIndex,
@@ -54,5 +81,39 @@ pub enum BlackBoxOp {
         result: HeapArray,
     },
     /// Performs point doubling over the embedded curve.
-    EmbeddedCurveDouble { input1_x: RegisterIndex, input1_y: RegisterIndex, result: HeapArray },
+    EmbeddedCurveDouble {
+        input1_x: RegisterIndex,
+        input1_y: RegisterIndex,
+        result: HeapArray,
+    },
+
+    BigIntAdd {
+        lhs: RegisterIndex,
+        rhs: RegisterIndex,
+        output: RegisterIndex,
+    },
+    BigIntNeg {
+        lhs: RegisterIndex,
+        rhs: RegisterIndex,
+        output: RegisterIndex,
+    },
+    BigIntMul {
+        lhs: RegisterIndex,
+        rhs: RegisterIndex,
+        output: RegisterIndex,
+    },
+    BigIntDiv {
+        lhs: RegisterIndex,
+        rhs: RegisterIndex,
+        output: RegisterIndex,
+    },
+    BigIntFromLeBytes {
+        inputs: HeapVector,
+        modulus: HeapVector,
+        output: RegisterIndex,
+    },
+    BigIntToLeBytes {
+        input: RegisterIndex,
+        output: HeapVector,
+    },
 }
diff --git a/acvm-repo/brillig_vm/src/black_box.rs b/acvm-repo/brillig_vm/src/black_box.rs
@@ -200,6 +200,12 @@ pub(crate) fn evaluate_black_box<Solver: BlackBoxFunctionSolver>(
             registers.set(*output, hash.into());
             Ok(())
         }
+        BlackBoxOp::BigIntAdd { .. } => todo!(),
+        BlackBoxOp::BigIntNeg { .. } => todo!(),
+        BlackBoxOp::BigIntMul { .. } => todo!(),
+        BlackBoxOp::BigIntDiv { .. } => todo!(),
+        BlackBoxOp::BigIntFromLeBytes { .. } => todo!(),
+        BlackBoxOp::BigIntToLeBytes { .. } => todo!(),
     }
 }
 
@@ -218,6 +224,12 @@ fn black_box_function_from_op(op: &BlackBoxOp) -> BlackBoxFunc {
         BlackBoxOp::FixedBaseScalarMul { .. } => BlackBoxFunc::FixedBaseScalarMul,
         BlackBoxOp::EmbeddedCurveAdd { .. } => BlackBoxFunc::EmbeddedCurveAdd,
         BlackBoxOp::EmbeddedCurveDouble { .. } => BlackBoxFunc::EmbeddedCurveDouble,
+        BlackBoxOp::BigIntAdd { .. } => BlackBoxFunc::BigIntAdd,
+        BlackBoxOp::BigIntNeg { .. } => BlackBoxFunc::BigIntNeg,
+        BlackBoxOp::BigIntMul { .. } => BlackBoxFunc::BigIntMul,
+        BlackBoxOp::BigIntDiv { .. } => BlackBoxFunc::BigIntDiv,
+        BlackBoxOp::BigIntFromLeBytes { .. } => BlackBoxFunc::BigIntFromLeBytes,
+        BlackBoxOp::BigIntToLeBytes { .. } => BlackBoxFunc::BigIntToLeBytes,
     }
 }