[word lo/hi] pi circuit replace rand/rlc by keccak hash #1345

hero78119 · 2023-03-30T15:02:18Z

Description

replace rand/rlc by pure keccak hashing

Issue Link

Type of change

Breaking change (fix or feature that would cause existing functionality to not work as expected)

Rationale

[design decisions and extended information]

How Has This Been Tested?

[explanation]

ed255

First pass review. I think that there are many subtleties in this design, I would appreciate having a python implementation of the design to analyze it better before continuing the Rust implementation.

zkevm-circuits/src/evm_circuit/param.rs

zkevm-circuits/src/super_circuit.rs

zkevm-circuits/src/pi_circuit.rs

han0110

First round reviwe, I also agree with Edu that we should use little endian for all values, which might make life easier (considering we'd need to write solidity to handle the decomposition).

zkevm-circuits/src/pi_circuit.rs

hero78119 · 2023-06-14T05:20:24Z

Updated: combined together with word-lo-hi to address #1383 so we can review together. Unitttest under pi circuit is all pass

lookup constraints pi circuit block table assignment pi circuit tx table assignment new way to get public input circuit assignment ready pi circuit pass compile fix cell un-assignment error format code and bug fix fixed copy constraints error fix existing error during unittest code cosmetics fix error due to challenge usage fix lints and code cosmetics pi circuit more test with real block data super circuit keccak dev_load rewrite gate to clearly the branch rewrite circuit in bottom up style and fix all constriants refactor timing for pi circuit keccak table load nonce/gas_limit to u64 code cosmetics increase keccak row to cover new pi input circuit skip signdata generation on non pi circuit test set max keccak row 35000 to cover new pi input circuit fix pi bytes endian in witness block fix fmt migrate to word lo/hi

hero78119 · 2023-06-20T14:32:59Z

Updated: rebase onto the latest word-lo-hi and resolved conflict

adria0 · 2023-06-28T08:24:29Z

zkevm-circuits/src/instance.rs

+    pub chain_id: Word,
+    /// History hashes contains the most recent 256 block hashes in history,
+    /// where the latest one is at history_hashes[history_hashes.len() - 1].
+    pub history_hashes: Vec<Word>,


Since this will be constant, is not better to express it as [Word;256] ?

There are other places use Vec on history_hashes therefore I think we can keep it the same. Change all of them is a bit out-of-scope and can be separate task later :)

I forget to attach the link to show many other place still use history_hashes as Vec :)
https://github.com/search?q=repo%3Aprivacy-scaling-explorations%2Fzkevm-circuits%20history_hashes%3A%20Vec%3CWord%3E%2C&type=code

adria0 · 2023-06-28T08:24:36Z

zkevm-circuits/src/instance.rs

+        let result = iter::empty()
+            .chain(0u8.to_be_bytes()) // zero byte
+            .chain(block_values.coinbase.to_fixed_bytes()) // coinbase
+            .chain(block_values.gas_limit.to_be_bytes()) // gas_limit


Spec says big endian?

(Should be little endian in specs)

Its a good catch! in specs byte is attaching in little endian, but there is an reverse during assignment to make coding easier. But in Rust, efficient is more important, so the endian in bytes is keep in big endian in first place.

I submit a pr to align specs pi circuit endian privacy-scaling-explorations/zkevm-specs#438

adria0 · 2023-06-28T08:29:28Z

zkevm-circuits/src/instance.rs

+
+        // Assign extra fields
+        let extra_vals = self.get_extra_values();
+        let result = result


I see in the specs that block hash is also added

Fixed in commit 3eaf4b7

I found it's just introduced in mock_block and merge to main branch recently 3575aab

zkevm-circuits/src/pi_circuit/test.rs

zkevm-circuits/src/pi_circuit.rs

davidnevadoc

This was quite a big change, thanks a lot for the work!!
Everything is in line with the spec so once @adria0 comments are addressed LGTM 👍

zkevm-circuits/src/pi_circuit.rs

adria0 · 2023-06-28T18:07:48Z

zkevm-circuits/src/pi_circuit.rs

+            .map(|x| x.to_vec())
+            .collect();
+
+        *current_offset = value_bytes_chunk.iter().try_fold(


I'm wondering if possible to rewrite it using for loops, I think that will help the code reader a lot

My option is use functional programming style is more self-explanation than forloop imperative style. With forloop, more intermediate variable need to be allocated. And reader need to be more attention for what each variable meaning. I think try_fold and folding/refreshing on rpi_value_lc make thing clear. So I tend to be keep current style.

(I tried few variants, still think try_fold is better)

In general, I'm more in the imperative side, mainly because I never wrote a big project in functional, so I do not have the "functional architecture mindset".

adria0 · 2023-06-28T18:14:23Z

Overall, LGTM 👍
Thanks for the hard work doing this PR!

hero78119 · 2023-06-30T04:30:12Z

All review comment are addressed! thanks for all review and will merge it now

…ivacy-scaling-explorations#1345)

hero78119 marked this pull request as draft March 30, 2023 15:02

github-actions bot added the crate-zkevm-circuits Issues related to the zkevm-circuits workspace member label Mar 30, 2023

hero78119 force-pushed the pi_revamp branch from 1585b69 to 2ad47b4 Compare April 4, 2023 15:39

hero78119 changed the title ~~WIP pi circuit revamp~~ WIP improve pi circuit: replace rand/rlc by pures hash Apr 4, 2023

hero78119 changed the title ~~WIP improve pi circuit: replace rand/rlc by pures hash~~ WIP improve pi circuit: replace rand/rlc by pure keccak hashing Apr 4, 2023

hero78119 force-pushed the pi_revamp branch from 2ad47b4 to 9209ec0 Compare April 4, 2023 15:42

hero78119 marked this pull request as ready for review April 6, 2023 04:24

hero78119 changed the title ~~WIP improve pi circuit: replace rand/rlc by pure keccak hashing~~ Improve pi circuit: replace rand/rlc by pure keccak hashing Apr 6, 2023

github-actions bot added crate-circuit-benchmarks Issues related to the circuit-benchmarks workspace member T-bench Type: benchmark improvements labels Apr 6, 2023

hero78119 force-pushed the pi_revamp branch 3 times, most recently from 0f15455 to 4d9acf0 Compare April 6, 2023 05:02

hero78119 changed the title ~~Improve pi circuit: replace rand/rlc by pure keccak hashing~~ Improve pi circuit: replace rand/rlc by keccak hashing Apr 6, 2023

hero78119 force-pushed the pi_revamp branch from 9ed1957 to 1598d6c Compare April 6, 2023 12:18

hero78119 added the T-tech-debt Type: tech-debt generated or cleaned up label Apr 6, 2023

hero78119 force-pushed the pi_revamp branch from 1598d6c to 0e2744a Compare April 10, 2023 08:54

ed255 self-requested a review April 13, 2023 11:22

hero78119 force-pushed the pi_revamp branch from 0e2744a to 6314f6a Compare April 18, 2023 07:33

ed255 reviewed Apr 19, 2023

View reviewed changes

han0110 self-requested a review April 20, 2023 06:44

han0110 reviewed Apr 20, 2023

View reviewed changes

zkevm-circuits/src/pi_circuit.rs Outdated Show resolved Hide resolved

zkevm-circuits/src/pi_circuit.rs Outdated Show resolved Hide resolved

hero78119 added this to the tech-debt-1 milestone Apr 20, 2023

hero78119 force-pushed the pi_revamp branch 3 times, most recently from b9efdb6 to 71d0e02 Compare April 21, 2023 05:18

github-actions bot added the crate-integration-tests Issues related to the integration-tests workspace member label Apr 21, 2023

hero78119 closed this Apr 23, 2023

hero78119 deleted the pi_revamp branch April 23, 2023 04:28

hero78119 restored the pi_revamp branch April 23, 2023 04:31

hero78119 changed the title ~~Improve pi circuit: replace rand/rlc by keccak hashing~~ [word lo/hi] pi circuit replace rand/rlc by keccak hash Jun 14, 2023

hero78119 force-pushed the pi_revamp branch 2 times, most recently from 1f41365 to 4c53744 Compare June 14, 2023 09:19

davidnevadoc self-requested a review June 15, 2023 16:09

ed255 linked an issue Jun 16, 2023 that may be closed by this pull request

Pi Circuit: Refactor word_rlc into word lo/hi #1383

Closed

1 task

hero78119 force-pushed the pi_revamp branch from 4c53744 to 73aac5a Compare June 20, 2023 14:32

adria0 self-requested a review June 22, 2023 13:59

ed255 modified the milestones: tech-debt-1, word-hi-lo Jun 23, 2023