From 9a999860adec2c1fa27d356dfa797971d1ce764e Mon Sep 17 00:00:00 2001 From: porcuquine Date: Wed, 2 Jan 2019 14:18:59 -0800 Subject: [PATCH 1/7] Silence some compiler warnings. --- filecoin-proofs/examples/encoding.rs | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/filecoin-proofs/examples/encoding.rs b/filecoin-proofs/examples/encoding.rs index f302a2263..f7733d548 100644 --- a/filecoin-proofs/examples/encoding.rs +++ b/filecoin-proofs/examples/encoding.rs @@ -23,21 +23,14 @@ use pairing::bls12_381::Bls12; use rand::{Rng, SeedableRng, XorShiftRng}; use std::fs::File; use std::io::Write; -use std::time::{Duration, Instant}; +use std::time::Instant; -use bellman::Circuit; -use sapling_crypto::jubjub::JubjubBls12; - -use storage_proofs::circuit::test::*; -use storage_proofs::circuit::zigzag::{ZigZagCircuit, ZigZagCompound}; -use storage_proofs::compound_proof::{self, CircuitComponent, CompoundProof}; use storage_proofs::drgporep; use storage_proofs::drgraph::*; use storage_proofs::example_helper::prettyb; use storage_proofs::fr32::fr_into_bytes; -use storage_proofs::hasher::{Blake2sHasher, Hasher, PedersenHasher, Sha256Hasher}; +use storage_proofs::hasher::{Hasher, PedersenHasher}; use storage_proofs::layered_drgporep; -use storage_proofs::porep::PoRep; use storage_proofs::proof::ProofScheme; use storage_proofs::vde; use storage_proofs::zigzag_drgporep::*; @@ -105,7 +98,6 @@ where let mut data = file_backed_mmap_from_random_bytes(nodes); let replica_id: H::Domain = rng.gen(); - let mut data_copy = file_backed_mmap_from(&data); let sp = layered_drgporep::SetupParams { drg_porep_setup_params: drgporep::SetupParams { @@ -128,7 +120,6 @@ where stop_profile(); let start = Instant::now(); - let mut encode_duration = Duration::new(0, 0); info!(FCP_LOG, "encoding"); From 11748cf3c0c1f4afb34d5a2e21bd16c90e635014 Mon Sep 17 00:00:00 2001 From: porcuquine Date: Wed, 2 Jan 2019 17:27:47 -0800 Subject: [PATCH 2/7] Initial scaffolding for PoRCCompound. --- storage-proofs/src/circuit/bacon_post.rs | 20 +- storage-proofs/src/circuit/hvh_post.rs | 28 +-- storage-proofs/src/circuit/porc.rs | 242 ++++++++++++++--------- storage-proofs/src/hvh_post.rs | 2 +- storage-proofs/src/porc.rs | 10 +- 5 files changed, 183 insertions(+), 119 deletions(-) diff --git a/storage-proofs/src/circuit/bacon_post.rs b/storage-proofs/src/circuit/bacon_post.rs index 379527811..42bfb3a42 100644 --- a/storage-proofs/src/circuit/bacon_post.rs +++ b/storage-proofs/src/circuit/bacon_post.rs @@ -107,12 +107,12 @@ impl<'a, E: JubjubEngine> Circuit for BaconPost<'a, E> { &mut cs.namespace(|| "hvh_post"), self.params, self.vdf_key, - &self.vdf_ys_vec[0], - &self.vdf_xs_vec[0], + self.vdf_ys_vec[0].clone(), + self.vdf_xs_vec[0].clone(), self.vdf_sloth_rounds, - &self.challenged_leafs_vec_vec[0], - &self.commitments_vec_vec[0], - &self.paths_vec_vec[0], + self.challenged_leafs_vec_vec[0].clone(), + self.commitments_vec_vec[0].clone(), + self.paths_vec_vec[0].clone(), )?; } @@ -147,12 +147,12 @@ impl<'a, E: JubjubEngine> Circuit for BaconPost<'a, E> { &mut cs.namespace(|| "hvh_post"), self.params, self.vdf_key, - &self.vdf_ys_vec[t], - &self.vdf_xs_vec[t], + self.vdf_ys_vec[t].clone(), + self.vdf_xs_vec[t].clone(), self.vdf_sloth_rounds, - &self.challenged_leafs_vec_vec[t], - &self.commitments_vec_vec[t], - &self.paths_vec_vec[t], + self.challenged_leafs_vec_vec[t].clone(), + self.commitments_vec_vec[t].clone(), + self.paths_vec_vec[t].clone(), )?; } diff --git a/storage-proofs/src/circuit/hvh_post.rs b/storage-proofs/src/circuit/hvh_post.rs index e8dae51d9..04937ca5d 100644 --- a/storage-proofs/src/circuit/hvh_post.rs +++ b/storage-proofs/src/circuit/hvh_post.rs @@ -29,12 +29,12 @@ impl<'a, E: JubjubEngine> Circuit for HvhPost<'a, E> { cs, self.params, self.vdf_key, - &self.vdf_ys, - &self.vdf_xs, + self.vdf_ys, + self.vdf_xs, self.vdf_sloth_rounds, - &self.challenged_leafs_vec, - &self.commitments_vec, - &self.paths_vec, + self.challenged_leafs_vec, + self.commitments_vec, + self.paths_vec, ) } } @@ -43,12 +43,12 @@ pub fn hvh_post>( cs: &mut CS, params: &E::Params, vdf_key: Option, - vdf_ys: &[Option], - vdf_xs: &[Option], + vdf_ys: Vec>, + vdf_xs: Vec>, vdf_sloth_rounds: usize, - challenged_leafs_vec: &[Vec>], - commitments_vec: &[Vec>], - paths_vec: &[Vec>>], + challenged_leafs_vec: Vec>>, + commitments_vec: Vec>>, + paths_vec: Vec>>>, ) -> Result<(), SynthesisError> { // VDF Output Verification assert_eq!(vdf_xs.len(), vdf_ys.len()); @@ -87,7 +87,13 @@ pub fn hvh_post>( .enumerate() { let mut cs = cs.namespace(|| format!("porc_verification_round_{}", i)); - porc::porc(&mut cs, params, challenged_leafs, commitments, paths)?; + porc::PoRCCircuit::synthesize( + &mut cs, + params, + challenged_leafs.to_vec(), + commitments.to_vec(), + paths.to_vec(), + )?; } Ok(()) diff --git a/storage-proofs/src/circuit/porc.rs b/storage-proofs/src/circuit/porc.rs index 80d35e13a..f0cbd4db3 100644 --- a/storage-proofs/src/circuit/porc.rs +++ b/storage-proofs/src/circuit/porc.rs @@ -1,11 +1,17 @@ use bellman::{Circuit, ConstraintSystem, SynthesisError}; +use pairing::bls12_381::{Bls12, Fr}; use sapling_crypto::circuit::{boolean, multipack, num, pedersen_hash}; use sapling_crypto::jubjub::JubjubEngine; use crate::circuit::constraint; +use crate::compound_proof::{CircuitComponent, CompoundProof}; +use crate::hasher::Hasher; +use crate::parameter_cache::{CacheableParameters, ParameterSetIdentifier}; +use crate::porc::PoRC; +use crate::proof::ProofScheme; /// This is an instance of the `ProofOfRetrievableCommitments` circuit. -pub struct ProofOfRetrievableCommitments<'a, E: JubjubEngine> { +pub struct PoRCCircuit<'a, E: JubjubEngine> { /// Paramters for the engine. pub params: &'a E::Params, @@ -14,109 +20,157 @@ pub struct ProofOfRetrievableCommitments<'a, E: JubjubEngine> { pub paths: Vec>>, } -impl<'a, E: JubjubEngine> Circuit for ProofOfRetrievableCommitments<'a, E> { - fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> { - porc::( - cs, - self.params, - &self.challenged_leafs, - &self.commitments, - &self.paths, - ) +pub struct PoRCCompound {} + +impl, P: ParameterSetIdentifier> CacheableParameters + for PoRCCompound +{ + fn cache_prefix() -> String { + String::from("proof-of-retrievable-commitments") } } -pub fn porc<'a, E: JubjubEngine, CS: ConstraintSystem>( - cs: &mut CS, - params: &'a E::Params, - challenged_leafs: &[Option], - commitments: &[Option], - paths: &[Vec>], -) -> Result<(), SynthesisError> { - assert_eq!(challenged_leafs.len(), paths.len()); - assert_eq!(paths.len(), commitments.len()); - - for (i, (challenged_leaf, (path, commitment))) in challenged_leafs - .iter() - .zip(paths.iter().zip(commitments)) - .enumerate() - { - let mut cs = cs.namespace(|| format!("challenge_{}", i)); - - // Allocate the commitment - let rt = num::AllocatedNum::alloc(cs.namespace(|| "commitment_num"), || { - commitment.ok_or(SynthesisError::AssignmentMissing) - })?; - - let params = params; - - let leaf_num = num::AllocatedNum::alloc(cs.namespace(|| "leaf_num"), || { - challenged_leaf.ok_or_else(|| SynthesisError::AssignmentMissing) - })?; - - leaf_num.inputize(cs.namespace(|| "leaf_input"))?; - - // This is an injective encoding, as cur is a - // point in the prime order subgroup. - let mut cur = leaf_num; - - let mut path_bits = Vec::with_capacity(path.len()); - - // Ascend the merkle tree authentication path - for (i, e) in path.iter().enumerate() { - let cs = &mut cs.namespace(|| format!("merkle tree hash {}", i)); - - // Determines if the current subtree is the "right" leaf at this - // depth of the tree. - let cur_is_right = boolean::Boolean::from(boolean::AllocatedBit::alloc( - cs.namespace(|| "position bit"), - e.map(|e| e.1), - )?); - - // Witness the authentication path element adjacent - // at this depth. - let path_element = num::AllocatedNum::alloc(cs.namespace(|| "path element"), || { - Ok(e.ok_or(SynthesisError::AssignmentMissing)?.0) - })?; +#[derive(Clone, Default)] +pub struct ComponentPrivateInputs {} - // Swap the two if the current subtree is on the right - let (xl, xr) = num::AllocatedNum::conditionally_reverse( - cs.namespace(|| "conditional reversal of preimage"), - &cur, - &path_element, - &cur_is_right, - )?; - - let mut preimage = vec![]; - preimage.extend(xl.into_bits_le(cs.namespace(|| "xl into bits"))?); - preimage.extend(xr.into_bits_le(cs.namespace(|| "xr into bits"))?); - - // Compute the new subtree value - cur = pedersen_hash::pedersen_hash( - cs.namespace(|| "computation of pedersen hash"), - pedersen_hash::Personalization::MerkleTree(i), - &preimage, - params, - )? - .get_x() - .clone(); // Injective encoding - - path_bits.push(cur_is_right); - } +impl<'a, E: JubjubEngine> CircuitComponent for PoRCCircuit<'a, E> { + type ComponentPrivateInputs = ComponentPrivateInputs; +} - // allocate input for is_right path - multipack::pack_into_inputs(cs.namespace(|| "packed path"), &path_bits)?; +impl<'a, H> CompoundProof<'a, Bls12, PoRC<'a, H>, PoRCCircuit<'a, Bls12>> for PoRCCompound +where + H: 'a + Hasher, +{ + fn generate_public_inputs( + pub_in: & as ProofScheme<'a>>::PublicInputs, + pub_params: & as ProofScheme<'a>>::PublicParams, + partition_k: Option, + ) -> Vec { + unimplemented!(); + } + fn circuit( + pub_in: & as ProofScheme<'a>>::PublicInputs, + component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, + vanilla_proof: & as ProofScheme<'a>>::Proof, + pub_params: & as ProofScheme<'a>>::PublicParams, + engine_params: &'a ::Params, + ) -> PoRCCircuit<'a, Bls12> { + unimplemented!() + } +} + +impl<'a, E: JubjubEngine> Circuit for PoRCCircuit<'a, E> { + fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> { + let params = self.params; + let challenged_leafs = self.challenged_leafs; + let commitments = self.commitments; + let paths = self.paths; + + assert_eq!(challenged_leafs.len(), paths.len()); + assert_eq!(paths.len(), commitments.len()); + + for (i, (challenged_leaf, (path, commitment))) in challenged_leafs + .iter() + .zip(paths.iter().zip(commitments)) + .enumerate() { - // Validate that the root of the merkle tree that we calculated is the same as the input. - constraint::equal(&mut cs, || "enforce commitment correct", &cur, &rt); + let mut cs = cs.namespace(|| format!("challenge_{}", i)); + + // Allocate the commitment + let rt = num::AllocatedNum::alloc(cs.namespace(|| "commitment_num"), || { + commitment.ok_or(SynthesisError::AssignmentMissing) + })?; + + let params = params; + + let leaf_num = num::AllocatedNum::alloc(cs.namespace(|| "leaf_num"), || { + challenged_leaf.ok_or_else(|| SynthesisError::AssignmentMissing) + })?; + + leaf_num.inputize(cs.namespace(|| "leaf_input"))?; + + // This is an injective encoding, as cur is a + // point in the prime order subgroup. + let mut cur = leaf_num; + + let mut path_bits = Vec::with_capacity(path.len()); + + // Ascend the merkle tree authentication path + for (i, e) in path.iter().enumerate() { + let cs = &mut cs.namespace(|| format!("merkle tree hash {}", i)); + + // Determines if the current subtree is the "right" leaf at this + // depth of the tree. + let cur_is_right = boolean::Boolean::from(boolean::AllocatedBit::alloc( + cs.namespace(|| "position bit"), + e.map(|e| e.1), + )?); + + // Witness the authentication path element adjacent + // at this depth. + let path_element = + num::AllocatedNum::alloc(cs.namespace(|| "path element"), || { + Ok(e.ok_or(SynthesisError::AssignmentMissing)?.0) + })?; + + // Swap the two if the current subtree is on the right + let (xl, xr) = num::AllocatedNum::conditionally_reverse( + cs.namespace(|| "conditional reversal of preimage"), + &cur, + &path_element, + &cur_is_right, + )?; + + let mut preimage = vec![]; + preimage.extend(xl.into_bits_le(cs.namespace(|| "xl into bits"))?); + preimage.extend(xr.into_bits_le(cs.namespace(|| "xr into bits"))?); + + // Compute the new subtree value + cur = pedersen_hash::pedersen_hash( + cs.namespace(|| "computation of pedersen hash"), + pedersen_hash::Personalization::MerkleTree(i), + &preimage, + params, + )? + .get_x() + .clone(); // Injective encoding + + path_bits.push(cur_is_right); + } + + // allocate input for is_right path + multipack::pack_into_inputs(cs.namespace(|| "packed path"), &path_bits)?; + + { + // Validate that the root of the merkle tree that we calculated is the same as the input. + constraint::equal(&mut cs, || "enforce commitment correct", &cur, &rt); + } + + // Expose the root + rt.inputize(cs.namespace(|| "commitment"))?; } - // Expose the root - rt.inputize(cs.namespace(|| "commitment"))?; + Ok(()) } +} - Ok(()) +impl<'a, E: JubjubEngine> PoRCCircuit<'a, E> { + pub fn synthesize>( + cs: &mut CS, + params: &'a E::Params, + challenged_leafs: Vec>, + commitments: Vec>, + paths: Vec>>, + ) -> Result<(), SynthesisError> { + PoRCCircuit { + params, + challenged_leafs, + commitments, + paths, + } + .synthesize(cs) + } } #[cfg(test)] @@ -194,7 +248,7 @@ mod tests { let mut cs = TestConstraintSystem::::new(); - let instance = ProofOfRetrievableCommitments { + let instance = PoRCCircuit { params, challenged_leafs, paths, diff --git a/storage-proofs/src/hvh_post.rs b/storage-proofs/src/hvh_post.rs index dc2918c73..5de579474 100644 --- a/storage-proofs/src/hvh_post.rs +++ b/storage-proofs/src/hvh_post.rs @@ -71,7 +71,7 @@ impl<'a, H: 'a + Hasher> PrivateInputs<'a, H> { #[derive(Clone, Debug)] pub struct Proof<'a, H: Hasher + 'a, V: Vdf> { /// `post_iteration` online Proof-of-Replication proofs. - pub proofs_porep: Vec< as ProofScheme<'a>>::Proof>, + pub proofs_porep: Vec< as ProofScheme<'a>>::Proof>, /// `post_epochs - 1` VDF proofs pub proofs_vdf: Vec, pub ys: Vec, diff --git a/storage-proofs/src/porc.rs b/storage-proofs/src/porc.rs index 51d307f8e..46bf6d0e6 100644 --- a/storage-proofs/src/porc.rs +++ b/storage-proofs/src/porc.rs @@ -20,6 +20,7 @@ pub struct SetupParams { #[derive(Debug, Clone)] pub struct PublicParams { + // NOTE: This assumes all sectors are the same size, which may not remain a valid assumption. /// How many leaves the underlying merkle tree has. pub leaves: usize, /// The number of sectors that are proven over. @@ -67,11 +68,14 @@ impl Proof { } #[derive(Debug, Clone)] -pub struct PoRC { - _h: PhantomData, +pub struct PoRC<'a, H> +where + H: 'a + Hasher, +{ + _h: PhantomData<&'a H>, } -impl<'a, H: 'a + Hasher> ProofScheme<'a> for PoRC { +impl<'a, H: 'a + Hasher> ProofScheme<'a> for PoRC<'a, H> { type PublicParams = PublicParams; type SetupParams = SetupParams; type PublicInputs = PublicInputs<'a, H::Domain>; From 0b7bd03f5e26343d09a69efb587091657673d5b7 Mon Sep 17 00:00:00 2001 From: porcuquine Date: Wed, 2 Jan 2019 18:48:12 -0800 Subject: [PATCH 3/7] Initial scaffolding for HvhPostCompound. --- storage-proofs/src/bacon_post.rs | 2 +- storage-proofs/src/circuit/bacon_post.rs | 14 +- storage-proofs/src/circuit/hvh_post.rs | 206 +++++++++++++++-------- storage-proofs/src/circuit/porc.rs | 17 +- storage-proofs/src/hvh_post.rs | 40 +++-- 5 files changed, 175 insertions(+), 104 deletions(-) diff --git a/storage-proofs/src/bacon_post.rs b/storage-proofs/src/bacon_post.rs index 8ca56382f..9bd771b3b 100644 --- a/storage-proofs/src/bacon_post.rs +++ b/storage-proofs/src/bacon_post.rs @@ -238,7 +238,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> BaconPost { } fn extract_post_input>(proof: &hvh_post::Proof) -> H::Domain { - let leafs: Vec = proof.proofs_porep.iter().fold(Vec::new(), |mut acc, p| { + let leafs: Vec = proof.porep_proofs.iter().fold(Vec::new(), |mut acc, p| { acc.extend(p.leafs().into_iter().fold( Vec::new(), |mut inner_acc: Vec, leaf: &H::Domain| { diff --git a/storage-proofs/src/circuit/bacon_post.rs b/storage-proofs/src/circuit/bacon_post.rs index 42bfb3a42..3e78f8d88 100644 --- a/storage-proofs/src/circuit/bacon_post.rs +++ b/storage-proofs/src/circuit/bacon_post.rs @@ -103,7 +103,7 @@ impl<'a, E: JubjubEngine> Circuit for BaconPost<'a, E> { // constraint::equal(&mut cs, || "challenge_equality", actual, expected_num); // } - hvh_post::hvh_post( + hvh_post::HvhPostCircuit::synthesize( &mut cs.namespace(|| "hvh_post"), self.params, self.vdf_key, @@ -143,7 +143,7 @@ impl<'a, E: JubjubEngine> Circuit for BaconPost<'a, E> { // constraint::equal(&mut cs, || "challenge_equality", actual, expected_num); // } - hvh_post::hvh_post( + hvh_post::HvhPostCircuit::synthesize( &mut cs.namespace(|| "hvh_post"), self.params, self.vdf_key, @@ -246,7 +246,7 @@ mod tests { .iter() .map(|proof| { proof - .proofs_porep + .porep_proofs .iter() .take(vdf_ys_vec[0].len()) .map(|p| Some(hvh_post::extract_vdf_input::(p).into())) @@ -263,10 +263,10 @@ mod tests { let mut challenged_leafs_vec = Vec::new(); let mut commitments_vec = Vec::new(); - for proof_porep in &p.proofs_porep { + for porep_proof in &p.porep_proofs { // -- paths paths_vec.push( - proof_porep + porep_proof .paths() .iter() .map(|p| { @@ -279,7 +279,7 @@ mod tests { // -- challenged leafs challenged_leafs_vec.push( - proof_porep + porep_proof .leafs() .iter() .map(|l| Some((**l).into())) @@ -288,7 +288,7 @@ mod tests { // -- commitments commitments_vec.push( - proof_porep + porep_proof .commitments() .iter() .map(|c| Some((**c).into())) diff --git a/storage-proofs/src/circuit/hvh_post.rs b/storage-proofs/src/circuit/hvh_post.rs index 04937ca5d..2af089add 100644 --- a/storage-proofs/src/circuit/hvh_post.rs +++ b/storage-proofs/src/circuit/hvh_post.rs @@ -1,13 +1,20 @@ use bellman::{Circuit, ConstraintSystem, SynthesisError}; +use pairing::bls12_381::{Bls12, Fr}; use sapling_crypto::circuit::num; use sapling_crypto::jubjub::JubjubEngine; use crate::circuit::constraint; use crate::circuit::porc; use crate::circuit::sloth; - -/// This is an instance of the `HVH-PoSt` circuit. -pub struct HvhPost<'a, E: JubjubEngine> { +use crate::compound_proof::{CircuitComponent, CompoundProof}; +use crate::hasher::Hasher; +use crate::hvh_post::HvhPost; +use crate::parameter_cache::{CacheableParameters, ParameterSetIdentifier}; +use crate::proof::ProofScheme; +use crate::vdf::Vdf; + +/// This is the `HVH-PoSt` circuit. +pub struct HvhPostCircuit<'a, E: JubjubEngine> { /// Paramters for the engine. pub params: &'a E::Params, @@ -23,87 +30,140 @@ pub struct HvhPost<'a, E: JubjubEngine> { pub paths_vec: Vec>>>, } -impl<'a, E: JubjubEngine> Circuit for HvhPost<'a, E> { - fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> { - hvh_post( - cs, - self.params, - self.vdf_key, - self.vdf_ys, - self.vdf_xs, - self.vdf_sloth_rounds, - self.challenged_leafs_vec, - self.commitments_vec, - self.paths_vec, - ) +pub struct HvhPostCompound {} + +impl, P: ParameterSetIdentifier> CacheableParameters + for HvhPostCompound +{ + fn cache_prefix() -> String { + String::from("hvh-post") } } -pub fn hvh_post>( - cs: &mut CS, - params: &E::Params, - vdf_key: Option, - vdf_ys: Vec>, - vdf_xs: Vec>, - vdf_sloth_rounds: usize, - challenged_leafs_vec: Vec>>, - commitments_vec: Vec>>, - paths_vec: Vec>>>, -) -> Result<(), SynthesisError> { - // VDF Output Verification - assert_eq!(vdf_xs.len(), vdf_ys.len()); - - let vdf_key = num::AllocatedNum::alloc(cs.namespace(|| "vdf_key"), || { - vdf_key.ok_or_else(|| SynthesisError::AssignmentMissing) - })?; - - for (i, (y, x)) in vdf_ys.iter().zip(vdf_xs.iter()).enumerate() { - let mut cs = cs.namespace(|| format!("vdf_verification_round_{}", i)); - - let decoded = sloth::decode( - cs.namespace(|| "sloth_decode"), - &vdf_key, - *y, - vdf_sloth_rounds, - )?; +#[derive(Clone, Default)] +pub struct ComponentPrivateInputs {} + +impl<'a, E: JubjubEngine> CircuitComponent for HvhPostCircuit<'a, E> { + type ComponentPrivateInputs = ComponentPrivateInputs; +} - let x_alloc = num::AllocatedNum::alloc(cs.namespace(|| "x"), || { - x.ok_or_else(|| SynthesisError::AssignmentMissing) +impl<'a, H, V> CompoundProof<'a, Bls12, HvhPost, HvhPostCircuit<'a, Bls12>> + for HvhPostCompound +where + H: 'a + Hasher, + V: Vdf, + >::PublicParams: Send + Sync, + >::Proof: Send + Sync, +{ + fn generate_public_inputs( + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _pub_params: & as ProofScheme<'a>>::PublicParams, + _partition_k: Option, + ) -> Vec { + unimplemented!(); + } + fn circuit( + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, + _vanilla_proof: & as ProofScheme<'a>>::Proof, + _pub_params: & as ProofScheme<'a>>::PublicParams, + _engine_params: &'a ::Params, + ) -> HvhPostCircuit<'a, Bls12> { + unimplemented!() + } +} + +impl<'a, E: JubjubEngine> Circuit for HvhPostCircuit<'a, E> { + fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> { + let params = self.params; + let vdf_key = self.vdf_key; + let vdf_ys = self.vdf_ys; + let vdf_xs = self.vdf_xs; + let vdf_sloth_rounds = self.vdf_sloth_rounds; + let challenged_leafs_vec = self.challenged_leafs_vec; + let commitments_vec = self.commitments_vec; + let paths_vec = self.paths_vec; + + // VDF Output Verification + assert_eq!(vdf_xs.len(), vdf_ys.len()); + + let vdf_key = num::AllocatedNum::alloc(cs.namespace(|| "vdf_key"), || { + vdf_key.ok_or_else(|| SynthesisError::AssignmentMissing) })?; - constraint::equal(&mut cs, || "equality", &x_alloc, &decoded); + for (i, (y, x)) in vdf_ys.iter().zip(vdf_xs.iter()).enumerate() { + let mut cs = cs.namespace(|| format!("vdf_verification_round_{}", i)); + + let decoded = sloth::decode( + cs.namespace(|| "sloth_decode"), + &vdf_key, + *y, + vdf_sloth_rounds, + )?; + + let x_alloc = num::AllocatedNum::alloc(cs.namespace(|| "x"), || { + x.ok_or_else(|| SynthesisError::AssignmentMissing) + })?; + + constraint::equal(&mut cs, || "equality", &x_alloc, &decoded); - // TODO: is this the right thing to inputize? - decoded.inputize(cs.namespace(|| "vdf_result"))?; + // TODO: is this the right thing to inputize? + decoded.inputize(cs.namespace(|| "vdf_result"))?; + } + + // PoRC Verification + assert_eq!(challenged_leafs_vec.len(), commitments_vec.len()); + assert_eq!(paths_vec.len(), commitments_vec.len()); + + for (i, (challenged_leafs, (commitments, paths))) in challenged_leafs_vec + .iter() + .zip(commitments_vec.iter().zip(paths_vec.iter())) + .enumerate() + { + let mut cs = cs.namespace(|| format!("porc_verification_round_{}", i)); + porc::PoRCCircuit::synthesize( + &mut cs, + params, + challenged_leafs.to_vec(), + commitments.to_vec(), + paths.to_vec(), + )?; + } + + Ok(()) } +} - // PoRC Verification - assert_eq!(challenged_leafs_vec.len(), commitments_vec.len()); - assert_eq!(paths_vec.len(), commitments_vec.len()); - - for (i, (challenged_leafs, (commitments, paths))) in challenged_leafs_vec - .iter() - .zip(commitments_vec.iter().zip(paths_vec.iter())) - .enumerate() - { - let mut cs = cs.namespace(|| format!("porc_verification_round_{}", i)); - porc::PoRCCircuit::synthesize( - &mut cs, +impl<'a, E: JubjubEngine> HvhPostCircuit<'a, E> { + pub fn synthesize>( + cs: &mut CS, + params: &E::Params, + vdf_key: Option, + vdf_ys: Vec>, + vdf_xs: Vec>, + vdf_sloth_rounds: usize, + challenged_leafs_vec: Vec>>, + commitments_vec: Vec>>, + paths_vec: Vec>>>, + ) -> Result<(), SynthesisError> { + HvhPostCircuit { params, - challenged_leafs.to_vec(), - commitments.to_vec(), - paths.to_vec(), - )?; + vdf_key, + vdf_ys, + vdf_xs, + vdf_sloth_rounds, + challenged_leafs_vec, + commitments_vec, + paths_vec, + } + .synthesize(cs) } - - Ok(()) } #[cfg(test)] mod tests { use super::*; - use pairing::bls12_381::*; use pairing::Field; use rand::{Rng, SeedableRng, XorShiftRng}; use sapling_crypto::jubjub::JubjubBls12; @@ -181,7 +241,7 @@ mod tests { .map(|y| Some(y.clone().into())) .collect::>(); let vdf_xs = proof - .proofs_porep + .porep_proofs .iter() .take(vdf_ys.len()) .map(|p| Some(hvh_post::extract_vdf_input::(p).into())) @@ -191,10 +251,10 @@ mod tests { let mut challenged_leafs_vec = Vec::new(); let mut commitments_vec = Vec::new(); - for proof_porep in &proof.proofs_porep { + for porep_proof in &proof.porep_proofs { // -- paths paths_vec.push( - proof_porep + porep_proof .paths() .iter() .map(|p| { @@ -207,7 +267,7 @@ mod tests { // -- challenged leafs challenged_leafs_vec.push( - proof_porep + porep_proof .leafs() .iter() .map(|l| Some((**l).into())) @@ -216,7 +276,7 @@ mod tests { // -- commitments commitments_vec.push( - proof_porep + porep_proof .commitments() .iter() .map(|c| Some((**c).into())) @@ -226,7 +286,7 @@ mod tests { let mut cs = TestConstraintSystem::::new(); - let instance = HvhPost { + let instance = HvhPostCircuit { params, vdf_key: Some(pub_params.pub_params_vdf.key.into()), vdf_xs, diff --git a/storage-proofs/src/circuit/porc.rs b/storage-proofs/src/circuit/porc.rs index f0cbd4db3..fa401745d 100644 --- a/storage-proofs/src/circuit/porc.rs +++ b/storage-proofs/src/circuit/porc.rs @@ -42,19 +42,19 @@ where H: 'a + Hasher, { fn generate_public_inputs( - pub_in: & as ProofScheme<'a>>::PublicInputs, - pub_params: & as ProofScheme<'a>>::PublicParams, - partition_k: Option, + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _pub_params: & as ProofScheme<'a>>::PublicParams, + _partition_k: Option, ) -> Vec { unimplemented!(); } fn circuit( - pub_in: & as ProofScheme<'a>>::PublicInputs, - component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, - vanilla_proof: & as ProofScheme<'a>>::Proof, - pub_params: & as ProofScheme<'a>>::PublicParams, - engine_params: &'a ::Params, + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, + _vanilla_proof: & as ProofScheme<'a>>::Proof, + _pub_params: & as ProofScheme<'a>>::PublicParams, + _engine_params: &'a ::Params, ) -> PoRCCircuit<'a, Bls12> { unimplemented!() } @@ -177,7 +177,6 @@ impl<'a, E: JubjubEngine> PoRCCircuit<'a, E> { mod tests { use super::*; - use pairing::bls12_381::*; use pairing::Field; use rand::{Rng, SeedableRng, XorShiftRng}; use sapling_crypto::jubjub::JubjubBls12; diff --git a/storage-proofs/src/hvh_post.rs b/storage-proofs/src/hvh_post.rs index 5de579474..10e2e6d45 100644 --- a/storage-proofs/src/hvh_post.rs +++ b/storage-proofs/src/hvh_post.rs @@ -5,6 +5,7 @@ use byteorder::{ByteOrder, LittleEndian}; use crate::error::{Error, Result}; use crate::hasher::{Domain, HashFunction, Hasher}; use crate::merkle::MerkleTree; +use crate::parameter_cache::ParameterSetIdentifier; use crate::porc::{self, PoRC}; use crate::proof::ProofScheme; use crate::vdf::Vdf; @@ -37,6 +38,17 @@ pub struct PublicParams> { pub sectors_count: usize, } +impl> ParameterSetIdentifier for PublicParams { + fn parameter_set_identifier(&self) -> String { + format!( + "hvh_post::PublicParams{{challenge_count: {}, sector_size: {}, post_epochs: {}, pub_params_vdf: FIXME, leaves: {}, sectors_count: {}}}", + self.challenge_count, self.sector_size, self.post_epochs, + //self.pub_params_vdf.parameter_set_identifier(), // FIXME: implement + self.leaves, self.sectors_count + ) + } +} + #[derive(Clone, Debug)] pub struct PublicInputs { /// The root hash of the merkle tree of the sealed sector. @@ -71,9 +83,9 @@ impl<'a, H: 'a + Hasher> PrivateInputs<'a, H> { #[derive(Clone, Debug)] pub struct Proof<'a, H: Hasher + 'a, V: Vdf> { /// `post_iteration` online Proof-of-Replication proofs. - pub proofs_porep: Vec< as ProofScheme<'a>>::Proof>, + pub porep_proofs: Vec< as ProofScheme<'a>>::Proof>, /// `post_epochs - 1` VDF proofs - pub proofs_vdf: Vec, + pub vdf_proofs: Vec, pub ys: Vec, } @@ -117,7 +129,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { let challenge_count = pub_params.challenge_count; let post_epochs = pub_params.post_epochs; - let mut proofs_porep = Vec::with_capacity(post_epochs); + let mut porep_proofs = Vec::with_capacity(post_epochs); let pub_params_porep = porc::PublicParams { leaves: pub_params.leaves, @@ -135,7 +147,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { replicas: priv_inputs.replicas, trees: priv_inputs.trees, }; - proofs_porep.push(PoRC::prove( + porep_proofs.push(PoRC::prove( &pub_params_porep, &pub_inputs_porep, &priv_inputs_porep, @@ -149,10 +161,10 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { for k in 1..post_epochs { // Run VDF - let x = extract_vdf_input::(&proofs_porep[k - 1]); - let (y, proof_vdf) = V::eval(&pub_params.pub_params_vdf, &x)?; + let x = extract_vdf_input::(&porep_proofs[k - 1]); + let (y, vdf_proof) = V::eval(&pub_params.pub_params_vdf, &x)?; - proofs_vdf.push(proof_vdf); + proofs_vdf.push(vdf_proof); ys.push(y); let r = H::Function::hash_single_node(&y); @@ -170,7 +182,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { replicas: priv_inputs.replicas, trees: priv_inputs.trees, }; - proofs_porep.push(PoRC::prove( + porep_proofs.push(PoRC::prove( &pub_params_porep, &pub_inputs_porep, &priv_inputs_porep, @@ -178,8 +190,8 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { } Ok(Proof { - proofs_porep, - proofs_vdf, + porep_proofs, + vdf_proofs: proofs_vdf, ys, }) } @@ -196,9 +208,9 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { for i in 0..post_epochs - 1 { if !V::verify( &pub_params.pub_params_vdf, - &extract_vdf_input::(&proof.proofs_porep[i]), + &extract_vdf_input::(&proof.porep_proofs[i]), &proof.ys[i], - &proof.proofs_vdf[i], + &proof.vdf_proofs[i], )? { return Ok(false); } @@ -218,7 +230,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { commitments: &pub_inputs.commitments, }; - if !PoRC::verify(&pub_params_porep, &pub_inputs_porep, &proof.proofs_porep[0])? { + if !PoRC::verify(&pub_params_porep, &pub_inputs_porep, &proof.porep_proofs[0])? { return Ok(false); } } @@ -235,7 +247,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> ProofScheme<'a> for HvhPost { commitments: &pub_inputs.commitments, }; - if !PoRC::verify(&pub_params_porep, &pub_inputs_porep, &proof.proofs_porep[i])? { + if !PoRC::verify(&pub_params_porep, &pub_inputs_porep, &proof.porep_proofs[i])? { return Ok(false); } } From c06fdd322e648b476595e8e69bc3fc56232e5eea Mon Sep 17 00:00:00 2001 From: porcuquine Date: Wed, 2 Jan 2019 19:12:24 -0800 Subject: [PATCH 4/7] Initial scaffolding for BaconPostCompound. --- storage-proofs/src/bacon_post.rs | 70 +++++++++++---------- storage-proofs/src/circuit/bacon_post.rs | 78 ++++++++++++++++++------ storage-proofs/src/circuit/porc.rs | 2 +- 3 files changed, 100 insertions(+), 50 deletions(-) diff --git a/storage-proofs/src/bacon_post.rs b/storage-proofs/src/bacon_post.rs index 9bd771b3b..c3a3f05dd 100644 --- a/storage-proofs/src/bacon_post.rs +++ b/storage-proofs/src/bacon_post.rs @@ -7,6 +7,7 @@ use crate::error::{Error, Result}; use crate::hasher::{Domain, HashFunction, Hasher}; use crate::hvh_post; use crate::merkle::MerkleTree; +use crate::parameter_cache::ParameterSetIdentifier; use crate::proof::ProofScheme; use crate::vdf::Vdf; @@ -22,6 +23,16 @@ pub struct PublicParams> { pub post_periods_count: usize, } +impl> ParameterSetIdentifier for PublicParams { + fn parameter_set_identifier(&self) -> String { + format!( + "bacon_post::PublicParams{{pub_params_hvh_post: {}, post_periods_count: {}", + self.pub_params_hvh_post.parameter_set_identifier(), + self.post_periods_count + ) + } +} + #[derive(Clone, Debug)] pub struct PublicInputs { /// The root hashes of the merkle trees of the sealed sectors. @@ -60,33 +71,23 @@ impl<'a, H: Hasher + 'a, V: Vdf> Proof<'a, H, V> { } } -#[derive(Clone, Debug)] -pub struct BaconPost> { +#[derive(Clone, Debug, Default)] +pub struct BaconPoSt> { _t: PhantomData, _v: PhantomData, - beacon: Beacon, } #[derive(Clone, Debug, Default)] struct Beacon { count: usize, } -impl> Default for BaconPost { - fn default() -> Self { - BaconPost { - _t: PhantomData, - _v: PhantomData, - beacon: Default::default(), - } - } -} impl Beacon { pub fn get(&mut self, t: usize) -> T { // TODO: actual beacon if self.count < t { - // sleep a bit, to simulate dely + // sleep a bit, to simulate delay thread::sleep(time::Duration::from_millis(10)); self.count += 1; } @@ -97,16 +98,24 @@ impl Beacon { } } -impl<'a, H: Hasher + 'a, V: Vdf> BaconPost { - pub fn setup(&self, sp: &SetupParams) -> Result> { +impl<'a, H: Hasher, V: Vdf> ProofScheme<'a> for BaconPoSt +where + H: 'a, +{ + type PublicParams = PublicParams; + type SetupParams = SetupParams; + type PublicInputs = PublicInputs; + type PrivateInputs = PrivateInputs<'a, H>; + type Proof = Proof<'a, H, V>; + + fn setup(sp: &SetupParams) -> Result> { Ok(PublicParams { pub_params_hvh_post: hvh_post::HvhPost::::setup(&sp.setup_params_hvh_post)?, post_periods_count: sp.post_periods_count, }) } - pub fn prove<'b>( - &mut self, + fn prove<'b>( pub_params: &'b PublicParams, pub_inputs: &'b PublicInputs, priv_inputs: &'b PrivateInputs<'a, H>, @@ -125,10 +134,12 @@ impl<'a, H: Hasher + 'a, V: Vdf> BaconPost { let mut proofs_hvh_post = Vec::with_capacity(post_periods_count); + let mut beacon = Beacon::default(); + // First (t = 0) { // Run Bacon - let r = self.beacon.get::(0); + let r = beacon.get::(0); // Generate challenges let challenges = derive_challenges::(challenge_count, 0, &[], r.as_ref()); @@ -152,7 +163,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> BaconPost { // The rest (t = 1..post_periods_count) for t in 1..post_periods_count { // Run Bacon - let r = self.beacon.get::(t); + let r = beacon.get::(t); let x = extract_post_input::(&proofs_hvh_post[t - 1]); // Generate challenges @@ -178,8 +189,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> BaconPost { Ok(Proof(proofs_hvh_post)) } - pub fn verify( - &mut self, + fn verify( pub_params: &PublicParams, pub_inputs: &PublicInputs, proof: &Proof, @@ -189,9 +199,11 @@ impl<'a, H: Hasher + 'a, V: Vdf> BaconPost { // HVH Post Verification + let mut beacon = Beacon::default(); + // First (t = 0) { - let r = self.beacon.get::(0); + let r = beacon.get::(0); // Generate challenges let challenges = derive_challenges::(challenge_count, 0, &[], r.as_ref()); @@ -213,7 +225,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> BaconPost { // The rest (t = 1..post_periods_count) for t in 1..post_periods_count { // Generate challenges - let r = self.beacon.get::(t); + let r = beacon.get::(t); let x = extract_post_input::(&proof.0[t - 1]); let challenges = derive_challenges::(challenge_count, t, x.as_ref(), r.as_ref()); @@ -294,9 +306,7 @@ mod tests { post_periods_count: 3, }; - let mut bacon_post = BaconPost::::default(); - - let pub_params = bacon_post.setup(&sp).unwrap(); + let pub_params = BaconPoSt::::setup(&sp).unwrap(); let data0: Vec = (0..1024) .flat_map(|_| fr_into_bytes::(&rng.gen())) @@ -314,16 +324,14 @@ mod tests { commitments: vec![tree0.root(), tree1.root()], }; - let priv_inputs = PrivateInputs { + let priv_inputs = PrivateInputs:: { trees: &[&tree0, &tree1], replicas: &[&data0, &data1], _h: PhantomData, }; - let proof = bacon_post - .prove(&pub_params, &pub_inputs, &priv_inputs) - .unwrap(); + let proof = BaconPoSt::prove(&pub_params, &pub_inputs, &priv_inputs).unwrap(); - assert!(bacon_post.verify(&pub_params, &pub_inputs, &proof).unwrap()); + assert!(BaconPoSt::verify(&pub_params, &pub_inputs, &proof).unwrap()); } } diff --git a/storage-proofs/src/circuit/bacon_post.rs b/storage-proofs/src/circuit/bacon_post.rs index 3e78f8d88..1dd7f9c41 100644 --- a/storage-proofs/src/circuit/bacon_post.rs +++ b/storage-proofs/src/circuit/bacon_post.rs @@ -1,14 +1,18 @@ use bellman::{Circuit, ConstraintSystem, SynthesisError}; -// use sapling_crypto::circuit::boolean::Boolean; -// use sapling_crypto::circuit::{num, uint32}; +use pairing::bls12_381::{Bls12, Fr}; use sapling_crypto::jubjub::JubjubEngine; +use crate::bacon_post::BaconPoSt; use crate::circuit::hvh_post; -// use crate::circuit::pedersen::pedersen_compression_num; - -/// This is an instance of the `BACON-PoSt` circuit. -pub struct BaconPost<'a, E: JubjubEngine> { - /// Paramters for the engine. +use crate::compound_proof::{CircuitComponent, CompoundProof}; +use crate::hasher::Hasher; +use crate::parameter_cache::{CacheableParameters, ParameterSetIdentifier}; +use crate::proof::ProofScheme; +use crate::vdf::Vdf; + +/// This is the `BACON-PoSt` circuit. +pub struct BaconPoStCircuit<'a, E: JubjubEngine> { + /// Parameters for the engine. pub params: &'a E::Params, // Beacon @@ -26,6 +30,48 @@ pub struct BaconPost<'a, E: JubjubEngine> { pub paths_vec_vec: Vec>>>>, } +pub struct BaconPoStCompound {} + +#[derive(Clone, Default)] +pub struct ComponentPrivateInputs {} + +impl<'a, E: JubjubEngine> CircuitComponent for BaconPoStCircuit<'a, E> { + type ComponentPrivateInputs = ComponentPrivateInputs; +} + +impl<'a, H: Hasher, V: Vdf> + CompoundProof<'a, Bls12, BaconPoSt, BaconPoStCircuit<'a, Bls12>> for BaconPoStCompound +where + >::PublicParams: Send + Sync, + >::Proof: Send + Sync, + H: 'a, +{ + fn generate_public_inputs( + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _pub_params: & as ProofScheme<'a>>::PublicParams, + _partition_k: Option, + ) -> Vec { + unimplemented!(); + } + fn circuit( + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, + _vanilla_proof: & as ProofScheme<'a>>::Proof, + _pub_params: & as ProofScheme<'a>>::PublicParams, + _engine_params: &'a ::Params, + ) -> BaconPoStCircuit<'a, Bls12> { + unimplemented!() + } +} + +impl, P: ParameterSetIdentifier> CacheableParameters + for BaconPoStCompound +{ + fn cache_prefix() -> String { + String::from("bacon-post") + } +} + // fn extract_post_input>( // _cs: &mut CS, // _params: &E::Params, @@ -68,7 +114,7 @@ pub struct BaconPost<'a, E: JubjubEngine> { // Ok(res) // } -impl<'a, E: JubjubEngine> Circuit for BaconPost<'a, E> { +impl<'a, E: JubjubEngine> Circuit for BaconPoStCircuit<'a, E> { fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> { let post_periods_count = self.vdf_ys_vec.len(); @@ -164,7 +210,6 @@ impl<'a, E: JubjubEngine> Circuit for BaconPost<'a, E> { mod tests { use super::*; - use pairing::bls12_381::*; use pairing::Field; use rand::{Rng, SeedableRng, XorShiftRng}; use sapling_crypto::jubjub::JubjubBls12; @@ -199,9 +244,8 @@ mod tests { post_periods_count: 3, }; - let mut bacon_post = bacon_post::BaconPost::::default(); - - let pub_params = bacon_post.setup(&sp).unwrap(); + let pub_params = + bacon_post::BaconPoSt::::setup(&sp).unwrap(); let data0: Vec = (0..256) .flat_map(|_| fr_into_bytes::(&rng.gen())) @@ -222,11 +266,9 @@ mod tests { let trees = [&tree0, &tree1]; let priv_inputs = bacon_post::PrivateInputs::new(&replicas[..], &trees[..]); - let proof = bacon_post - .prove(&pub_params, &pub_inputs, &priv_inputs) - .unwrap(); + let proof = BaconPoSt::prove(&pub_params, &pub_inputs, &priv_inputs).unwrap(); - assert!(bacon_post.verify(&pub_params, &pub_inputs, &proof).unwrap()); + assert!(BaconPoSt::verify(&pub_params, &pub_inputs, &proof).unwrap()); // actual circuit test @@ -237,7 +279,7 @@ mod tests { proof .ys .iter() - .map(|y| Some(y.clone().into())) + .map(|y: &PedersenDomain| Some(y.clone().into())) .collect::>() }) .collect::>(); @@ -303,7 +345,7 @@ mod tests { let mut cs = TestConstraintSystem::::new(); - let instance = BaconPost { + let instance = BaconPoStCircuit { params, // beacon_randomness_vec, // challenges_vec, diff --git a/storage-proofs/src/circuit/porc.rs b/storage-proofs/src/circuit/porc.rs index fa401745d..ea15c952a 100644 --- a/storage-proofs/src/circuit/porc.rs +++ b/storage-proofs/src/circuit/porc.rs @@ -10,7 +10,7 @@ use crate::parameter_cache::{CacheableParameters, ParameterSetIdentifier}; use crate::porc::PoRC; use crate::proof::ProofScheme; -/// This is an instance of the `ProofOfRetrievableCommitments` circuit. +/// This is the `PoRC` circuit. pub struct PoRCCircuit<'a, E: JubjubEngine> { /// Paramters for the engine. pub params: &'a E::Params, From 2e8f82ef18be59ba2f9fab8c72d8bb22f9a43815 Mon Sep 17 00:00:00 2001 From: porcuquine Date: Thu, 3 Jan 2019 21:29:50 -0800 Subject: [PATCH 5/7] Finish implementing PoRCCompound. --- storage-proofs/src/circuit/bacon_post.rs | 4 +- storage-proofs/src/circuit/hvh_post.rs | 4 +- storage-proofs/src/circuit/porc.rs | 144 ++++++++++++++++++++--- storage-proofs/src/hvh_post.rs | 2 +- storage-proofs/src/parameter_cache.rs | 2 +- storage-proofs/src/util.rs | 2 +- 6 files changed, 135 insertions(+), 23 deletions(-) diff --git a/storage-proofs/src/circuit/bacon_post.rs b/storage-proofs/src/circuit/bacon_post.rs index 1dd7f9c41..772abf434 100644 --- a/storage-proofs/src/circuit/bacon_post.rs +++ b/storage-proofs/src/circuit/bacon_post.rs @@ -364,8 +364,8 @@ mod tests { assert!(cs.is_satisfied(), "constraints not satisfied"); - assert_eq!(cs.num_inputs(), 115, "wrong number of inputs"); - assert_eq!(cs.num_constraints(), 398196, "wrong number of constraints"); + assert_eq!(cs.num_inputs(), 79, "wrong number of inputs"); + assert_eq!(cs.num_constraints(), 398160, "wrong number of constraints"); assert_eq!(cs.get_input(0, "ONE"), Fr::one()); } } diff --git a/storage-proofs/src/circuit/hvh_post.rs b/storage-proofs/src/circuit/hvh_post.rs index 2af089add..d24a594d3 100644 --- a/storage-proofs/src/circuit/hvh_post.rs +++ b/storage-proofs/src/circuit/hvh_post.rs @@ -303,8 +303,8 @@ mod tests { assert!(cs.is_satisfied(), "constraints not satisfied"); - assert_eq!(cs.num_inputs(), 69, "wrong number of inputs"); - assert_eq!(cs.num_constraints(), 304140, "wrong number of constraints"); + assert_eq!(cs.num_inputs(), 47, "wrong number of inputs"); + assert_eq!(cs.num_constraints(), 304118, "wrong number of constraints"); assert_eq!(cs.get_input(0, "ONE"), Fr::one()); } } diff --git a/storage-proofs/src/circuit/porc.rs b/storage-proofs/src/circuit/porc.rs index ea15c952a..ddf811e57 100644 --- a/storage-proofs/src/circuit/porc.rs +++ b/storage-proofs/src/circuit/porc.rs @@ -1,13 +1,17 @@ +use std::marker::PhantomData; + use bellman::{Circuit, ConstraintSystem, SynthesisError}; use pairing::bls12_381::{Bls12, Fr}; use sapling_crypto::circuit::{boolean, multipack, num, pedersen_hash}; use sapling_crypto::jubjub::JubjubEngine; use crate::circuit::constraint; +use crate::circuit::por::challenge_into_auth_path_bits; use crate::compound_proof::{CircuitComponent, CompoundProof}; +use crate::fr32::fr_into_bytes; use crate::hasher::Hasher; use crate::parameter_cache::{CacheableParameters, ParameterSetIdentifier}; -use crate::porc::PoRC; +use crate::porc::{slice_mod, PoRC}; use crate::proof::ProofScheme; /// This is the `PoRC` circuit. @@ -20,10 +24,15 @@ pub struct PoRCCircuit<'a, E: JubjubEngine> { pub paths: Vec>>, } -pub struct PoRCCompound {} +pub struct PoRCCompound +where + H: Hasher, +{ + _h: PhantomData, +} -impl, P: ParameterSetIdentifier> CacheableParameters - for PoRCCompound +impl, P: ParameterSetIdentifier, H: Hasher> + CacheableParameters for PoRCCompound { fn cache_prefix() -> String { String::from("proof-of-retrievable-commitments") @@ -37,26 +46,66 @@ impl<'a, E: JubjubEngine> CircuitComponent for PoRCCircuit<'a, E> { type ComponentPrivateInputs = ComponentPrivateInputs; } -impl<'a, H> CompoundProof<'a, Bls12, PoRC<'a, H>, PoRCCircuit<'a, Bls12>> for PoRCCompound +impl<'a, H> CompoundProof<'a, Bls12, PoRC<'a, H>, PoRCCircuit<'a, Bls12>> for PoRCCompound where H: 'a + Hasher, { fn generate_public_inputs( - _pub_in: & as ProofScheme<'a>>::PublicInputs, - _pub_params: & as ProofScheme<'a>>::PublicParams, + pub_in: & as ProofScheme<'a>>::PublicInputs, + pub_params: & as ProofScheme<'a>>::PublicParams, _partition_k: Option, ) -> Vec { - unimplemented!(); + let mut inputs = Vec::new(); + + let challenges: Vec<_> = pub_in.challenges.iter().map(|l| (*l).into()).collect(); + + let commitments: Vec<_> = pub_in.commitments.iter().map(|c| (*c).into()).collect(); + + for (challenge, commitment) in challenges.iter().zip(commitments) { + // TODO: What about challenged sector? + let challenged_leaf = slice_mod(fr_into_bytes::(challenge), pub_params.leaves); + let auth_path_bits = challenge_into_auth_path_bits(challenged_leaf, pub_params.leaves); + let packed_auth_path = multipack::compute_multipacking::(&auth_path_bits); + + inputs.extend(packed_auth_path); + + inputs.push(commitment); + } + + inputs } fn circuit( - _pub_in: & as ProofScheme<'a>>::PublicInputs, + pub_in: & as ProofScheme<'a>>::PublicInputs, _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, - _vanilla_proof: & as ProofScheme<'a>>::Proof, + vanilla_proof: & as ProofScheme<'a>>::Proof, _pub_params: & as ProofScheme<'a>>::PublicParams, - _engine_params: &'a ::Params, + engine_params: &'a ::Params, ) -> PoRCCircuit<'a, Bls12> { - unimplemented!() + let challenged_leafs = vanilla_proof + .leafs() + .iter() + .map(|l| Some((**l).into())) + .collect(); + + let commitments: Vec<_> = pub_in + .commitments + .iter() + .map(|c| Some((*c).into())) + .collect(); + + let paths: Vec> = vanilla_proof + .paths() + .iter() + .map(|v| v.iter().map(|p| Some(((*p).0.into(), p.1))).collect()) + .collect(); + + PoRCCircuit { + params: engine_params, + challenged_leafs, + commitments, + paths, + } } } @@ -88,8 +137,6 @@ impl<'a, E: JubjubEngine> Circuit for PoRCCircuit<'a, E> { challenged_leaf.ok_or_else(|| SynthesisError::AssignmentMissing) })?; - leaf_num.inputize(cs.namespace(|| "leaf_input"))?; - // This is an injective encoding, as cur is a // point in the prime order subgroup. let mut cur = leaf_num; @@ -182,6 +229,7 @@ mod tests { use sapling_crypto::jubjub::JubjubBls12; use crate::circuit::test::*; + use crate::compound_proof; use crate::drgraph::{new_seed, BucketGraph, Graph}; use crate::fr32::fr_into_bytes; use crate::hasher::pedersen::*; @@ -260,8 +308,72 @@ mod tests { assert!(cs.is_satisfied(), "constraints not satisfied"); - assert_eq!(cs.num_inputs(), 7, "wrong number of inputs"); - assert_eq!(cs.num_constraints(), 13828, "wrong number of constraints"); + assert_eq!(cs.num_inputs(), 5, "wrong number of inputs"); + assert_eq!(cs.num_constraints(), 13826, "wrong number of constraints"); assert_eq!(cs.get_input(0, "ONE"), Fr::one()); } + + #[test] + fn porc_test_compound() { + let params = &JubjubBls12::new(); + let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + + let leaves = 32; + + let setup_params = compound_proof::SetupParams { + vanilla_params: &porc::SetupParams { + leaves, + sectors_count: 2, + }, + engine_params: params, + partitions: None, + }; + + let pub_params = + PoRCCompound::::setup(&setup_params).expect("setup failed"); + + let data1: Vec = (0..32) + .flat_map(|_| fr_into_bytes::(&rng.gen())) + .collect(); + let data2: Vec = (0..32) + .flat_map(|_| fr_into_bytes::(&rng.gen())) + .collect(); + + let graph1 = BucketGraph::::new(32, 5, 0, new_seed()); + let tree1 = graph1.merkle_tree(data1.as_slice()).unwrap(); + + let graph2 = BucketGraph::::new(32, 5, 0, new_seed()); + let tree2 = graph2.merkle_tree(data1.as_slice()).unwrap(); + + let pub_inputs = porc::PublicInputs { + challenges: &vec![rng.gen(), rng.gen()], + commitments: &[tree1.root(), tree2.root()], + }; + + let priv_inputs = porc::PrivateInputs:: { + trees: &[&tree1, &tree2], + replicas: &[&data1, &data2], + }; + + let proof = + PoRCCompound::::prove(&pub_params, &pub_inputs, &priv_inputs, None) + .expect("failed while proving"); + + let (circuit, inputs) = PoRCCompound::::circuit_for_test( + &pub_params, + &pub_inputs, + &priv_inputs, + ); + + let mut cs = TestConstraintSystem::new(); + + let _ = circuit.synthesize(&mut cs); + assert!(cs.is_satisfied()); + assert!(cs.verify(&inputs)); + + let verified = PoRCCompound::::verify(&pub_params, &pub_inputs, &proof) + .expect("failed while verifying"); + + assert!(verified); + } } diff --git a/storage-proofs/src/hvh_post.rs b/storage-proofs/src/hvh_post.rs index 10e2e6d45..ec2c66cc9 100644 --- a/storage-proofs/src/hvh_post.rs +++ b/storage-proofs/src/hvh_post.rs @@ -53,7 +53,7 @@ impl> ParameterSetIdentifier for PublicParams { pub struct PublicInputs { /// The root hash of the merkle tree of the sealed sector. pub commitments: Vec, - /// The initial set of challengs. Must be of length `challenge_count`. + /// The initial set of challenges. Must be of length `challenge_count`. pub challenges: Vec, } diff --git a/storage-proofs/src/parameter_cache.rs b/storage-proofs/src/parameter_cache.rs index 69eeec8e6..998ce7ae4 100644 --- a/storage-proofs/src/parameter_cache.rs +++ b/storage-proofs/src/parameter_cache.rs @@ -16,7 +16,7 @@ use std::time::Instant; use crate::SP_LOG; /// Bump this when circuits change to invalidate the cache. -pub const VERSION: usize = 7; +pub const VERSION: usize = 8; pub const PARAMETER_CACHE_DIR: &str = "/tmp/filecoin-proof-parameters/"; diff --git a/storage-proofs/src/util.rs b/storage-proofs/src/util.rs index 688c74109..56fc92aa5 100644 --- a/storage-proofs/src/util.rs +++ b/storage-proofs/src/util.rs @@ -5,7 +5,7 @@ use sapling_crypto::circuit::boolean::{self, AllocatedBit, Boolean}; pub const NODE_SIZE: usize = 32; -/// Returnst the start position of the data, 0-indexed. +/// Returns the start position of the data, 0-indexed. pub fn data_at_node_offset(v: usize) -> usize { v * NODE_SIZE } From 00a927e372a45ee3c9c96fdd0f1f1fbf44ba59a9 Mon Sep 17 00:00:00 2001 From: porcuquine Date: Fri, 4 Jan 2019 17:55:37 -0800 Subject: [PATCH 6/7] Implement HvhPostCompound::circuit. --- storage-proofs/src/circuit/bacon_post.rs | 25 ++-- storage-proofs/src/circuit/hvh_post.rs | 144 ++++++++++++++++++++++- storage-proofs/src/vdf.rs | 3 + storage-proofs/src/vdf_sloth.rs | 20 ++++ 4 files changed, 180 insertions(+), 12 deletions(-) diff --git a/storage-proofs/src/circuit/bacon_post.rs b/storage-proofs/src/circuit/bacon_post.rs index 772abf434..74e318893 100644 --- a/storage-proofs/src/circuit/bacon_post.rs +++ b/storage-proofs/src/circuit/bacon_post.rs @@ -1,3 +1,5 @@ +use std::marker::PhantomData; + use bellman::{Circuit, ConstraintSystem, SynthesisError}; use pairing::bls12_381::{Bls12, Fr}; use sapling_crypto::jubjub::JubjubEngine; @@ -11,7 +13,7 @@ use crate::proof::ProofScheme; use crate::vdf::Vdf; /// This is the `BACON-PoSt` circuit. -pub struct BaconPoStCircuit<'a, E: JubjubEngine> { +pub struct BaconPoStCircuit<'a, E: JubjubEngine, H: Hasher, V: Vdf> { /// Parameters for the engine. pub params: &'a E::Params, @@ -28,6 +30,8 @@ pub struct BaconPoStCircuit<'a, E: JubjubEngine> { pub challenged_leafs_vec_vec: Vec>>>, pub commitments_vec_vec: Vec>>>, pub paths_vec_vec: Vec>>>>, + _h: PhantomData, + _v: PhantomData, } pub struct BaconPoStCompound {} @@ -35,12 +39,15 @@ pub struct BaconPoStCompound {} #[derive(Clone, Default)] pub struct ComponentPrivateInputs {} -impl<'a, E: JubjubEngine> CircuitComponent for BaconPoStCircuit<'a, E> { +impl<'a, E: JubjubEngine, H: Hasher, V: Vdf> CircuitComponent + for BaconPoStCircuit<'a, E, H, V> +{ type ComponentPrivateInputs = ComponentPrivateInputs; } impl<'a, H: Hasher, V: Vdf> - CompoundProof<'a, Bls12, BaconPoSt, BaconPoStCircuit<'a, Bls12>> for BaconPoStCompound + CompoundProof<'a, Bls12, BaconPoSt, BaconPoStCircuit<'a, Bls12, H, V>> + for BaconPoStCompound where >::PublicParams: Send + Sync, >::Proof: Send + Sync, @@ -55,11 +62,11 @@ where } fn circuit( _pub_in: & as ProofScheme<'a>>::PublicInputs, - _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, + _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, _vanilla_proof: & as ProofScheme<'a>>::Proof, _pub_params: & as ProofScheme<'a>>::PublicParams, _engine_params: &'a ::Params, - ) -> BaconPoStCircuit<'a, Bls12> { + ) -> BaconPoStCircuit<'a, Bls12, H, V> { unimplemented!() } } @@ -114,7 +121,9 @@ impl, P: ParameterSetIdentifier> CacheableParamet // Ok(res) // } -impl<'a, E: JubjubEngine> Circuit for BaconPoStCircuit<'a, E> { +impl<'a, E: JubjubEngine, H: Hasher, V: Vdf> Circuit + for BaconPoStCircuit<'a, E, H, V> +{ fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> { let post_periods_count = self.vdf_ys_vec.len(); @@ -345,7 +354,7 @@ mod tests { let mut cs = TestConstraintSystem::::new(); - let instance = BaconPoStCircuit { + let instance = BaconPoStCircuit:: { params, // beacon_randomness_vec, // challenges_vec, @@ -356,6 +365,8 @@ mod tests { challenged_leafs_vec_vec, paths_vec_vec, commitments_vec_vec, + _h: PhantomData, + _v: PhantomData, }; instance diff --git a/storage-proofs/src/circuit/hvh_post.rs b/storage-proofs/src/circuit/hvh_post.rs index d24a594d3..b4b0ec48a 100644 --- a/storage-proofs/src/circuit/hvh_post.rs +++ b/storage-proofs/src/circuit/hvh_post.rs @@ -4,10 +4,11 @@ use sapling_crypto::circuit::num; use sapling_crypto::jubjub::JubjubEngine; use crate::circuit::constraint; -use crate::circuit::porc; +use crate::circuit::porc::{self, PoRCCompound}; use crate::circuit::sloth; use crate::compound_proof::{CircuitComponent, CompoundProof}; use crate::hasher::Hasher; +use crate::hvh_post; use crate::hvh_post::HvhPost; use crate::parameter_cache::{CacheableParameters, ParameterSetIdentifier}; use crate::proof::ProofScheme; @@ -65,11 +66,70 @@ where fn circuit( _pub_in: & as ProofScheme<'a>>::PublicInputs, _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, - _vanilla_proof: & as ProofScheme<'a>>::Proof, - _pub_params: & as ProofScheme<'a>>::PublicParams, - _engine_params: &'a ::Params, + vanilla_proof: & as ProofScheme<'a>>::Proof, + pub_params: & as ProofScheme<'a>>::PublicParams, + engine_params: &'a ::Params, ) -> HvhPostCircuit<'a, Bls12> { - unimplemented!() + let vdf_ys = vanilla_proof + .ys + .iter() + .map(|y| Some(y.clone().into())) + .collect::>(); + + let vdf_xs = vanilla_proof + .porep_proofs + .iter() + .take(vdf_ys.len()) + .map(|p| Some(hvh_post::extract_vdf_input(p).into())) + .collect(); + + let mut paths_vec = Vec::new(); + let mut challenged_leafs_vec = Vec::new(); + let mut commitments_vec = Vec::new(); + + for porep_proof in &vanilla_proof.porep_proofs { + // -- paths + paths_vec.push( + porep_proof + .paths() + .iter() + .map(|p| { + p.iter() + .map(|v| Some((v.0.into(), v.1))) + .collect::>() + }) + .collect::>(), + ); + + // -- challenged leafs + challenged_leafs_vec.push( + porep_proof + .leafs() + .iter() + .map(|l| Some((**l).into())) + .collect::>(), + ); + + // -- commitments + commitments_vec.push( + porep_proof + .commitments() + .iter() + .map(|c| Some((**c).into())) + .collect::>(), + ); + } + + HvhPostCircuit { + params: engine_params, + vdf_key: Some(V::key(&pub_params.pub_params_vdf).into()), + vdf_ys, + vdf_xs, + vdf_sloth_rounds: V::rounds(&pub_params.pub_params_vdf), + challenged_leafs_vec, + commitments_vec, + paths_vec, + } } } @@ -169,6 +229,7 @@ mod tests { use sapling_crypto::jubjub::JubjubBls12; use crate::circuit::test::*; + use crate::compound_proof; use crate::drgraph::{new_seed, BucketGraph, Graph}; use crate::fr32::fr_into_bytes; use crate::hasher::pedersen::*; @@ -307,4 +368,77 @@ mod tests { assert_eq!(cs.num_constraints(), 304118, "wrong number of constraints"); assert_eq!(cs.get_input(0, "ONE"), Fr::one()); } + + #[test] + fn test_hvh_post_compound() { + let params = &JubjubBls12::new(); + let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); + + let lambda = 32; + + let setup_params = compound_proof::SetupParams { + vanilla_params: &hvh_post::SetupParams:: { + challenge_count: 10, + sector_size: 1024 * lambda, + post_epochs: 3, + setup_params_vdf: vdf_sloth::SetupParams { + key: rng.gen(), + rounds: 1, + }, + sectors_count: 2, + }, + engine_params: params, + partitions: None, + }; + + let pub_params: compound_proof::PublicParams< + _, + hvh_post::HvhPost, + > = HvhPostCompound::setup(&setup_params).expect("setup failed"); + + let data0: Vec = (0..1024) + .flat_map(|_| fr_into_bytes::(&rng.gen())) + .collect(); + let data1: Vec = (0..1024) + .flat_map(|_| fr_into_bytes::(&rng.gen())) + .collect(); + + let graph0 = BucketGraph::::new(1024, 5, 0, new_seed()); + let tree0 = graph0.merkle_tree(data0.as_slice()).unwrap(); + let graph1 = BucketGraph::::new(1024, 5, 0, new_seed()); + let tree1 = graph1.merkle_tree(data1.as_slice()).unwrap(); + + let pub_inputs = hvh_post::PublicInputs { + challenges: vec![rng.gen(), rng.gen()], + commitments: vec![tree0.root(), tree1.root()], + }; + + let replicas = [&data0[..], &data1[..]]; + let trees = [&tree0, &tree1]; + let priv_inputs = //: hvh_post::PrivateInputs = + hvh_post::PrivateInputs::::new(&replicas[..], &trees[..]); + + // Without the commented section below, this test doesn't do much. + // However, the test cannot pass until generate_public_inputs is implemented. + // That is currently blocked on a clearer sense of how the circuit should behave. + /* + let proof = HvhPostCompound::prove(&pub_params, &pub_inputs, &priv_inputs, None) + .expect("failed while proving"); + + let (circuit, inputs) = + HvhPostCompound::circuit_for_test(&pub_params, &pub_inputs, &priv_inputs); + + let mut cs = TestConstraintSystem::new(); + + let _ = circuit.synthesize(&mut cs); + assert!(cs.is_satisfied()); + assert!(cs.verify(&inputs)); + + let verified = HvhPostCompound::verify(&pub_params, &pub_inputs, &proof) + .expect("failed while verifying"); + + assert!(verified); + */ + } + } diff --git a/storage-proofs/src/vdf.rs b/storage-proofs/src/vdf.rs index 9232984cb..450145f4c 100644 --- a/storage-proofs/src/vdf.rs +++ b/storage-proofs/src/vdf.rs @@ -10,4 +10,7 @@ pub trait Vdf: Clone + ::std::fmt::Debug { fn setup(_: &Self::SetupParams) -> Result; fn eval(_: &Self::PublicParams, _: &T) -> Result<(T, Self::Proof)>; fn verify(_: &Self::PublicParams, _: &T, _: &T, _: &Self::Proof) -> Result; + + fn key(pp: &Self::PublicParams) -> T; + fn rounds(pp: &Self::PublicParams) -> usize; } diff --git a/storage-proofs/src/vdf_sloth.rs b/storage-proofs/src/vdf_sloth.rs index b9d4b9e82..9b67aef42 100644 --- a/storage-proofs/src/vdf_sloth.rs +++ b/storage-proofs/src/vdf_sloth.rs @@ -3,12 +3,16 @@ use pairing::bls12_381::{Bls12, Fr}; use crate::crypto::sloth; use crate::error::Result; use crate::hasher::pedersen::PedersenDomain; +use crate::parameter_cache::ParameterSetIdentifier; use crate::vdf::Vdf; /// VDF construction using sloth. #[derive(Debug, Clone)] pub struct Sloth {} +unsafe impl Sync for Sloth {} +unsafe impl Send for Sloth {} + #[derive(Debug, Clone)] pub struct SetupParams { pub key: PedersenDomain, @@ -21,6 +25,15 @@ pub struct PublicParams { pub rounds: usize, } +impl ParameterSetIdentifier for PublicParams { + fn parameter_set_identifier(&self) -> String { + format!( + "vdf_sloth::PublicParams{{key: {:?}; rounds: {}}}", + self.key, self.rounds + ) + } +} + #[derive(Debug, Clone)] pub struct Proof {} @@ -56,4 +69,11 @@ impl Vdf for Sloth { Ok(&decoded == x) } + + fn key(pp: &self::PublicParams) -> PedersenDomain { + pp.key + } + fn rounds(pp: &self::PublicParams) -> usize { + pp.rounds + } } From ecc133096738e4a92f7e0f01489f1a1f193c43ab Mon Sep 17 00:00:00 2001 From: porcuquine Date: Mon, 7 Jan 2019 10:13:57 -0800 Subject: [PATCH 7/7] Rename all bacon to beacon. --- .../src/{bacon_post.rs => beacon_post.rs} | 20 +++---- .../circuit/{bacon_post.rs => beacon_post.rs} | 52 +++++++++---------- storage-proofs/src/circuit/mod.rs | 2 +- storage-proofs/src/lib.rs | 2 +- 4 files changed, 38 insertions(+), 38 deletions(-) rename storage-proofs/src/{bacon_post.rs => beacon_post.rs} (94%) rename storage-proofs/src/circuit/{bacon_post.rs => beacon_post.rs} (88%) diff --git a/storage-proofs/src/bacon_post.rs b/storage-proofs/src/beacon_post.rs similarity index 94% rename from storage-proofs/src/bacon_post.rs rename to storage-proofs/src/beacon_post.rs index c3a3f05dd..df14acda1 100644 --- a/storage-proofs/src/bacon_post.rs +++ b/storage-proofs/src/beacon_post.rs @@ -26,7 +26,7 @@ pub struct PublicParams> { impl> ParameterSetIdentifier for PublicParams { fn parameter_set_identifier(&self) -> String { format!( - "bacon_post::PublicParams{{pub_params_hvh_post: {}, post_periods_count: {}", + "beacon_post::PublicParams{{pub_params_hvh_post: {}, post_periods_count: {}", self.pub_params_hvh_post.parameter_set_identifier(), self.post_periods_count ) @@ -59,7 +59,7 @@ impl<'a, H: 'a + Hasher> PrivateInputs<'a, H> { } } -/// Bacon-PoSt +/// Beacon-PoSt /// This is one construction of a Proof-of-Spacetime. /// It currently only supports proving over a single sector. #[derive(Clone, Debug)] @@ -72,7 +72,7 @@ impl<'a, H: Hasher + 'a, V: Vdf> Proof<'a, H, V> { } #[derive(Clone, Debug, Default)] -pub struct BaconPoSt> { +pub struct BeaconPoSt> { _t: PhantomData, _v: PhantomData, } @@ -98,7 +98,7 @@ impl Beacon { } } -impl<'a, H: Hasher, V: Vdf> ProofScheme<'a> for BaconPoSt +impl<'a, H: Hasher, V: Vdf> ProofScheme<'a> for BeaconPoSt where H: 'a, { @@ -138,7 +138,7 @@ where // First (t = 0) { - // Run Bacon + // Run Beacon let r = beacon.get::(0); // Generate challenges @@ -162,7 +162,7 @@ where // The rest (t = 1..post_periods_count) for t in 1..post_periods_count { - // Run Bacon + // Run Beacon let r = beacon.get::(t); let x = extract_post_input::(&proofs_hvh_post[t - 1]); @@ -289,7 +289,7 @@ mod tests { use crate::vdf_sloth; #[test] - fn test_bacon_post_basics() { + fn test_beacon_post_basics() { let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); let sp = SetupParams:: { @@ -306,7 +306,7 @@ mod tests { post_periods_count: 3, }; - let pub_params = BaconPoSt::::setup(&sp).unwrap(); + let pub_params = BeaconPoSt::::setup(&sp).unwrap(); let data0: Vec = (0..1024) .flat_map(|_| fr_into_bytes::(&rng.gen())) @@ -330,8 +330,8 @@ mod tests { _h: PhantomData, }; - let proof = BaconPoSt::prove(&pub_params, &pub_inputs, &priv_inputs).unwrap(); + let proof = BeaconPoSt::prove(&pub_params, &pub_inputs, &priv_inputs).unwrap(); - assert!(BaconPoSt::verify(&pub_params, &pub_inputs, &proof).unwrap()); + assert!(BeaconPoSt::verify(&pub_params, &pub_inputs, &proof).unwrap()); } } diff --git a/storage-proofs/src/circuit/bacon_post.rs b/storage-proofs/src/circuit/beacon_post.rs similarity index 88% rename from storage-proofs/src/circuit/bacon_post.rs rename to storage-proofs/src/circuit/beacon_post.rs index 74e318893..a6c42bd5d 100644 --- a/storage-proofs/src/circuit/bacon_post.rs +++ b/storage-proofs/src/circuit/beacon_post.rs @@ -4,7 +4,7 @@ use bellman::{Circuit, ConstraintSystem, SynthesisError}; use pairing::bls12_381::{Bls12, Fr}; use sapling_crypto::jubjub::JubjubEngine; -use crate::bacon_post::BaconPoSt; +use crate::beacon_post::BeaconPoSt; use crate::circuit::hvh_post; use crate::compound_proof::{CircuitComponent, CompoundProof}; use crate::hasher::Hasher; @@ -12,8 +12,8 @@ use crate::parameter_cache::{CacheableParameters, ParameterSetIdentifier}; use crate::proof::ProofScheme; use crate::vdf::Vdf; -/// This is the `BACON-PoSt` circuit. -pub struct BaconPoStCircuit<'a, E: JubjubEngine, H: Hasher, V: Vdf> { +/// This is the `Beacon-PoSt` circuit. +pub struct BeaconPoStCircuit<'a, E: JubjubEngine, H: Hasher, V: Vdf> { /// Parameters for the engine. pub params: &'a E::Params, @@ -34,48 +34,48 @@ pub struct BaconPoStCircuit<'a, E: JubjubEngine, H: Hasher, V: Vdf> { _v: PhantomData, } -pub struct BaconPoStCompound {} +pub struct BeaconPoStCompound {} #[derive(Clone, Default)] pub struct ComponentPrivateInputs {} impl<'a, E: JubjubEngine, H: Hasher, V: Vdf> CircuitComponent - for BaconPoStCircuit<'a, E, H, V> + for BeaconPoStCircuit<'a, E, H, V> { type ComponentPrivateInputs = ComponentPrivateInputs; } impl<'a, H: Hasher, V: Vdf> - CompoundProof<'a, Bls12, BaconPoSt, BaconPoStCircuit<'a, Bls12, H, V>> - for BaconPoStCompound + CompoundProof<'a, Bls12, BeaconPoSt, BeaconPoStCircuit<'a, Bls12, H, V>> + for BeaconPoStCompound where >::PublicParams: Send + Sync, >::Proof: Send + Sync, H: 'a, { fn generate_public_inputs( - _pub_in: & as ProofScheme<'a>>::PublicInputs, - _pub_params: & as ProofScheme<'a>>::PublicParams, + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _pub_params: & as ProofScheme<'a>>::PublicParams, _partition_k: Option, ) -> Vec { unimplemented!(); } fn circuit( - _pub_in: & as ProofScheme<'a>>::PublicInputs, - _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, - _vanilla_proof: & as ProofScheme<'a>>::Proof, - _pub_params: & as ProofScheme<'a>>::PublicParams, + _pub_in: & as ProofScheme<'a>>::PublicInputs, + _component_private_inputs: as CircuitComponent>::ComponentPrivateInputs, + _vanilla_proof: & as ProofScheme<'a>>::Proof, + _pub_params: & as ProofScheme<'a>>::PublicParams, _engine_params: &'a ::Params, - ) -> BaconPoStCircuit<'a, Bls12, H, V> { + ) -> BeaconPoStCircuit<'a, Bls12, H, V> { unimplemented!() } } impl, P: ParameterSetIdentifier> CacheableParameters - for BaconPoStCompound + for BeaconPoStCompound { fn cache_prefix() -> String { - String::from("bacon-post") + String::from("beacon-post") } } @@ -122,7 +122,7 @@ impl, P: ParameterSetIdentifier> CacheableParamet // } impl<'a, E: JubjubEngine, H: Hasher, V: Vdf> Circuit - for BaconPoStCircuit<'a, E, H, V> + for BeaconPoStCircuit<'a, E, H, V> { fn synthesize>(self, cs: &mut CS) -> Result<(), SynthesisError> { let post_periods_count = self.vdf_ys_vec.len(); @@ -223,7 +223,7 @@ mod tests { use rand::{Rng, SeedableRng, XorShiftRng}; use sapling_crypto::jubjub::JubjubBls12; - use crate::bacon_post; + use crate::beacon_post; use crate::circuit::test::*; use crate::drgraph::{new_seed, BucketGraph, Graph}; use crate::fr32::fr_into_bytes; @@ -233,13 +233,13 @@ mod tests { use crate::vdf_sloth; #[test] - fn test_bacon_post_circuit_with_bls12_381() { + fn test_beacon_post_circuit_with_bls12_381() { let params = &JubjubBls12::new(); let rng = &mut XorShiftRng::from_seed([0x3dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]); let lambda = 32; - let sp = bacon_post::SetupParams:: { + let sp = beacon_post::SetupParams:: { setup_params_hvh_post: hvh_post::SetupParams:: { challenge_count: 4, sector_size: 256 * lambda, @@ -254,7 +254,7 @@ mod tests { }; let pub_params = - bacon_post::BaconPoSt::::setup(&sp).unwrap(); + beacon_post::BeaconPoSt::::setup(&sp).unwrap(); let data0: Vec = (0..256) .flat_map(|_| fr_into_bytes::(&rng.gen())) @@ -268,16 +268,16 @@ mod tests { let graph1 = BucketGraph::::new(256, 5, 0, new_seed()); let tree1 = graph1.merkle_tree(data1.as_slice()).unwrap(); - let pub_inputs = bacon_post::PublicInputs { + let pub_inputs = beacon_post::PublicInputs { commitments: vec![tree0.root(), tree1.root()], }; let replicas = [&data0[..], &data1[..]]; let trees = [&tree0, &tree1]; - let priv_inputs = bacon_post::PrivateInputs::new(&replicas[..], &trees[..]); + let priv_inputs = beacon_post::PrivateInputs::new(&replicas[..], &trees[..]); - let proof = BaconPoSt::prove(&pub_params, &pub_inputs, &priv_inputs).unwrap(); + let proof = BeaconPoSt::prove(&pub_params, &pub_inputs, &priv_inputs).unwrap(); - assert!(BaconPoSt::verify(&pub_params, &pub_inputs, &proof).unwrap()); + assert!(BeaconPoSt::verify(&pub_params, &pub_inputs, &proof).unwrap()); // actual circuit test @@ -354,7 +354,7 @@ mod tests { let mut cs = TestConstraintSystem::::new(); - let instance = BaconPoStCircuit:: { + let instance = BeaconPoStCircuit:: { params, // beacon_randomness_vec, // challenges_vec, diff --git a/storage-proofs/src/circuit/mod.rs b/storage-proofs/src/circuit/mod.rs index 2f8f99dd9..a36bc0363 100644 --- a/storage-proofs/src/circuit/mod.rs +++ b/storage-proofs/src/circuit/mod.rs @@ -2,7 +2,7 @@ mod constraint; pub mod por; -pub mod bacon_post; +pub mod beacon_post; pub mod drgporep; pub mod hvh_post; pub mod kdf; diff --git a/storage-proofs/src/lib.rs b/storage-proofs/src/lib.rs index 505f32d2f..2d466861a 100644 --- a/storage-proofs/src/lib.rs +++ b/storage-proofs/src/lib.rs @@ -47,8 +47,8 @@ pub mod test_helper; pub mod example_helper; -pub mod bacon_post; pub mod batchpost; +pub mod beacon_post; pub mod challenge_derivation; pub mod circuit; pub mod compound_proof;