fix(storage-proofs): spec sync

The first round of updating naming and adjusting some smaller things better matching the spec. Important to note - fixed logic in tapering, such that it starts at the last layer note the first - split labeling proofs and encoding proofs - add missing round of labeling proofs for the last layer - add missing checks for column proof - improve efficiency of the comm_r check
filecoin-project · Nov 8, 2019 · f2fcbf7 · f2fcbf7
1 parent fc438a2
commit f2fcbf7
Show file tree

Hide file tree

Showing 23 changed files with 388 additions and 241 deletions.
diff --git a/storage-proofs/src/circuit/kdf.rs → storage-proofs/src/circuit/create_label.rs b/storage-proofs/src/circuit/kdf.rs → storage-proofs/src/circuit/create_label.rs
@@ -8,7 +8,7 @@ use fil_sapling_crypto::jubjub::JubjubEngine;
 use crate::circuit::uint64;
 
 /// Key derivation function.
-pub fn kdf<E, CS>(
+pub fn create_label<E, CS>(
     mut cs: CS,
     id: &[Boolean],
     parents: Vec<Vec<Boolean>>,
@@ -18,7 +18,7 @@ where
     E: JubjubEngine,
     CS: ConstraintSystem<E>,
 {
-    trace!("circuit: kdf");
+    trace!("circuit: create_label");
     // ciphertexts will become a buffer of the layout
     // id | node | encodedParentNode1 | encodedParentNode1 | ...
 
@@ -32,7 +32,7 @@ where
         ciphertexts.extend_from_slice(&parent);
     }
 
-    trace!("circuit: kdf: sha256");
+    trace!("circuit: create_label: sha256");
     let alloc_bits = sha256_circuit(cs.namespace(|| "hash"), &ciphertexts[..])?;
     let fr = if alloc_bits[0].get_value().is_some() {
         let be_bits = alloc_bits
@@ -68,7 +68,7 @@ mod tests {
     use rand::{Rng, SeedableRng, XorShiftRng};
 
     #[test]
-    fn kdf_circuit_no_node() {
+    fn create_label_circuit_no_node() {
         let mut cs = TestConstraintSystem::<Bls12>::new();
         let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]);
 
@@ -90,8 +90,13 @@ mod tests {
                 bytes_into_boolean_vec_be(&mut cs, Some(p.as_slice()), p.len()).unwrap()
             })
             .collect();
-        let out = kdf(cs.namespace(|| "kdf"), &id_bits, parents_bits.clone(), None)
-            .expect("key derivation function failed");
+        let out = create_label(
+            cs.namespace(|| "create_label"),
+            &id_bits,
+            parents_bits.clone(),
+            None,
+        )
+        .expect("key derivation function failed");
 
         assert!(cs.is_satisfied(), "constraints not satisfied");
         assert_eq!(cs.num_constraints(), 292540);
@@ -101,7 +106,7 @@ mod tests {
             acc
         });
 
-        let expected = crypto::kdf::kdf(input_bytes.as_slice(), m);
+        let expected = crypto::create_label::create_label(input_bytes.as_slice(), m);
 
         assert_eq!(
             expected,
@@ -110,7 +115,7 @@ mod tests {
         );
     }
     #[test]
-    fn kdf_circuit_with_node() {
+    fn create_label_circuit_with_node() {
         let mut cs = TestConstraintSystem::<Bls12>::new();
         let mut rng = XorShiftRng::from_seed([0x5dbe6259, 0x8d313d76, 0x3237db17, 0xe5bc0654]);
 
@@ -136,8 +141,8 @@ mod tests {
         let node_raw = 123456789u64;
         let node = uint64::UInt64::constant(node_raw);
 
-        let out = kdf(
-            cs.namespace(|| "kdf"),
+        let out = create_label(
+            cs.namespace(|| "create_label"),
             &id_bits,
             parents_bits.clone(),
             Some(node),
@@ -154,7 +159,7 @@ mod tests {
             input_bytes.extend_from_slice(parent);
         }
 
-        let expected = crypto::kdf::kdf(input_bytes.as_slice(), m);
+        let expected = crypto::create_label::create_label(input_bytes.as_slice(), m);
 
         assert_eq!(
             expected,

diff --git a/storage-proofs/src/circuit/drgporep.rs b/storage-proofs/src/circuit/drgporep.rs
@@ -7,8 +7,8 @@ use fil_sapling_crypto::jubjub::JubjubEngine;
 use paired::bls12_381::{Bls12, Fr};
 
 use crate::circuit::constraint;
+use crate::circuit::create_label::create_label as kdf;
 use crate::circuit::encode;
-use crate::circuit::kdf::kdf;
 use crate::circuit::por::{PoRCircuit, PoRCompound};
 use crate::circuit::variables::Root;
 use crate::compound_proof::{CircuitComponent, CompoundProof};

diff --git a/storage-proofs/src/circuit/mod.rs b/storage-proofs/src/circuit/mod.rs
@@ -1,8 +1,8 @@
 mod constraint;
 
+pub mod create_label;
 pub mod drgporep;
 pub mod encode;
-pub mod kdf;
 pub mod multi_proof;
 pub mod pedersen;
 pub mod por;

diff --git a/storage-proofs/src/circuit/stacked/encoding_proof.rs b/storage-proofs/src/circuit/stacked/encoding_proof.rs
@@ -3,7 +3,7 @@ use fil_sapling_crypto::circuit::{boolean::Boolean, num};
 use fil_sapling_crypto::jubjub::JubjubEngine;
 use paired::bls12_381::{Bls12, Fr};
 
-use crate::circuit::{constraint, encode::encode, kdf::kdf, uint64};
+use crate::circuit::{constraint, create_label::create_label as kdf, encode::encode, uint64};
 use crate::drgraph::Graph;
 use crate::fr32::fr_into_bytes;
 use crate::hasher::Hasher;
@@ -18,15 +18,10 @@ pub struct EncodingProof {
 
 impl EncodingProof {
     /// Create an empty proof, used in `blank_circuit`s.
-    pub fn empty<H: Hasher>(params: &PublicParams<H>, layer: usize) -> Self {
-        let degree = if layer == 1 {
-            params.graph.base_graph().degree()
-        } else {
-            params.graph.degree()
-        };
+    pub fn empty<H: Hasher>(params: &PublicParams<H>) -> Self {
         EncodingProof {
             node: None,
-            parents: vec![None; degree],
+            parents: vec![None; params.graph.degree()],
         }
     }
 
@@ -68,30 +63,7 @@ impl EncodingProof {
         )
     }
 
-    pub fn synthesize_key<CS: ConstraintSystem<Bls12>>(
-        self,
-        mut cs: CS,
-        params: &<Bls12 as JubjubEngine>::Params,
-        replica_id: &[Boolean],
-        exp_encoded_node: &num::AllocatedNum<Bls12>,
-    ) -> Result<(), SynthesisError> {
-        let EncodingProof { node, parents } = self;
-
-        let key = Self::create_key(
-            cs.namespace(|| "create_key"),
-            params,
-            replica_id,
-            node,
-            parents,
-        )?;
-
-        // enforce equality
-        constraint::equal(&mut cs, || "equality_key", &exp_encoded_node, &key);
-
-        Ok(())
-    }
-
-    pub fn synthesize_decoded<CS: ConstraintSystem<Bls12>>(
+    pub fn synthesize<CS: ConstraintSystem<Bls12>>(
         self,
         mut cs: CS,
         params: &<Bls12 as JubjubEngine>::Params,

diff --git a/storage-proofs/src/circuit/stacked/labeling_proof.rs b/storage-proofs/src/circuit/stacked/labeling_proof.rs
@@ -0,0 +1,104 @@
+use bellperson::{ConstraintSystem, SynthesisError};
+use fil_sapling_crypto::circuit::{boolean::Boolean, num};
+use fil_sapling_crypto::jubjub::JubjubEngine;
+use paired::bls12_381::{Bls12, Fr};
+
+use crate::circuit::{constraint, create_label::create_label, uint64};
+use crate::drgraph::Graph;
+use crate::fr32::fr_into_bytes;
+use crate::hasher::Hasher;
+use crate::stacked::{LabelingProof as VanillaLabelingProof, PublicParams};
+use crate::util::bytes_into_boolean_vec_be;
+
+#[derive(Debug, Clone)]
+pub struct LabelingProof {
+    node: Option<u64>,
+    parents: Vec<Option<Fr>>,
+}
+
+impl LabelingProof {
+    /// Create an empty proof, used in `blank_circuit`s.
+    pub fn empty<H: Hasher>(params: &PublicParams<H>, layer: usize) -> Self {
+        let degree = if layer == 1 {
+            params.graph.base_graph().degree()
+        } else {
+            params.graph.degree()
+        };
+        LabelingProof {
+            node: None,
+            parents: vec![None; degree],
+        }
+    }
+
+    fn create_label<CS: ConstraintSystem<Bls12>>(
+        mut cs: CS,
+        _params: &<Bls12 as JubjubEngine>::Params,
+        replica_id: &[Boolean],
+        node: Option<u64>,
+        parents: Vec<Option<Fr>>,
+    ) -> Result<num::AllocatedNum<Bls12>, SynthesisError> {
+        // get the parents into bits
+        let parents_bits: Vec<Vec<Boolean>> = parents
+            .iter()
+            .enumerate()
+            .map(|(i, val)| match val {
+                Some(val) => {
+                    let bytes = fr_into_bytes::<Bls12>(val);
+                    bytes_into_boolean_vec_be(
+                        cs.namespace(|| format!("parents_{}_bits", i)),
+                        Some(&bytes),
+                        256,
+                    )
+                }
+                None => bytes_into_boolean_vec_be(
+                    cs.namespace(|| format!("parents_{}_bits", i)),
+                    None,
+                    256,
+                ),
+            })
+            .collect::<Result<Vec<Vec<Boolean>>, SynthesisError>>()?;
+
+        let node_num = uint64::UInt64::alloc(cs.namespace(|| "node"), node)?;
+
+        create_label(
+            cs.namespace(|| "create_label"),
+            replica_id,
+            parents_bits,
+            Some(node_num),
+        )
+    }
+
+    pub fn synthesize<CS: ConstraintSystem<Bls12>>(
+        self,
+        mut cs: CS,
+        params: &<Bls12 as JubjubEngine>::Params,
+        replica_id: &[Boolean],
+        exp_encoded_node: &num::AllocatedNum<Bls12>,
+    ) -> Result<(), SynthesisError> {
+        let LabelingProof { node, parents } = self;
+
+        let key = Self::create_label(
+            cs.namespace(|| "create_label"),
+            params,
+            replica_id,
+            node,
+            parents,
+        )?;
+
+        // enforce equality
+        constraint::equal(&mut cs, || "equality_key", &exp_encoded_node, &key);
+
+        Ok(())
+    }
+}
+
+impl<H: Hasher> From<VanillaLabelingProof<H>> for LabelingProof {
+    fn from(vanilla_proof: VanillaLabelingProof<H>) -> Self {
+        let VanillaLabelingProof { parents, node, .. } = vanilla_proof;
+
+        LabelingProof {
+            node: Some(node),
+            parents: parents.into_iter().map(|p| Some(p.into())).collect(),
+        }
+    }
+}
diff --git a/storage-proofs/src/circuit/stacked/mod.rs b/storage-proofs/src/circuit/stacked/mod.rs
@@ -2,6 +2,7 @@ mod column;
 mod column_proof;
 mod encoding_proof;
 pub(crate) mod hash;
+mod labeling_proof;
 mod params;
 mod proof;