ZIR-208: Remove EC circuits, add unbatched RSA circuit (#48)

risc0 · Oct 23, 2024 · 6094bc7 · 6094bc7
1 parent ee85492
commit 6094bc7
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 200 deletions.
diff --git a/zirgen/circuit/bigint/BUILD.bazel b/zirgen/circuit/bigint/BUILD.bazel
@@ -32,26 +32,8 @@ cc_library(
 ZKRS = [
  "rsa_256_x1",
  "rsa_256_x2",
+ "rsa_3072_x1",
  "rsa_3072_x15",
- "ec_add_rz8test",
- "ec_add_secp256k1",
- "ec_sub_rz8test",
- "ec_sub_secp256k1",
- "ec_doub_rz8test",
- "ec_doub_secp256k1",
- "ec_mul_rz8test",
- "ec_mul_secp256k1",
- "ec_neg_rz8test",
- "ec_neg_secp256k1",
- "ec_pts_eq_rz8test",
- "ec_pts_eq_secp256k1",
- "ec_on_curve_rz8test",
- "ec_on_curve_secp256k1",
- "ec_add_freely_rz8test",
- "ec_sub_freely_rz8test",
- "ec_doub_freely_rz8test",
- "ec_neg_freely_rz8test",
- "ec_mul_freely_rz8test",
  "const_add_test_8",
  "const_add_alt_test_16",
  "const_mul_test_8",
@@ -67,13 +49,6 @@ ZKRS = [
  "reduce_test_8",
  "reduce_test_128",
  "nondet_inv_test_8",
- # Perf tests, re-enable if needed
- # "rep_ec_add_secp256k1_r5",
- # "rep_ec_add_secp256k1_r10",
- # "rep_ec_add_secp256k1_r256",
- # "rep_ec_doub_secp256k1_r5",
- # "rep_ec_doub_secp256k1_r10",
- # "rep_ec_doub_secp256k1_r256",
 ]
 
 build_circuit(

diff --git a/zirgen/circuit/bigint/gen_bigint.cpp b/zirgen/circuit/bigint/gen_bigint.cpp
@@ -107,6 +107,7 @@ const RsaSpec kRsaSpecs[] = {
 
  // 3072-bit RSA. As of this writing, verifying more than 15
  // claims makes the ZKR too big to run in BIGINT_PO2.
+ {"rsa_3072_x1", 3072, 1},
  {"rsa_3072_x15", 3072, 15},
 };
 
@@ -225,180 +226,6 @@ int main(int argc, char* argv[]) {
  zirgen::BigInt::makeReduceTest(builder, builder.getUnknownLoc(), numBits);
  });
  }
- // Elliptic Curve tests
- for (auto ec : kECSpecs) {
- module.addFunc<0>(std::string("ec_add_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECAddTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- module.addFunc<0>(std::string("ec_doub_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECDoubleTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- module.addFunc<0>(std::string("ec_mul_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECMultiplyTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- module.addFunc<0>(std::string("ec_neg_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECNegateTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- module.addFunc<0>(std::string("ec_sub_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECSubtractTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- module.addFunc<0>(std::string("ec_pts_eq_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECValidatePointsEqualTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- module.addFunc<0>(std::string("ec_on_curve_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECValidatePointOnCurveTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- if (ec.name != "rz8test") {
- continue;
- // only need the test curve for the `freely` ZKRs
- }
- module.addFunc<0>(std::string("ec_add_freely_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECAddFreelyTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- if (ec.name != "rz8test") {
- continue;
- // only need the test curve for the `freely` ZKRs
- }
- module.addFunc<0>(std::string("ec_doub_freely_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECDoubleFreelyTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- if (ec.name != "rz8test") {
- continue;
- // only need the test curve for the `freely` ZKRs
- }
- module.addFunc<0>(std::string("ec_mul_freely_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECMultiplyFreelyTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- if (ec.name != "rz8test") {
- continue;
- // only need the test curve for the `freely` ZKRs
- }
- module.addFunc<0>(std::string("ec_neg_freely_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECNegateFreelyTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- for (auto ec : kECSpecs) {
- if (ec.name != "rz8test") {
- continue;
- // only need the test curve for the `freely` ZKRs
- }
- module.addFunc<0>(std::string("ec_sub_freely_").append(ec.name), {}, [&]() {
- auto& builder = Module::getCurModule()->getBuilder();
- zirgen::BigInt::EC::makeECSubtractFreelyTest(builder,
- builder.getUnknownLoc(),
- ec.numBits,
- ec.curve.prime(),
- ec.curve.a(),
- ec.curve.b());
- });
- }
- // Perf tests
- // If enabled, these repeatedly perform the same operation, giving a better sense of the core
- // costs of the operation without setup/teardown overhead
- // for (size_t numReps : {5, 10, 256}) {
- // const size_t numBits = 256;
- // module.addFunc<0>("rep_ec_add_secp256k1_r" + std::to_string(numReps), {}, [&]() {
- // auto& builder = Module::getCurModule()->getBuilder();
- // zirgen::BigInt::EC::makeRepeatedECAddTest(builder, builder.getUnknownLoc(), numBits,
- // numReps,
- // secp256k1_prime, secp256k1_a, secp256k1_b);
- // });
- // }
- // for (size_t numReps : {5, 10, 256}) {
- // const size_t numBits = 256;
- // module.addFunc<0>("rep_ec_doub_secp256k1_r" + std::to_string(numReps), {}, [&]() {
- // auto& builder = Module::getCurModule()->getBuilder();
- // zirgen::BigInt::EC::makeRepeatedECDoubleTest(builder, builder.getUnknownLoc(), numBits,
- // numReps,
- // secp256k1_prime, secp256k1_a, secp256k1_b);
- // });
- // }
 
  PassManager pm(ctx);
  if (failed(applyPassManagerCLOptions(pm))) {