chore!: update to ACVM 0.13.0 (#1393)

TomAFrench · phated · sirasistant · web-flow · commit 22dee75464d3 · 2023-06-01T22:51:40.000Z
* chore!: Update to ACVM 0.12.0 * feat: adapted to heterogeneous bb calls * chore: update cargo tomls * test: re enabled sort test * fix: improve variable resolution * feat: use dummy constructor for bb call * updates for latest * feat!: Move WitnessMap type into ACVM to avoid leaking BTreeMap type * feat(nargo): Consume CommonReferenceString functions & manage caching (#1348) * switch to published acvm and backend * fix compilation issue * chore: Remove usage of `acvm::default_is_opcode_supported` (#1366) Co-authored-by: Blaine Bublitz <blaine.bublitz@gmail.com> Co-authored-by: Tom French <tom@tomfren.ch> * add issue numbers to TODOs * chore: update to ACVM 0.13.0 * chore: fix broken import * chore: bump commit * chore: Update Acvm 0.13.0 branch (#1465) have acvm-backend-bberg patch reference new branch with additional crate-type * Update Cargo.toml * Update Cargo.toml * update flake.lock * feat!: var message size for keccak in stdlib (#1481) * Var message size for keccak in stdlib * fix the build: remove aes blackbox add domain separator for pedersen * pedersen with domain separator * chore: update pedersen test case for domain separator (#1482) pedersen with domain separator * chore: add pedersen hash with domain separator in stdlib (#1483) * pedersen with domain separator * separator for pedersen * update to acvm 0.13.0 and new acvm-backend-bberg * update cargo lock * update MockBackend in sort test * update merkle_insert and simple_shield for updated pedersen in bberg * try ubuntu-large * remove patch and update to acvm-backend-bberg 0.3.0 * cargo.lock --------- Co-authored-by: Blaine Bublitz <blaine.bublitz@gmail.com> Co-authored-by: sirasistant <sirasistant@gmail.com> Co-authored-by: Maxim Vezenov <mvezenov@gmail.com> Co-authored-by: kevaundray <kevtheappdev@gmail.com> Co-authored-by: guipublic <47281315+guipublic@users.noreply.github.com>
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -24,7 +24,7 @@ edition = "2021"
 rust-version = "1.66"
 
 [workspace.dependencies]
-acvm = "0.12.0"
+acvm = "0.13.0"
 arena = { path = "crates/arena" }
 fm = { path = "crates/fm" }
 iter-extended = { path = "crates/iter-extended" }
diff --git a/crates/nargo/src/errors.rs b/crates/nargo/src/errors.rs
@@ -1,4 +1,4 @@
-use acvm::OpcodeResolutionError;
+use acvm::pwg::OpcodeResolutionError;
 use thiserror::Error;
 
 #[derive(Debug, Error)]
diff --git a/crates/nargo_cli/Cargo.toml b/crates/nargo_cli/Cargo.toml
@@ -39,7 +39,7 @@ color-eyre = "0.6.2"
 tokio = "1.0"
 
 # Backends
-acvm-backend-barretenberg = { version = "0.2.0", default-features = false }
+acvm-backend-barretenberg = { version = "0.3.0", default-features = false }
 
 [dev-dependencies]
 tempdir = "0.3.7"
diff --git a/crates/nargo_cli/src/cli/mod.rs b/crates/nargo_cli/src/cli/mod.rs
@@ -129,7 +129,7 @@ mod tests {
         let mut driver = Driver::new(
             &acvm::Language::R1CS,
             #[allow(deprecated)]
-            Box::new(acvm::default_is_opcode_supported(acvm::Language::R1CS)),
+            Box::new(acvm::pwg::default_is_opcode_supported(acvm::Language::R1CS)),
         );
         driver.create_local_crate(&root_file, CrateType::Binary);
         crate::resolver::add_std_lib(&mut driver);
diff --git a/crates/nargo_cli/tests/test_data/keccak256/src/main.nr b/crates/nargo_cli/tests/test_data/keccak256/src/main.nr
@@ -5,6 +5,18 @@ use dep::std;
 fn main(x: Field, result: [u8; 32]) {
     // We use the `as` keyword here to denote the fact that we want to take just the first byte from the x Field
     // The padding is taken care of by the program
-    let digest = std::hash::keccak256([x as u8]);
+    let digest = std::hash::keccak256([x as u8], 1);
     assert(digest == result);
+    
+    //#1399: variable meesage size 
+    let message_size = 4;
+    let hash_a = std::hash::keccak256([1,2,3,4], message_size);
+    let hash_b = std::hash::keccak256([1,2,3,4,0,0,0,0], message_size);
+
+    assert(hash_a == hash_b);
+
+    let message_size_big = 8;
+    let hash_c = std::hash::keccak256([1,2,3,4,0,0,0,0], message_size_big);
+
+    assert(hash_a != hash_c);
 }
diff --git a/crates/nargo_cli/tests/test_data/merkle_insert/Prover.toml b/crates/nargo_cli/tests/test_data/merkle_insert/Prover.toml
@@ -1,11 +1,11 @@
-old_root = "0x04ccfbbb859b8605546e03dcaf41393476642859ff7f99446c054b841f0e05c8"
+old_root = "0x285785b10eca49cf456b935f1c9787ff571f306c1bc62549c31a9199a633f9f8"
 old_leaf = "0x1cdcf02431ba623767fe389337d011df1048dcc24b98ed81cec97627bab454a0"
 old_hash_path = [
     "0x1cdcf02431ba623767fe389337d011df1048dcc24b98ed81cec97627bab454a0",
     "0x0b5e9666e7323ce925c28201a97ddf4144ac9d148448ed6f49f9008719c1b85b",
     "0x22ec636f8ad30ef78c42b7fe2be4a4cacf5a445cfb5948224539f59a11d70775",
 ]
-new_root = "0x293ee9de893904164a8f8b248b6941217d16a4c9042ec54b71896dddbbce7a3b"
+new_root = "0x2d05c2650e6c2ef02c6dc7fae7f517b8ac191386666c0b5a68130a8c11092f5f"
 leaf = "0x085ca53be9c9d95b57e6e5fc91c5d531ad9e63e85dd71af7e35562991774b435"
 index = "0"
 mimc_input = [12,45,78,41]
diff --git a/crates/nargo_cli/tests/test_data/pedersen_check/Prover.toml b/crates/nargo_cli/tests/test_data/pedersen_check/Prover.toml
@@ -2,5 +2,5 @@ x = "0"
 y = "1"
 salt = "42"
 
-out_x = "0x11831f49876c313f2a9ec6d8d521c7ce0b6311c852117e340bfe27fd1ac096ef"
-out_y = "0x0ecf9d98be4597a88c46a7e0fa8836b57a7dcb41ee30f8d8787b11cc259c83fa"
+out_x = "0x0c5e1ddecd49de44ed5e5798d3f6fb7c71fe3d37f5bee8664cf88a445b5ba0af"
+out_y = "0x230294a041e26fe80b827c2ef5cb8784642bbaa83842da2714d62b1f3c4f9752"
diff --git a/crates/nargo_cli/tests/test_data/simple_shield/Prover.toml b/crates/nargo_cli/tests/test_data/simple_shield/Prover.toml
@@ -1,6 +1,6 @@
 # Random test key
 priv_key = "0x000000000000000000000000000000000000000000000000000000616c696365"
-note_root = "0x293ee9de893904164a8f8b248b6941217d16a4c9042ec54b71896dddbbce7a3b"
+note_root = "0x21386402d57460963f45f32577dc3902c38a6f6fab9ec7b1b708a92e48745de7"
 index = "0"
 note_hash_path = [
     "0x1cdcf02431ba623767fe389337d011df1048dcc24b98ed81cec97627bab454a0",
diff --git a/crates/noirc_driver/src/lib.rs b/crates/noirc_driver/src/lib.rs
@@ -346,6 +346,6 @@ impl Driver {
 impl Default for Driver {
     fn default() -> Self {
         #[allow(deprecated)]
-        Self::new(&Language::R1CS, Box::new(acvm::default_is_opcode_supported(Language::R1CS)))
+        Self::new(&Language::R1CS, Box::new(acvm::pwg::default_is_opcode_supported(Language::R1CS)))
     }
 }
diff --git a/crates/noirc_driver/src/main.rs b/crates/noirc_driver/src/main.rs
@@ -9,7 +9,7 @@ fn main() {
     let mut driver = Driver::new(
         &Language::R1CS,
         #[allow(deprecated)]
-        Box::new(acvm::default_is_opcode_supported(Language::R1CS)),
+        Box::new(acvm::pwg::default_is_opcode_supported(Language::R1CS)),
     );
 
     // Add local crate to dep graph
diff --git a/crates/noirc_evaluator/src/ssa/acir_gen/operations/intrinsics.rs b/crates/noirc_evaluator/src/ssa/acir_gen/operations/intrinsics.rs
@@ -92,7 +92,6 @@ pub(crate) fn evaluate(
                 }
                 BlackBoxFunc::SchnorrVerify
                 | BlackBoxFunc::EcdsaSecp256k1
-                | BlackBoxFunc::ComputeMerkleRoot
                 | BlackBoxFunc::HashToField128Security => {
                     prepare_outputs(&mut acir_gen.memory, instruction_id, 1, ctx, evaluator)
                 }
@@ -107,14 +106,29 @@ pub(crate) fn evaluate(
                     inputs: resolve_array(&args[0], acir_gen, ctx, evaluator),
                     outputs: outputs.to_vec(),
                 },
-                BlackBoxFunc::Keccak256 => BlackBoxFuncCall::Keccak256 {
-                    inputs: resolve_array(&args[0], acir_gen, ctx, evaluator),
-                    outputs: outputs.to_vec(),
-                },
-                BlackBoxFunc::Pedersen => BlackBoxFuncCall::Pedersen {
-                    inputs: resolve_array(&args[0], acir_gen, ctx, evaluator),
-                    outputs: outputs.to_vec(),
-                },
+                BlackBoxFunc::Keccak256 => {
+                    let msg_size = acir_gen
+                        .var_cache
+                        .get_or_compute_internal_var(args[1], evaluator, ctx)
+                        .expect("ICE - could not get an expression for keccak message size");
+                    let witness =
+                        acir_gen.var_cache.get_or_compute_witness_unwrap(msg_size, evaluator, ctx);
+                    let var_message_size = FunctionInput { witness, num_bits: 32 };
+                    BlackBoxFuncCall::Keccak256VariableLength {
+                        inputs: resolve_array(&args[0], acir_gen, ctx, evaluator),
+                        var_message_size,
+                        outputs: outputs.to_vec(),
+                    }
+                }
+                BlackBoxFunc::Pedersen => {
+                    let separator =
+                        ctx.get_as_constant(args[1]).expect("domain separator to be comptime");
+                    BlackBoxFuncCall::Pedersen {
+                        inputs: resolve_array(&args[0], acir_gen, ctx, evaluator),
+                        outputs: outputs.to_vec(),
+                        domain_separator: separator.to_u128() as u32,
+                    }
+                }
                 BlackBoxFunc::FixedBaseScalarMul => BlackBoxFuncCall::FixedBaseScalarMul {
                     input: resolve_variable(&args[0], acir_gen, ctx, evaluator).unwrap(),
                     outputs: outputs.to_vec(),
@@ -133,12 +147,6 @@ pub(crate) fn evaluate(
                     hashed_message: resolve_array(&args[3], acir_gen, ctx, evaluator),
                     output: outputs[0],
                 },
-                BlackBoxFunc::ComputeMerkleRoot => BlackBoxFuncCall::ComputeMerkleRoot {
-                    leaf: resolve_variable(&args[0], acir_gen, ctx, evaluator).unwrap(),
-                    index: resolve_variable(&args[1], acir_gen, ctx, evaluator).unwrap(),
-                    hash_path: resolve_array(&args[2], acir_gen, ctx, evaluator),
-                    output: outputs[0],
-                },
                 BlackBoxFunc::HashToField128Security => BlackBoxFuncCall::HashToField128Security {
                     inputs: resolve_array(&args[0], acir_gen, ctx, evaluator),
                     output: outputs[0],
diff --git a/crates/noirc_evaluator/src/ssa/acir_gen/operations/sort.rs b/crates/noirc_evaluator/src/ssa/acir_gen/operations/sort.rs
@@ -115,8 +115,11 @@ fn permutation_layer(
 mod test {
     use acvm::{
         acir::{circuit::opcodes::FunctionInput, native_types::Witness, native_types::WitnessMap},
-        pwg::{block::Blocks, solve, OpcodeResolution, PartialWitnessGeneratorStatus},
-        FieldElement, OpcodeResolutionError, PartialWitnessGenerator,
+        pwg::{
+            block::Blocks, solve, OpcodeResolution, OpcodeResolutionError,
+            PartialWitnessGeneratorStatus,
+        },
+        FieldElement, PartialWitnessGenerator,
     };
 
     use crate::{
@@ -127,65 +130,6 @@ mod test {
 
     struct MockBackend {}
     impl PartialWitnessGenerator for MockBackend {
-        fn aes(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _inputs: &[FunctionInput],
-            _outputs: &[Witness],
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
-        fn and(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _lhs: &FunctionInput,
-            _rhs: &FunctionInput,
-            _output: &Witness,
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
-        fn xor(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _lhs: &FunctionInput,
-            _rhs: &FunctionInput,
-            _output: &Witness,
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
-        fn range(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _input: &FunctionInput,
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
-        fn sha256(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _inputs: &[FunctionInput],
-            _outputs: &[Witness],
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
-        fn blake2s(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _inputs: &[FunctionInput],
-            _outputs: &[Witness],
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
-        fn compute_merkle_root(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _leaf: &FunctionInput,
-            _index: &FunctionInput,
-            _hash_path: &[FunctionInput],
-            _output: &Witness,
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
         fn schnorr_verify(
             &self,
             _initial_witness: &mut WitnessMap,
@@ -201,29 +145,11 @@ mod test {
             &self,
             _initial_witness: &mut WitnessMap,
             _inputs: &[FunctionInput],
+            _domain_separator: u32,
             _outputs: &[Witness],
         ) -> Result<OpcodeResolution, OpcodeResolutionError> {
             panic!("Path not trodden by this test")
         }
-        fn hash_to_field_128_security(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _inputs: &[FunctionInput],
-            _output: &Witness,
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
-        fn ecdsa_secp256k1(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _public_key_x: &[FunctionInput],
-            _public_key_y: &[FunctionInput],
-            _signature: &[FunctionInput],
-            _message: &[FunctionInput],
-            _output: &Witness,
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
         fn fixed_base_scalar_mul(
             &self,
             _initial_witness: &mut WitnessMap,
@@ -232,14 +158,6 @@ mod test {
         ) -> Result<OpcodeResolution, OpcodeResolutionError> {
             panic!("Path not trodden by this test")
         }
-        fn keccak256(
-            &self,
-            _initial_witness: &mut WitnessMap,
-            _inputs: &[FunctionInput],
-            _outputs: &[Witness],
-        ) -> Result<OpcodeResolution, OpcodeResolutionError> {
-            panic!("Path not trodden by this test")
-        }
     }
 
     // Check that a random network constrains its output to be a permutation of any random input
diff --git a/crates/noirc_evaluator/src/ssa/builtin.rs b/crates/noirc_evaluator/src/ssa/builtin.rs
@@ -79,12 +79,7 @@ impl Opcode {
                     | BlackBoxFunc::FixedBaseScalarMul => BigUint::zero(),
                     // Verify returns zero or one
                     BlackBoxFunc::SchnorrVerify | BlackBoxFunc::EcdsaSecp256k1 => BigUint::one(),
-                    BlackBoxFunc::ComputeMerkleRoot | BlackBoxFunc::HashToField128Security => {
-                        ObjectType::native_field().max_size()
-                    }
-                    BlackBoxFunc::AES => {
-                        todo!("ICE: AES is unimplemented")
-                    }
+                    BlackBoxFunc::HashToField128Security => ObjectType::native_field().max_size(),
                     BlackBoxFunc::RANGE | BlackBoxFunc::AND | BlackBoxFunc::XOR => {
                         unimplemented!("ICE: these opcodes do not have Noir builtin functions")
                     }
@@ -102,13 +97,10 @@ impl Opcode {
         match self {
             Opcode::LowLevel(op) => {
                 match op {
-                    BlackBoxFunc::AES => todo!("ICE: AES is unimplemented"),
                     BlackBoxFunc::SHA256 | BlackBoxFunc::Blake2s | BlackBoxFunc::Keccak256 => {
                         (32, ObjectType::unsigned_integer(8))
                     }
-                    BlackBoxFunc::ComputeMerkleRoot | BlackBoxFunc::HashToField128Security => {
-                        (1, ObjectType::native_field())
-                    }
+                    BlackBoxFunc::HashToField128Security => (1, ObjectType::native_field()),
                     // See issue #775 on changing this to return a boolean
                     BlackBoxFunc::SchnorrVerify | BlackBoxFunc::EcdsaSecp256k1 => {
                         (1, ObjectType::native_field())
diff --git a/crates/wasm/src/compile.rs b/crates/wasm/src/compile.rs
@@ -79,7 +79,7 @@ pub fn compile(args: JsValue) -> JsValue {
     let mut driver = noirc_driver::Driver::new(
         &language,
         #[allow(deprecated)]
-        Box::new(acvm::default_is_opcode_supported(language.clone())),
+        Box::new(acvm::pwg::default_is_opcode_supported(language.clone())),
     );
 
     let path = PathBuf::from(&options.entry_point);
diff --git a/flake.lock b/flake.lock
diff --git a/noir_stdlib/src/hash.nr b/noir_stdlib/src/hash.nr
@@ -6,14 +6,18 @@ fn sha256<N>(_input : [u8; N]) -> [u8; 32] {}
 #[foreign(blake2s)]
 fn blake2s<N>(_input : [u8; N]) -> [u8; 32] {}
 
+fn pedersen<N>(input : [Field; N]) -> [Field; 2] {
+    pedersen_with_separator(input, 0)
+}
+
 #[foreign(pedersen)]
-fn pedersen<N>(_input : [Field; N]) -> [Field; 2] {}
+fn pedersen_with_separator<N>(_input : [Field; N], _separator : comptime u32) -> [Field; 2] {}
 
 #[foreign(hash_to_field_128_security)]
 fn hash_to_field<N>(_input : [Field; N]) -> Field {}
 
 #[foreign(keccak256)]
-fn keccak256<N>(_input : [u8; N]) -> [u8; 32] {}
+fn keccak256<N>(_input : [u8; N], _message_size: u32) -> [u8; 32] {}
 
 // mimc-p/p implementation
 // constants are (publicly generated) random numbers, for instance using keccak as a ROM.
diff --git a/noir_stdlib/src/merkle.nr b/noir_stdlib/src/merkle.nr
@@ -18,4 +18,4 @@ fn compute_merkle_root(leaf: Field, index: Field, hash_path: [Field]) -> Field {
       current = crate::hash::pedersen([hash_left, hash_right])[0];
     };
     current
-}
+}

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-use acvm::OpcodeResolutionError;`
	`1`	`+use acvm::pwg::OpcodeResolutionError;`
`2`	`2`	`use thiserror::Error;`
`3`	`3`
`4`	`4`	`#[derive(Debug, Error)]`
Original file line number	Diff line number	Diff line change
`@@ -346,6 +346,6 @@ impl Driver {`
`346`	`346`	`impl Default for Driver {`
`347`	`347`	`fn default() -> Self {`
`348`	`348`	`#[allow(deprecated)]`
`349`		`- Self::new(&Language::R1CS, Box::new(acvm::default_is_opcode_supported(Language::R1CS)))`
	`349`	`+ Self::new(&Language::R1CS, Box::new(acvm::pwg::default_is_opcode_supported(Language::R1CS)))`
`350`	`350`	`}`
`351`	`351`	`}`
-Original file line number
+Diff line change
       current = crate::hash::pedersen([hash_left, hash_right])[0];
     };
     current
 -}
 +}