clearmatics · dtebbs · Apr 19, 2022 · Apr 20, 2022 · Apr 14, 2022 · Apr 7, 2022
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -36,4 +36,4 @@ jobs:
     - name: build
       run: cd build && make -j $(($(nproc)+1))
     - name: test
-      run: cd build && make check -j $(($(nproc)+1))
+      run: cd build && CTEST_OUTPUT_ON_FAILURE=1 make check -j $(($(nproc)+1))
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -133,10 +133,12 @@ if(CMAKE_COMPILER_IS_GNUCXX OR "${CMAKE_CXX_COMPILER_ID}" MATCHES "^(Apple)?Clan
   endif()
   # Default optimizations flags (to override, use -DOPT_FLAGS=...)
   if("${OPT_FLAGS}" STREQUAL "")
-    set(
-      OPT_FLAGS
-      "-ggdb3 -O2 -march=native -mtune=native"
-    )
+    if (NOT ("${CMAKE_BUILD_TYPE}" STREQUAL "Debug"))
+      set(
+        OPT_FLAGS
+        "-ggdb3 -O2 -march=native -mtune=native"
+        )
+    endif()
   endif()
 endif()
 

diff --git a/depends/libff b/depends/libff
diff --git a/libsnark/common/constraints_tracker/constraints_tracker.cpp b/libsnark/common/constraints_tracker/constraints_tracker.cpp
@@ -0,0 +1,61 @@
+/** @file
+ *****************************************************************************
+ * @author     This file is part of libsnark, developed by Clearmatics Ltd
+ *             (originally developed by SCIPR Lab) and contributors
+ *             (see AUTHORS).
+ * @copyright  MIT license (see LICENSE file)
+ *****************************************************************************/
+
+#include "libsnark/common/constraints_tracker/constraints_tracker.hpp"
+
+#include <exception>
+#include <iostream>
+
+namespace libsnark
+{
+
+constraints_tracker::~constraints_tracker()
+{
+    // For now, just dump all entries to stdout
+
+    std::cout << "====================\n"
+              << "     CONSTRAINTS\n"
+              << "====================\n";
+
+    for (const auto &curve_it : _measurements) {
+        std::cout << "\nCURVE " << curve_it.first << ":\n";
+        for (const auto &entry_it : curve_it.second) {
+            std::cout << "  " << entry_it.first << ": " << entry_it.second
+                      << "\n";
+        }
+    }
+
+    // Ensure everything is output before the process terminates.
+    std::cout.flush();
+}
+
+void constraints_tracker::add_measurement_for_curve(
+    const std::string &curve_name,
+    const std::string &name,
+    size_t num_constraints)
+{
+    std::map<std::string, measurements_for_curve>::iterator it =
+        _measurements.find(curve_name);
+    if (it == _measurements.end()) {
+        _measurements[curve_name] = {{name, num_constraints}};
+        return;
+    }
+
+#ifndef NDEBUG
+    for (const auto &entry_it : it->second) {
+        if (entry_it.first == name) {
+            throw std::runtime_error(
+                "duplicate entry: " + name + " (curve: " + curve_name + ")");
+        }
+    }
+#endif
+
+    it->second.emplace_back(name, num_constraints);
+}
+
+} // namespace libsnark
diff --git a/libsnark/common/constraints_tracker/constraints_tracker.hpp b/libsnark/common/constraints_tracker/constraints_tracker.hpp
@@ -0,0 +1,72 @@
+/** @file
+ *****************************************************************************
+ * @author     This file is part of libsnark, developed by Clearmatics Ltd
+ *             (originally developed by SCIPR Lab) and contributors
+ *             (see AUTHORS).
+ * @copyright  MIT license (see LICENSE file)
+ *****************************************************************************/
+
+#ifndef LIBSNARK_COMMON_CONSTRAINTS_TRACKER_HPP_
+#define LIBSNARK_COMMON_CONSTRAINTS_TRACKER_HPP_
+
+#include <map>
+#include <string>
+#include <vector>
+
+namespace libsnark
+{
+
+/// Simple class to track a set of measurements (initially the number of
+/// constraints required by a given gadget) during test or profiling code, and
+/// present them together in a sensible format (rather than interspersed with
+/// other output to stdout).
+///
+/// Intended usage is in a test file, create a static global:
+///
+///   static constraints_tracker constraints_tracker;
+///
+/// and then later register measurements:
+///
+///   TEST(TestSuite, SomeTest)
+///   {
+///     ...
+///     constraints_tracker.add_measurement<libff::bls12_377>(
+///       "some_gadget", num_constraints);
+///     ...
+///   }
+///
+/// if the unit tests exits cleanly, all measurements should be printed to
+/// stdout.
+///
+/// In the future, this may be expanded to collect more data, or write it in
+/// other formats to different places.
+class constraints_tracker
+{
+public:
+    ~constraints_tracker();
+
+    template<typename ppT>
+    void add_measurement(const std::string &name, size_t num_constraints);
+
+protected:
+    using measurement = std::pair<std::string, size_t>;
+    using measurements_for_curve = std::vector<measurement>;
+
+    void add_measurement_for_curve(
+        const std::string &curve_name,
+        const std::string &name,
+        size_t num_constraints);
+
+    std::map<std::string, measurements_for_curve> _measurements;
+};
+
+template<typename ppT>
+void constraints_tracker::add_measurement(
+    const std::string &name, size_t num_constraints)
+{
+    add_measurement_for_curve(ppT::name, name, num_constraints);
+}
+
+} // namespace libsnark
+
+#endif // LIBSNARK_COMMON_CONSTRAINTS_TRACKER_HPP_
diff --git a/libsnark/gadgetlib1/gadget.hpp b/libsnark/gadgetlib1/gadget.hpp
@@ -20,7 +20,7 @@ template<typename FieldT> class gadget
     const std::string annotation_prefix;
 
 public:
-    gadget(protoboard<FieldT> &pb, const std::string &annotation_prefix = "");
+    gadget(protoboard<FieldT> &pb, const std::string &annotation_prefix);
 };
 
 } // namespace libsnark

diff --git a/libsnark/gadgetlib1/gadget.tcc b/libsnark/gadgetlib1/gadget.tcc
@@ -16,6 +16,8 @@ gadget<FieldT>::gadget(
     protoboard<FieldT> &pb, const std::string &annotation_prefix)
     : pb(pb), annotation_prefix(annotation_prefix)
 {
+    // Anotations may appear as "" (even if set by the calling code) unless
+    // DEBUG is set. See pb_variable.tcc.
 #ifdef DEBUG
     assert(annotation_prefix != "");
 #endif

diff --git a/libsnark/gadgetlib1/gadgets/curves/scalar_multiplication.hpp b/libsnark/gadgetlib1/gadgets/curves/scalar_multiplication.hpp
@@ -72,7 +72,8 @@ class variable_or_identity : public gadget<libff::Fr<ppT>>
     pb_variable<FieldT> is_identity_var;
 };
 
-/// Selector gadget for variable_or_identity
+/// Selector gadget for variable_or_identity. Outputs one of two
+/// variable_or_identity objects, depending on a scalar parameter.
 template<
     typename ppT,
     typename groupT,
@@ -401,6 +402,51 @@ class point_mul_by_scalar_gadget : public gadget<typename groupT::base_field>
         protoboard<Field> &pb, const std::string &annotation_prefix);
 };
 
+/// Generic gadget to perform scalar multiplication of variable_or_identity
+/// group points by scalar variables. Used by the individual group element
+/// implementations.
+template<
+    typename ppT,
+    typename groupT,
+    typename groupVarT,
+    typename selectorGadgetT,
+    typename addGadgetT,
+    typename dblGadgetT>
+class point_variable_or_identity_mul_by_scalar_gadget
+    : public gadget<typename groupT::base_field>
+{
+public:
+    using Field = libff::Fr<ppT>;
+    using nFr = libff::Fr<other_curve<ppT>>;
+
+    using varMulByScalar = point_mul_by_scalar_gadget<
+        ppT,
+        groupT,
+        groupVarT,
+        selectorGadgetT,
+        addGadgetT,
+        dblGadgetT>;
+
+    using groupVarOrIdentity = variable_or_identity<ppT, groupT, groupVarT>;
+    using selectVarIdentityGadget =
+        variable_or_identity_selector<ppT, groupT, groupVarT, selectorGadgetT>;
+
+    varMulByScalar scalar_mul;
+    groupVarOrIdentity selected_result;
+    selectVarIdentityGadget select_result;
+
+    point_variable_or_identity_mul_by_scalar_gadget(
+        protoboard<Field> &pb,
+        const pb_linear_combination<Field> &scalar,
+        const groupVarOrIdentity &P,
+        const groupVarOrIdentity &result,
+        const std::string &annotation_prefix);
+
+    void generate_r1cs_constraints();
+    void generate_r1cs_witness();
+    const groupVarOrIdentity &result() const;
+};
+
 } // namespace libsnark
 
 #include "libsnark/gadgetlib1/gadgets/curves/scalar_multiplication.tcc"

diff --git a/libsnark/gadgetlib1/gadgets/curves/scalar_multiplication.tcc b/libsnark/gadgetlib1/gadgets/curves/scalar_multiplication.tcc
@@ -821,6 +821,103 @@ pb_variable_array<libff::Fr<ppT>> point_mul_by_scalar_gadget<
     return bits;
 }
 
+template<
+    typename ppT,
+    typename groupT,
+    typename groupVarT,
+    typename selectorGadgetT,
+    typename addGadgetT,
+    typename dblGadgetT>
+point_variable_or_identity_mul_by_scalar_gadget<
+    ppT,
+    groupT,
+    groupVarT,
+    selectorGadgetT,
+    addGadgetT,
+    dblGadgetT>::
+    point_variable_or_identity_mul_by_scalar_gadget(
+        protoboard<Field> &pb,
+        const pb_linear_combination<Field> &scalar,
+        const groupVarOrIdentity &P,
+        const groupVarOrIdentity &result,
+        const std::string &annotation_prefix)
+    : gadget<libff::Fr<ppT>>(pb, annotation_prefix)
+    , scalar_mul(
+          pb,
+          scalar,
+          P.value,
+          groupVarOrIdentity(pb, FMT(annotation_prefix, " scalar_mul_result")),
+          FMT(annotation_prefix, " scalar_mul"))
+    // result = P.is_identity ? P : scalar_mul_result
+    //        = select(P.is_identity, scalar_mul_result, P)
+    , selected_result(result)
+    , select_result(
+          pb,
+          P.is_identity,
+          scalar_mul.result(),
+          P,
+          selected_result,
+          FMT(annotation_prefix, " select_result"))
+{
+}
+
+template<
+    typename ppT,
+    typename groupT,
+    typename groupVarT,
+    typename selectorGadgetT,
+    typename addGadgetT,
+    typename dblGadgetT>
+void point_variable_or_identity_mul_by_scalar_gadget<
+    ppT,
+    groupT,
+    groupVarT,
+    selectorGadgetT,
+    addGadgetT,
+    dblGadgetT>::generate_r1cs_constraints()
+{
+    scalar_mul.generate_r1cs_constraints();
+    select_result.generate_r1cs_constraints();
+}
+
+template<
+    typename ppT,
+    typename groupT,
+    typename groupVarT,
+    typename selectorGadgetT,
+    typename addGadgetT,
+    typename dblGadgetT>
+void point_variable_or_identity_mul_by_scalar_gadget<
+    ppT,
+    groupT,
+    groupVarT,
+    selectorGadgetT,
+    addGadgetT,
+    dblGadgetT>::generate_r1cs_witness()
+{
+    scalar_mul.generate_r1cs_witness();
+    select_result.generate_r1cs_witness();
+}
+
+template<
+    typename ppT,
+    typename groupT,
+    typename groupVarT,
+    typename selectorGadgetT,
+    typename addGadgetT,
+    typename dblGadgetT>
+const variable_or_identity<ppT, groupT, groupVarT>
+    &point_variable_or_identity_mul_by_scalar_gadget<
+        ppT,
+        groupT,
+        groupVarT,
+        selectorGadgetT,
+        addGadgetT,
+        dblGadgetT>::result() const
+{
+    return selected_result;
+}
+
 } // namespace libsnark
 
 #endif // LIBSNARK_GADGETLIB1_GADGETS_CURVE_SCALAR_MULTIPLICATION_TCC_
diff --git a/libsnark/gadgetlib1/gadgets/curves/weierstrass_g1_gadget.hpp b/libsnark/gadgetlib1/gadgets/curves/weierstrass_g1_gadget.hpp
@@ -254,6 +254,16 @@ using G1_mul_by_scalar_gadget = point_mul_by_scalar_gadget<
     G1_add_gadget<wppT>,
     G1_dbl_gadget<wppT>>;
 
+template<typename wppT>
+using G1_variable_or_identity_mul_by_scalar_gadget =
+    point_variable_or_identity_mul_by_scalar_gadget<
+        wppT,
+        libff::G1<other_curve<wppT>>,
+        G1_variable<wppT>,
+        G1_variable_selector_gadget<wppT>,
+        G1_add_gadget<wppT>,
+        G1_dbl_gadget<wppT>>;
+
 } // namespace libsnark
 
 #include <libsnark/gadgetlib1/gadgets/curves/weierstrass_g1_gadget.tcc>

diff --git a/libsnark/gadgetlib1/gadgets/curves/weierstrass_g2_gadget.hpp b/libsnark/gadgetlib1/gadgets/curves/weierstrass_g2_gadget.hpp
@@ -292,6 +292,16 @@ using G2_mul_by_scalar_gadget = point_mul_by_scalar_gadget<
     G2_add_gadget<wppT>,
     G2_dbl_gadget<wppT>>;
 
+template<typename wppT>
+using G2_variable_or_identity_mul_by_scalar_gadget =
+    point_variable_or_identity_mul_by_scalar_gadget<
+        wppT,
+        libff::G2<other_curve<wppT>>,
+        G2_variable<wppT>,
+        G2_variable_selector_gadget<wppT>,
+        G2_add_gadget<wppT>,
+        G2_dbl_gadget<wppT>>;
+
 } // namespace libsnark
 
 #include <libsnark/gadgetlib1/gadgets/curves/weierstrass_g2_gadget.tcc>
+1 −0		.gitignore
+1 −1		CMakeLists.txt
+2 −0		libff/algebra/curves/alt_bn128/alt_bn128_pp.cpp
+2 −0		libff/algebra/curves/alt_bn128/alt_bn128_pp.hpp
+2 −0		libff/algebra/curves/bls12_377/bls12_377_pp.cpp
+2 −0		libff/algebra/curves/bls12_377/bls12_377_pp.hpp
+10 −0		libff/algebra/curves/bls12_381/README.md
+68 −0		libff/algebra/curves/bls12_381/bls12_381.sage
+494 −0		libff/algebra/curves/bls12_381/bls12_381_g1.cpp
+116 −0		libff/algebra/curves/bls12_381/bls12_381_g1.hpp
+486 −0		libff/algebra/curves/bls12_381/bls12_381_g2.cpp
+120 −0		libff/algebra/curves/bls12_381/bls12_381_g2.hpp
+628 −0		libff/algebra/curves/bls12_381/bls12_381_init.cpp
+63 −0		libff/algebra/curves/bls12_381/bls12_381_init.hpp
+532 −0		libff/algebra/curves/bls12_381/bls12_381_pairing.cpp
+117 −0		libff/algebra/curves/bls12_381/bls12_381_pairing.hpp
+52 −0		libff/algebra/curves/bls12_381/bls12_381_pp.cpp
+54 −0		libff/algebra/curves/bls12_381/bls12_381_pp.hpp
+2 −0		libff/algebra/curves/bn128/bn128_pp.cpp
+2 −0		libff/algebra/curves/bn128/bn128_pp.hpp
+2 −0		libff/algebra/curves/bw6_761/bw6_761_pp.cpp
+2 −0		libff/algebra/curves/bw6_761/bw6_761_pp.hpp
+17 −1		libff/algebra/curves/curve_serialization.tcc
+2 −0		libff/algebra/curves/curve_utils.tcc
+2 −0		libff/algebra/curves/edwards/edwards_pp.cpp
+2 −0		libff/algebra/curves/edwards/edwards_pp.hpp
+2 −0		libff/algebra/curves/mnt/mnt4/mnt4_pp.cpp
+2 −0		libff/algebra/curves/mnt/mnt4/mnt4_pp.hpp
+2 −0		libff/algebra/curves/mnt/mnt6/mnt6_pp.cpp
+2 −0		libff/algebra/curves/mnt/mnt6/mnt6_pp.hpp
+3 −1		libff/algebra/curves/public_params.hpp
+8 −1		libff/algebra/curves/tests/test_bilinearity.cpp
+37 −1		libff/algebra/curves/tests/test_groups.cpp
+103 −14		libff/algebra/fields/field_utils.tcc
+34 −0		libff/algebra/fields/fp12_2over3over2.hpp
+35 −0		libff/algebra/fields/fp12_2over3over2.tcc
+31 −0		libff/algebra/fields/fp6_3over2.hpp
+19 −6		libff/algebra/fields/tests/test_fields.cpp
+36 −28		libff/algebra/scalar_multiplication/tests/test_multiexp.cpp