plume-sig · Divide-By-0 · Jan 2, 2024 · Jan 4, 2024 · Jan 4, 2024 · Jan 7, 2024
diff --git a/.DS_Store b/.DS_Store
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,7 +1,7 @@
 [workspace]
 resolver = "2"
 
-members = ["rust-arkworks", "rust-k256"]
+members = [ "circuits/halo2","rust-arkworks", "rust-k256", "circuits/halo2/wasm", "js-wasm" ]
 
 [patch.crates-io]
 ark-ec = { git = "https://github.com/FindoraNetwork/ark-algebra" }

diff --git a/circuits/.DS_Store b/circuits/.DS_Store
diff --git a/circuits/halo2/.DS_Store b/circuits/halo2/.DS_Store
diff --git a/circuits/halo2/.gitignore b/circuits/halo2/.gitignore
@@ -0,0 +1,2 @@
+/params
+/build
diff --git a/circuits/halo2/Cargo.toml b/circuits/halo2/Cargo.toml
@@ -0,0 +1,34 @@
+[package]
+name = "halo2-plume"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+halo2-base = { git = "https://github.com/shreyas-londhe/halo2-lib.git", branch = "feat/secp256k1-hash2curve-poseidon", default-features = false, features = ["halo2-axiom", "test-utils"] }
+halo2-ecc = { git = "https://github.com/shreyas-londhe/halo2-lib.git", branch = "feat/secp256k1-hash2curve-poseidon", default-features = false, features = ["halo2-axiom"] }
+snark-verifier-sdk = { git = "https://github.com/shreyas-londhe/snark-verifier.git", optional = true}
+k256 = { version = "0.13.3", features = ["arithmetic", "hash2curve", "expose-field", "sha2"]}
+rand = "0.8.5"
+pse-poseidon = { git = "https://github.com/shreyas-londhe/pse-poseidon.git" }
+
+[features]
+scripts = ["snark-verifier-sdk"]
+
+[dev-dependencies]
+ark-std = "0.4.0"
+num-bigint = "0.4.4"
+num-traits = "0.2.18"
+criterion = "0.5.1"
+pprof = { version = "0.13", features = ["criterion", "flamegraph"] }
+
+[[bin]]
+name = "generate-build-files"
+path = "./scripts/generate_build_files.rs"
+required-features = ["scripts"]
+
+[[bench]]
+name = "plume_verify"
+harness = false
+
diff --git a/circuits/halo2/README.md b/circuits/halo2/README.md
@@ -0,0 +1,25 @@
+# halo2-plume
+
+Plume signature verification circuits in halo2.
+
+## Build
+
+You can install and build our library with the following commands.
+
+```bash
+git clone https://github.com/shreyas-londhe/zk-nullifier-sig.git -b feat/plume-halo2
+cd zk-nullifier-sig/circuits/halo2
+cargo build
+```
+
+## Test
+
+You can run the tests by executing `cargo test --release`.
+
+## Usage
+
+You can refer to the test at `src/lib.rs` for an example of how to use the Plume verification circuit in your halo2 circuit.
+
+## WASM Prover in Browser
+
+You can generate a proof on browser with our wasm prover. For more information, please see `wasm/README.md`.
diff --git a/circuits/halo2/benches/plume_verify.rs b/circuits/halo2/benches/plume_verify.rs
@@ -0,0 +1,123 @@
+use ark_std::{ end_timer, start_timer };
+use halo2_base::gates::circuit::BaseCircuitParams;
+use halo2_base::gates::circuit::{ builder::RangeCircuitBuilder, CircuitBuilderStage };
+use halo2_base::gates::flex_gate::MultiPhaseThreadBreakPoints;
+use halo2_base::gates::RangeInstructions;
+use halo2_base::poseidon::hasher::{ PoseidonHasher, spec::OptimizedPoseidonSpec };
+use halo2_base::{
+  halo2_proofs::{ halo2curves::bn256::{ Bn256, Fr }, plonk::*, poly::kzg::commitment::ParamsKZG },
+  utils::testing::gen_proof,
+};
+use halo2_ecc::ecc::EccChip;
+use halo2_ecc::fields::FieldChip;
+use halo2_ecc::secp256k1::{ FpChip, FqChip };
+use plume_halo2::utils::generate_test_data;
+use plume_halo2::{ verify_plume, PlumeCircuitInput, PlumeInput };
+use rand::rngs::OsRng;
+
+use criterion::{ criterion_group, criterion_main };
+use criterion::{ BenchmarkId, Criterion };
+
+use pprof::criterion::{ Output, PProfProfiler };
+
+const K: u32 = 15;
+
+fn plume_verify_bench(
+  stage: CircuitBuilderStage,
+  input: PlumeCircuitInput,
+  config_params: Option<BaseCircuitParams>,
+  break_points: Option<MultiPhaseThreadBreakPoints>
+) -> RangeCircuitBuilder<Fr> {
+  let k = K as usize;
+  let lookup_bits = k - 1;
+  let mut builder = match stage {
+    CircuitBuilderStage::Prover => {
+      RangeCircuitBuilder::prover(config_params.unwrap(), break_points.unwrap())
+    }
+    _ => RangeCircuitBuilder::from_stage(stage).use_k(k).use_lookup_bits(lookup_bits),
+  };
+
+  let start0 = start_timer!(|| format!("Witness generation for circuit in {stage:?} stage"));
+  let range = builder.range_chip();
+  let ctx = builder.main(0);
+
+  let fp_chip = FpChip::<Fr>::new(&range, 88, 3);
+  let fq_chip = FqChip::<Fr>::new(&range, 88, 3);
+  let ecc_chip = EccChip::<Fr, FpChip<Fr>>::new(&fp_chip);
+
+  let mut poseidon_hasher = PoseidonHasher::<Fr, 3, 2>::new(
+    OptimizedPoseidonSpec::new::<8, 57, 0>()
+  );
+  poseidon_hasher.initialize_consts(ctx, range.gate());
+
+  let nullifier = ecc_chip.load_private_unchecked(ctx, (input.nullifier.0, input.nullifier.1));
+  let s = fq_chip.load_private(ctx, input.s);
+  let c = fq_chip.load_private(ctx, input.c);
+  let pk = ecc_chip.load_private_unchecked(ctx, (input.pk.0, input.pk.1));
+  let m = input.m
+    .iter()
+    .map(|m| ctx.load_witness(*m))
+    .collect::<Vec<_>>();
+
+  let plume_input = PlumeInput {
+    nullifier,
+    s,
+    c,
+    pk,
+    m,
+  };
+
+  verify_plume::<Fr>(ctx, &ecc_chip, &poseidon_hasher, 4, 4, plume_input);
+
+  end_timer!(start0);
+  if !stage.witness_gen_only() {
+    builder.calculate_params(Some(20));
+  }
+  builder
+}
+
+fn bench(c: &mut Criterion) {
+  let plume_verify_input = generate_test_data(
+    b"vulputate ut pharetra tis amet aliquam id diam maecenas ultricies mi eget mauris pharetra et adasdds"
+  );
+  let circuit = plume_verify_bench(
+    CircuitBuilderStage::Keygen,
+    plume_verify_input.clone(),
+    None,
+    None
+  );
+  let config_params = circuit.params();
+
+  let params = ParamsKZG::<Bn256>::setup(K, OsRng);
+  let vk = keygen_vk(&params, &circuit).expect("vk should not fail");
+  let pk = keygen_pk(&params, vk, &circuit).expect("pk should not fail");
+  let break_points = circuit.break_points();
+
+  let mut group = c.benchmark_group("plonk-prover");
+  group.sample_size(10);
+  group.bench_with_input(
+    BenchmarkId::new("plume verify", K),
+    &(&params, &pk, &plume_verify_input),
+    |bencher, &(params, pk, voter_input)| {
+      let input = voter_input.clone();
+      bencher.iter(|| {
+        let circuit = plume_verify_bench(
+          CircuitBuilderStage::Prover,
+          input.clone(),
+          Some(config_params.clone()),
+          Some(break_points.clone())
+        );
+
+        gen_proof(params, pk, circuit);
+      })
+    }
+  );
+  group.finish()
+}
+
+criterion_group! {
+  name = benches;
+  config = Criterion::default().with_profiler(PProfProfiler::new(10, Output::Flamegraph(None)));
+  targets = bench
+}
+criterion_main!(benches);
diff --git a/circuits/halo2/example-frontend/.eslintrc.json b/circuits/halo2/example-frontend/.eslintrc.json
@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}
diff --git a/circuits/halo2/example-frontend/.gitignore b/circuits/halo2/example-frontend/.gitignore
@@ -0,0 +1,36 @@
+# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.
+
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+.yarn/install-state.gz
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# local env files
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts
diff --git a/circuits/halo2/example-frontend/README.md b/circuits/halo2/example-frontend/README.md
@@ -0,0 +1,28 @@
+# Plume Verification Frontend
+
+Nextjs frontend example showcasing the use of [plume-wasm](https://www.npmjs.com/package/plume-wasm) to generate a proof on browser.
+
+## Prerequisites
+
+You need a custom build of [Taho wallet](https://taho.xyz) to generate the nullifier.
+
+- Download this [zip](https://storage.googleapis.com/plume-keys/taho-plume.zip) and extract it.
+- Follow [this](https://knowledge.workspace.google.com/kb/load-unpacked-extensions-000005962) guide to load the extension.
+- Setup the wallet with a dummy account.
+
+Once you have the wallet setup, you can follow the instructions below to test.
+
+## Try it out
+
+To test the browser proof generation, you can follow the instructions below.
+
+```bash
+git clone https://github.com/shreyas-londhe/zk-nullifier-sig.git -b feat/plume-halo2
+cd zk-nullifier-sig/circuits/halo2/example-frontend
+npm install
+npm run dev
+```
+
+This will start the frontend at [http://localhost:3000](http://localhost:3000).
+
+Note: The console will display the time taken to generate the proof.
diff --git a/circuits/halo2/example-frontend/next.config.mjs b/circuits/halo2/example-frontend/next.config.mjs
@@ -0,0 +1,39 @@
+/** @type {import('next').NextConfig} */
+const nextConfig = {
+  reactStrictMode: true,
+
+  // Add the headers function to set the required headers
+  async headers() {
+    return [
+      {
+        source: "/(.*)",
+        headers: [
+          {
+            key: "Cross-Origin-Embedder-Policy",
+            value: "require-corp",
+          },
+          {
+            key: "Cross-Origin-Opener-Policy",
+            value: "same-origin",
+          },
+        ],
+      },
+    ];
+  },
+
+  webpack: (config, { isServer }) => {
+    if (!isServer) {
+      config.module.rules.push({
+        test: /\.worker\.ts$/,
+        loader: "worker-loader",
+        options: {
+          publicPath: "/_next/static/workers/",
+        },
+      });
+    }
+
+    return config;
+  },
+};
+
+export default nextConfig;