NilFoundation · vo-nil · Dec 6, 2023 · Dec 6, 2023
diff --git a/contracts/zkllvm/circuit1/commitment.sol b/contracts/zkllvm/circuit1/commitment.sol
@@ -37,10 +37,10 @@ library modular_commitment_scheme_circuit1 {
  uint256 constant unique_points = 4;
  uint256 constant permutation_point = 2;
  uint256 constant quotient_point = 0;
- uint256 constant lookup_point = 0;
+ uint256 constant lookup_point = 15879801408074564946;
  bytes constant points_ids = hex"01010101010101010303010100000000";
  uint256 constant omega = 14450201850503471296781915119640920297985789873634237091629829669980153907901;
- uint256 constant _etha = 14062721881273474090606415031361994540585550571695842571456013353340629726555;
+ uint256 constant _etha = 25899808218321801276764617458138652170344891016324725036900654604723665983657;
 
  struct commitment_state{
  bytes leaf_data;
@@ -435,36 +435,29 @@ unchecked {
  tr_state.current_challenge = transcript_state;
  commitment_state memory state;
 
- {
- uint256 poly_at_eta;
- /* 1 - 2*permutation_size */
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 40);// 0
- if(poly_at_eta != 0x1f1737f0f9693494b37fd517f70fe4d844c0e4dd11e9df8639a0be9abfccb55b) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x68);// 0x1
- if(poly_at_eta != 0x1b7417b4df0e06e7817f2977d34f78391337465946f76b67edc9572bbeff8ac5) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0xa8);// 0x2
- if(poly_at_eta != 0x94476885b462285877bcf57208d591d1b872dc6503b26d072945200bafdb5d7) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0xe8);// 0x3
- if(poly_at_eta != 0x2e5650a9c85eac9ba56b0cb3a2c2bd9189a3e4df9127c2123ce59a03a6f48d33) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x128);// 0x4
- if(poly_at_eta != 0x1f1737f0f9693494b37fd517f70fe4d844c0e4dd11e9df8639a0be9abfccb55b) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x168);// 0x5
- if(poly_at_eta != 0x1b7417b4df0e06e7817f2977d34f78391337465946f76b67edc9572bbeff8ac5) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x1a8);// 0x6
- if(poly_at_eta != 0x94476885b462285877bcf57208d591d1b872dc6503b26d072945200bafdb5d7) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x1e8);// 0x7
- if(poly_at_eta != 0x2e5650a9c85eac9ba56b0cb3a2c2bd9189a3e4df9127c2123ce59a03a6f48d33) return false;
- /* 2 - special selectors */
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x248);// 0x8
- if(poly_at_eta != 0xf3114c664f481e6028c47f122b53b12f6aa455ea26f54aad80ad778950b2177) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x2a8);// 0x9
- if(poly_at_eta != 0x2acd90c58b8637d005a76e69a474de1cc5f432a41724e855b2a0b19b71a52150) return false;
- /* 3 - constant columns */
- /* 4 - selector columns */
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x2e8);// 0xa
- if(poly_at_eta != 0x277b3d077e65208b010bc2f62957e87b900bd1f007ef61acf14649463be06cbb) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x328);// 0xb
- if(poly_at_eta != 0x308efe88baf9b3bc3787b68d279234d783ef3e4064de84b20dc2a1d72eb2e0e3) return false;
+ /* eta points check */
+ {
+ uint256[12] memory points;
+ /* 1. 2*permutation_size */
+ points[0] = basic_marshalling.get_uint256_be(blob,0x28);
+ points[0x1] = basic_marshalling.get_uint256_be(blob,0x68);
+ points[0x2] = basic_marshalling.get_uint256_be(blob,0xa8);
+ points[0x3] = basic_marshalling.get_uint256_be(blob,0xe8);
+ points[0x4] = basic_marshalling.get_uint256_be(blob,0x128);
+ points[0x5] = basic_marshalling.get_uint256_be(blob,0x168);
+ points[0x6] = basic_marshalling.get_uint256_be(blob,0x1a8);
+ points[0x7] = basic_marshalling.get_uint256_be(blob,0x1e8);
+ /* 2. special selectors */
+ points[0x8] = basic_marshalling.get_uint256_be(blob,0x248);
+ points[0x9] = basic_marshalling.get_uint256_be(blob,0x2a8);
+ /* 3. constant columns */
+ /* 4. selector columns */
+ points[0xa] = basic_marshalling.get_uint256_be(blob,0x2e8);
+ points[0xb] = basic_marshalling.get_uint256_be(blob,0x328);
+ /* Check keccak(points) */
+ if ( bytes32(0x71fb4a7846eeb2d8bf51b28ca7aa2b859396878e7b0cfd5e2b2e2b5758e1f7ee) != keccak256(abi.encode(points))) {
+ return false;
+ }
  }
 
 

diff --git a/contracts/zkllvm/circuit1/modular_verifier.sol b/contracts/zkllvm/circuit1/modular_verifier.sol
@@ -32,8 +32,8 @@ import "../../algebra/field.sol";
 contract modular_verifier_circuit1 is IModularVerifier{
  uint256 constant modulus = 28948022309329048855892746252171976963363056481941560715954676764349967630337;
  bool constant use_lookups = false;
- bytes32 constant vk1 = bytes32(0xd01dad89947ad38adc7e68ae52f8fb2a1c430fd535887b78fd3ac57a2cbc5f09);
- bytes32 constant vk2 = bytes32(0xf347e1a5c5bec69f49b12f482b4eb2ba2687d9270cb998f29ba4ead18a440703);
+ bytes32 constant vk1 = bytes32(0x79e2a887f921eddebb5757d0186b49b8399ce63d0f04458dec59b032ca76a187);
+ bytes32 constant vk2 = bytes32(0xcc2d054528ca2282bfe586c5ccd4bba968132bd2615efc9d0a9b25930722ef00);
  bytes32 transcript_state;
  address _gate_argument_address;
  address _permutation_argument_address;

diff --git a/contracts/zkllvm/circuit1/params.json b/contracts/zkllvm/circuit1/params.json
@@ -4,7 +4,7 @@
  "rows_amount": "16",
  "usable_rows_amount": "13",
  "omega": "14450201850503471296781915119640920297985789873634237091629829669980153907901",
- "verification_key": "d01dad89947ad38adc7e68ae52f8fb2a1c430fd535887b78fd3ac57a2cbc5f09 f347e1a5c5bec69f49b12f482b4eb2ba2687d9270cb998f29ba4ead18a440703",
+ "verification_key": "79e2a887f921eddebb5757d0186b49b8399ce63d0f04458dec59b032ca76a187 cc2d054528ca2282bfe586c5ccd4bba968132bd2615efc9d0a9b25930722ef00",
  "ar_params": [
  "3",
  "1",
@@ -48,7 +48,7 @@
  "17166126583027276163107155648953851600645935739886150467584901586847365754678"
  ],
  "grinding_params": {
- "mask": "4294901760"
+ "mask": "4294934528"
  }
  }
 }
diff --git a/contracts/zkllvm/circuit1/proof.bin b/contracts/zkllvm/circuit1/proof.bin
diff --git a/contracts/zkllvm/circuit2/commitment.sol b/contracts/zkllvm/circuit2/commitment.sol
@@ -29,18 +29,18 @@ import "hardhat/console.sol";
 library modular_commitment_scheme_circuit2 {
  uint256 constant modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513;
  uint64 constant batches_num = 4;
- uint256 constant r = 3;
+ uint256 constant r = 2;
  uint256 constant lambda = 1;
- uint256 constant D0_size = 256;
- uint256 constant max_degree = 15;
- uint256 constant D0_omega = 36007022166693598376559747923784822035233416720563672082740011604939309541707;
+ uint256 constant D0_size = 128;
+ uint256 constant max_degree = 7;
+ uint256 constant D0_omega = 47309214877430199588914062438791732591241783999377560080318349803002842391998;
  uint256 constant unique_points = 5;
  uint256 constant permutation_point = 3;
  uint256 constant quotient_point = 1;
- uint256 constant lookup_point = 0;
+ uint256 constant lookup_point = 4198358955428360095;
  bytes constant points_ids = hex"02020202020202020404020200010101";
- uint256 constant omega = 14788168760825820622209131888203028446852016562542525606630160374691593895118;
- uint256 constant _etha = 12217208067492249031102872072655908974751031861422067257283053495957748658893;
+ uint256 constant omega = 23674694431658770659612952115660802947967373701506253797663184111817857449850;
+ uint256 constant _etha = 16144342667207310663168115290000665798698754276025400208440163075201405688938;
 
  struct commitment_state{
  bytes leaf_data;
@@ -438,36 +438,29 @@ unchecked {
  tr_state.current_challenge = transcript_state;
  commitment_state memory state;
 
- {
- uint256 poly_at_eta;
- /* 1 - 2*permutation_size */
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 40);// 0
- if(poly_at_eta != 0x1b02b1d914ea72056989679d7826ca1f9adbc9880002cf6daffb7f1fa3b332cd) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x68);// 0x1
- if(poly_at_eta != 0x4925359c68cba0ddaf87fd463f6daed7e844deb500155000cfe079de79e6639a) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0xa8);// 0x2
- if(poly_at_eta != 0x304dd9fa371b70eeffd08ccb957867d20aeb86e7009bc009af235519554cb932) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0xe8);// 0x3
- if(poly_at_eta != 0x6a45a7312e851bf898402981030726b3a4f5684b04458845c9f753b35519105c) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x128);// 0x4
- if(poly_at_eta != 0x1b02b1d914ea72056989679d7826ca1f9adbc9880002cf6daffb7f1fa3b332cd) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x168);// 0x5
- if(poly_at_eta != 0x3d9bd931d08eee60195862ede438d303f80e10fc9093f2a0920d1f3d2bed12c9) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x1a8);// 0x6
- if(poly_at_eta != 0x5d118568c35ccff0c8e14aeb77fcd0a05ba585f78d646348b66c554b10625e60) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x1e8);// 0x7
- if(poly_at_eta != 0x3a68771f10abc9d88dbdf7ce531cd3044141f573048011fdb1b76e4ec34435a6) return false;
- /* 2 - special selectors */
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x248);// 0x8
- if(poly_at_eta != 0x3f1b4adcabfaa14cf2ee7ec3990f58d91ae75bfaaefe1327313d89eb23baf96f) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x2a8);// 0x9
- if(poly_at_eta != 0x662761bdeda7376d374c58b68475ecfa30064120c27daa97edfbda94eecaeaff) return false;
- /* 3 - constant columns */
- /* 4 - selector columns */
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x2e8);// 0xa
- if(poly_at_eta != 0x369369e984155e5f975bd41103c801ea569e500244152d768985604be0800b06) return false;
- poly_at_eta = basic_marshalling.get_uint256_be(blob, 0x328);// 0xb
- if(poly_at_eta != 0x3cd3d24de7686966f8fa3577ea539d516c0a16d46d0e2c283db58b157952ca53) return false;
+ /* eta points check */
+ {
+ uint256[12] memory points;
+ /* 1. 2*permutation_size */
+ points[0] = basic_marshalling.get_uint256_be(blob,0x28);
+ points[0x1] = basic_marshalling.get_uint256_be(blob,0x68);
+ points[0x2] = basic_marshalling.get_uint256_be(blob,0xa8);
+ points[0x3] = basic_marshalling.get_uint256_be(blob,0xe8);
+ points[0x4] = basic_marshalling.get_uint256_be(blob,0x128);
+ points[0x5] = basic_marshalling.get_uint256_be(blob,0x168);
+ points[0x6] = basic_marshalling.get_uint256_be(blob,0x1a8);
+ points[0x7] = basic_marshalling.get_uint256_be(blob,0x1e8);
+ /* 2. special selectors */
+ points[0x8] = basic_marshalling.get_uint256_be(blob,0x248);
+ points[0x9] = basic_marshalling.get_uint256_be(blob,0x2a8);
+ /* 3. constant columns */
+ /* 4. selector columns */
+ points[0xa] = basic_marshalling.get_uint256_be(blob,0x2e8);
+ points[0xb] = basic_marshalling.get_uint256_be(blob,0x328);
+ /* Check keccak(points) */
+ if ( bytes32(0x07f5a5a6264a7dce9168a9dc927495cf9a778f72e8b15598fcce1671331e89c6) != keccak256(abi.encode(points))) {
+ return false;
+ }
  }
 
 

diff --git a/contracts/zkllvm/circuit2/modular_verifier.sol b/contracts/zkllvm/circuit2/modular_verifier.sol
@@ -32,8 +32,8 @@ import "../../algebra/field.sol";
 contract modular_verifier_circuit2 is IModularVerifier{
  uint256 constant modulus = 52435875175126190479447740508185965837690552500527637822603658699938581184513;
  bool constant use_lookups = false;
- bytes32 constant vk1 = bytes32(0x1154d6227897bca2848e9f5cb8eb7319c4c9f132830e93634656ba8282263a78);
- bytes32 constant vk2 = bytes32(0xb024bd12fb5b07a167bc8a510f274a06946eac1240e823dd682ec71d18e04b4e);
+ bytes32 constant vk1 = bytes32(0xdf5209ad8762f94b28a73cd7586cfe3511910263bd427986f73d8df50a5b875b);
+ bytes32 constant vk2 = bytes32(0x467bea5db0ea69781be8939df7bee6936d3f96b624bb189c423b6021ba43c9d6);
  bytes32 transcript_state;
  address _gate_argument_address;
  address _permutation_argument_address;
@@ -45,8 +45,8 @@ contract modular_verifier_circuit2 is IModularVerifier{
  uint64 constant table_offset = z_offset + 0x80 * 4 + 0xc0;
  uint64 constant table_end_offset = table_offset + 288;
  uint64 constant quotient_offset = 352;
- uint64 constant rows_amount = 16;
- uint256 constant omega = 14788168760825820622209131888203028446852016562542525606630160374691593895118;
+ uint64 constant rows_amount = 8;
+ uint256 constant omega = 23674694431658770659612952115660802947967373701506253797663184111817857449850;
  uint256 constant special_selectors_offset = z_offset + 4 * 0x80;
 
  function initialize(

diff --git a/contracts/zkllvm/circuit2/params.json b/contracts/zkllvm/circuit2/params.json
@@ -1,10 +1,10 @@
 {
  "test_name": "circuit2",
  "modulus": "52435875175126190479447740508185965837690552500527637822603658699938581184513",
- "rows_amount": "16",
- "usable_rows_amount": "13",
- "omega": "14788168760825820622209131888203028446852016562542525606630160374691593895118",
- "verification_key": "1154d6227897bca2848e9f5cb8eb7319c4c9f132830e93634656ba8282263a78 b024bd12fb5b07a167bc8a510f274a06946eac1240e823dd682ec71d18e04b4e",
+ "rows_amount": "8",
+ "usable_rows_amount": "5",
+ "omega": "23674694431658770659612952115660802947967373701506253797663184111817857449850",
+ "verification_key": "df5209ad8762f94b28a73cd7586cfe3511910263bd427986f73d8df50a5b875b 467bea5db0ea69781be8939df7bee6936d3f96b624bb189c423b6021ba43c9d6",
  "ar_params": [
  "3",
  "1",
@@ -34,17 +34,15 @@
  ],
  "commitment_params_node": {
  "type": "LPC",
- "r": "3",
+ "r": "2",
  "m": "2",
  "lambda": "1",
- "max_degree": "15",
+ "max_degree": "7",
  "step_list": [
- "1",
  "1",
  "1"
  ],
  "D_omegas": [
- "36007022166693598376559747923784822035233416720563672082740011604939309541707",
  "47309214877430199588914062438791732591241783999377560080318349803002842391998",
  "31519469946562159605140591558550197856588417350474800936898404023113662197331"
  ]