Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
logic.test.cpp
Go to the documentation of this file.
1#include <gtest/gtest.h>
2
3#include "../bool/bool.hpp"
4#include "../circuit_builders/circuit_builders.hpp"
5#include "barretenberg/circuit_checker/circuit_checker.hpp"
6#include "barretenberg/honk/types/circuit_type.hpp"
7#include "barretenberg/numeric/random/engine.hpp"
8#include "barretenberg/numeric/uint256/uint256.hpp"
9#include "logic.hpp"
10
11#pragma GCC diagnostic ignored "-Wunused-local-typedefs"
12
13#define STDLIB_TYPE_ALIASES \
14 using Builder = TypeParam; \
15 using witness_ct = stdlib::witness_t<Builder>; \
16 using field_ct = stdlib::field_t<Builder>; \
17 using bool_ct = stdlib::bool_t<Builder>; \
18 using public_witness_ct = stdlib::public_witness_t<Builder>;
19using namespace bb;
20
21namespace {
22auto& engine = numeric::get_debug_randomness();
23}
24
25template <class T> void ignore_unused(T&) {} // use to ignore unused variables in lambdas
26
27template <class Builder> class LogicTest : public testing::Test {};
28
29using CircuitTypes = ::testing::Types<bb::UltraCircuitBuilder>;
30
31TYPED_TEST_SUITE(LogicTest, CircuitTypes);
32
33TYPED_TEST(LogicTest, TestCorrectLogic)
34{
35 STDLIB_TYPE_ALIASES
36
37 auto run_test = [](size_t num_bits, Builder& builder) {
38 uint256_t mask = (uint256_t(1) << num_bits) - 1;
39
40 uint256_t a = engine.get_random_uint256() & mask;
41 uint256_t b = engine.get_random_uint256() & mask;
42
43 uint256_t and_expected = a & b;
44 uint256_t xor_expected = a ^ b;
45
46 field_ct x = witness_ct(&builder, a);
47 field_ct y = witness_ct(&builder, b);
48
49 field_ct x_const(&builder, a);
50 field_ct y_const(&builder, b);
51
52 field_ct and_result = stdlib::logic<Builder>::create_logic_constraint(x, y, num_bits, false);
53 field_ct xor_result = stdlib::logic<Builder>::create_logic_constraint(x, y, num_bits, true);
54
55 field_ct and_result_left_constant =
56 stdlib::logic<Builder>::create_logic_constraint(x_const, y, num_bits, false);
57 field_ct xor_result_left_constant = stdlib::logic<Builder>::create_logic_constraint(x_const, y, num_bits, true);
58
59 field_ct and_result_right_constant =
60 stdlib::logic<Builder>::create_logic_constraint(x, y_const, num_bits, false);
61 field_ct xor_result_right_constant =
62 stdlib::logic<Builder>::create_logic_constraint(x, y_const, num_bits, true);
63
64 field_ct and_result_both_constant =
65 stdlib::logic<Builder>::create_logic_constraint(x_const, y_const, num_bits, false);
66 field_ct xor_result_both_constant =
67 stdlib::logic<Builder>::create_logic_constraint(x_const, y_const, num_bits, true);
68
69 EXPECT_EQ(uint256_t(and_result.get_value()), and_expected);
70 EXPECT_EQ(uint256_t(and_result_left_constant.get_value()), and_expected);
71 EXPECT_EQ(uint256_t(and_result_right_constant.get_value()), and_expected);
72 EXPECT_EQ(uint256_t(and_result_both_constant.get_value()), and_expected);
73
74 EXPECT_EQ(uint256_t(xor_result.get_value()), xor_expected);
75 EXPECT_EQ(uint256_t(xor_result_left_constant.get_value()), xor_expected);
76 EXPECT_EQ(uint256_t(xor_result_right_constant.get_value()), xor_expected);
77 EXPECT_EQ(uint256_t(xor_result_both_constant.get_value()), xor_expected);
78 };
79
80 auto builder = Builder();
81 for (size_t i = 8; i < 248; i += 8) {
82 run_test(i, builder);
83 }
84 bool result = CircuitChecker::check(builder);
85 EXPECT_EQ(result, true);
86}
87
88// Tests the constraints will fail if the operands are larger than expected even though the result contains the correct
89// number of bits when using the UltraBuilder This is because the range constraints on the right and left operand
90// are not being satisfied.
91TYPED_TEST(LogicTest, LargeOperands)
92{
93 STDLIB_TYPE_ALIASES
94
95 auto builder = Builder();
96
97 uint256_t mask = (uint256_t(1) << 48) - 1;
98 uint256_t a = engine.get_random_uint256() & mask;
99 uint256_t b = engine.get_random_uint256() & mask;
100
101 uint256_t expected_mask = (uint256_t(1) << 40) - 1;
102 uint256_t and_expected = (a & b) & expected_mask;
103 uint256_t xor_expected = (a ^ b) & expected_mask;
104
105 field_ct x = witness_ct(&builder, a);
106 field_ct y = witness_ct(&builder, b);
107
108 field_ct xor_result = stdlib::logic<Builder>::create_logic_constraint(x, y, 40, true);
109 field_ct and_result = stdlib::logic<Builder>::create_logic_constraint(x, y, 40, false);
110 EXPECT_EQ(uint256_t(and_result.get_value()), and_expected);
111 EXPECT_EQ(uint256_t(xor_result.get_value()), xor_expected);
112
113 bool result = CircuitChecker::check(builder);
114 EXPECT_EQ(result, true);
115}
116
117// Ensures that malicious witnesses which produce the same result are detected. This potential security issue cannot
118// happen if the builder doesn't support lookup gates because constraints will be created for each bit of the left and
119// right operand.
120TYPED_TEST(LogicTest, DifferentWitnessSameResult)
121{
122
123 STDLIB_TYPE_ALIASES
124 auto builder = Builder();
125 if (HasPlookup<Builder>) {
126 uint256_t a = 3758096391;
127 uint256_t b = 2147483649;
128 field_ct x = witness_ct(&builder, uint256_t(a));
129 field_ct y = witness_ct(&builder, uint256_t(b));
130
131 uint256_t xor_expected = a ^ b;
132 const std::function<std::pair<uint256_t, uint256_t>(uint256_t, uint256_t, size_t)>& get_bad_chunk =
133 [](uint256_t left, uint256_t right, size_t chunk_size) {
134 (void)left;
135 (void)right;
136 (void)chunk_size;
137 auto left_chunk = uint256_t(2684354565);
138 auto right_chunk = uint256_t(3221225475);
139 return std::make_pair(left_chunk, right_chunk);
140 };
141
142 field_ct xor_result = stdlib::logic<Builder>::create_logic_constraint(x, y, 32, true, get_bad_chunk);
143 EXPECT_EQ(uint256_t(xor_result.get_value()), xor_expected);
144
145 bool result = CircuitChecker::check(builder);
146 EXPECT_EQ(result, false);
147 }
148}
circuit_checker.hpp
circuit_type.hpp
bb::TranslatorCircuitChecker::check
static bool check(const Builder &circuit)
Check the witness satisifies the circuit.
Definition translator_circuit_checker.cpp:20
bb::numeric::RNG::get_random_uint256
virtual uint256_t get_random_uint256()=0
bb::numeric::uint256_t
Definition uint256.hpp:32
bb::stdlib::field_t< Builder >
bb::stdlib::field_t::get_value
bb::fr get_value() const
Given a := *this, compute its value given by a.v * a.mul + a.add.
Definition field.cpp:827
bb::stdlib::logic::create_logic_constraint
static field_pt create_logic_constraint(field_pt &a, field_pt &b, size_t num_bits, bool is_xor_gate, const std::function< std::pair< uint256_t, uint256_t >(uint256_t, uint256_t, size_t)> &get_chunk=[](uint256_t left, uint256_t right, size_t chunk_size) { uint256_t left_chunk=left &((uint256_t(1)<< chunk_size) - 1);uint256_t right_chunk=right &((uint256_t(1)<< chunk_size) - 1);return std::make_pair(left_chunk, right_chunk);})
A logical AND or XOR over a variable number of bits.
Definition logic.cpp:32
HasPlookup
Contains all the headers required to adequately compile the types defined in circuit_builders_fwd....
Definition circuit_builders.hpp:16
builder
AluTraceBuilder builder
Definition alu.test.cpp:123
a
FF a
Definition field_gt.test.cpp:51
b
FF b
Definition field_gt.test.cpp:52
Builder
ECCVMCircuitBuilder Builder
Definition eccvm.bench.cpp:11
engine
numeric::RNG & engine
Definition eccvm_transcript.test.cpp:282
witness_ct
bn254::witness_ct witness_ct
Definition graph_description_bigfield.test.cpp:31
STDLIB_TYPE_ALIASES
#define STDLIB_TYPE_ALIASES
Definition logic.test.cpp:13
ignore_unused
void ignore_unused(T &)
Definition logic.test.cpp:25
bb::numeric::get_debug_randomness
RNG & get_debug_randomness(bool reset, std::uint_fast64_t seed)
Definition engine.cpp:190
bb
Entry point for Barretenberg command-line interface.
Definition acir_format_getters.cpp:6
bb::TYPED_TEST_SUITE
TYPED_TEST_SUITE(ShpleminiTest, TestSettings)
bb::TYPED_TEST
TYPED_TEST(ShpleminiTest, CorrectnessOfMultivariateClaimBatching)
Definition shplemini.test.cpp:47
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
CircuitTypes
testing::Types< bb::UltraCircuitBuilder > CircuitTypes
Definition pedersen.test.cpp:83