core_utils/circuit/

gate.rs

use std::{collections::HashMap, ops::Add};

use macros::GateMethods;
use primitives::algebra::{
    elliptic_curve::{Curve, Point, Scalar},
    BoxedUint,
};
use serde::{Deserialize, Serialize};

use crate::{
    circuit::{
        AlgebraicType,
        Batched,
        BitShareBinaryOp,
        BitShareUnaryOp,
        FieldPlaintextBinaryOp,
        FieldPlaintextUnaryOp,
        FieldShareBinaryOp,
        FieldShareUnaryOp,
        FieldType,
        Input,
        PointPlaintextBinaryOp,
        PointPlaintextUnaryOp,
        PointShareBinaryOp,
        PointShareUnaryOp,
        ShareOrPlaintext,
    },
    types::Label,
};

/// Gate operations, where the operation arguments correspond to _wire_ label.
#[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize, GateMethods)]
#[serde(bound(
    serialize = "Scalar<C>: Serialize, Point<C>: Serialize",
    deserialize = "Scalar<C>: Deserialize<'de>, Point<C>: Deserialize<'de>"
))]
pub enum Gate<C: Curve> {
    /// Input a wire
    Input {
        input_type: Input<C>,
    },
    /// Field share unary operations
    FieldShareUnaryOp {
        x: Label,
        op: FieldShareUnaryOp,
        field_type: FieldType,
    },
    /// Field share binary operations, where the second wire may be a plaintext.
    FieldShareBinaryOp {
        x: Label,
        y: Label,
        y_form: ShareOrPlaintext,
        op: FieldShareBinaryOp,
        field_type: FieldType,
    },
    BatchSummation {
        x: Label,
        x_form: ShareOrPlaintext,
        algebraic_type: AlgebraicType,
    },
    BitShareUnaryOp {
        x: Label,
        op: BitShareUnaryOp,
    },
    BitShareBinaryOp {
        x: Label,
        y: Label,
        y_form: ShareOrPlaintext,
        op: BitShareBinaryOp,
    },
    /// Operations with elliptic curve points
    PointShareUnaryOp {
        p: Label,
        op: PointShareUnaryOp,
    },
    PointShareBinaryOp {
        p: Label,
        y: Label,
        p_form: ShareOrPlaintext,
        y_form: ShareOrPlaintext,
        op: PointShareBinaryOp,
    },
    /// Field plaintext unary operations
    FieldPlaintextUnaryOp {
        x: Label,
        op: FieldPlaintextUnaryOp,
        field_type: FieldType,
    },
    /// Field plaintext binary operations
    FieldPlaintextBinaryOp {
        x: Label,
        y: Label,
        op: FieldPlaintextBinaryOp,
        field_type: FieldType,
    },
    BitPlaintextUnaryOp {
        x: Label,
        op: FieldPlaintextUnaryOp,
    },
    BitPlaintextBinaryOp {
        x: Label,
        y: Label,
        op: FieldPlaintextBinaryOp,
    },
    PointPlaintextUnaryOp {
        p: Label,
        op: PointPlaintextUnaryOp,
    },
    PointPlaintextBinaryOp {
        p: Label,
        y: Label,
        op: PointPlaintextBinaryOp,
    },
    /// Request a daBit
    DaBit {
        field_type: FieldType,
        batched: Batched,
    },
    GetDaBitFieldShare {
        x: Label,
        field_type: FieldType,
    },
    GetDaBitSharedBit {
        x: Label,
        field_type: FieldType,
    },
    /// ElGamal Encryption
    EncryptPoint {
        x: Label,
        c: Point<C>,
    },
    DecryptPoint {
        x: Label,
        y: Label,
    },
    /// Base field exponentiation operation
    BaseFieldPow {
        x: Label,
        exp: BoxedUint,
    },
    /// Bit plaintext conversion operations
    BitPlaintextToField {
        x: Label,
        field_type: FieldType,
    },
    FieldPlaintextToBit {
        x: Label,
        field_type: FieldType,
    },
    /// Get the element at a certain index of a batched wire
    BatchGetIndex {
        x: Label,
        x_type: AlgebraicType,
        x_form: ShareOrPlaintext,
        index: usize,
    },
    CollectToBatch {
        wires: Vec<Label>,
        x_type: AlgebraicType,
        x_form: ShareOrPlaintext,
    },
    PointFromPlaintextExtendedEdwards {
        wires: Vec<Label>,
    },
    PlaintextPointToExtendedEdwards {
        point: Label,
    },
    PlaintextKeccakF1600 {
        wires: Vec<Label>,
    },
}

impl<C: Curve> Gate<C> {
    /// Gathers all the `Label` inside the gate.
    pub fn get_labels(&self) -> Vec<Label> {
        let mut labels = Vec::new();
        self.for_each_label(|label| labels.push(label));
        labels
    }
}

#[derive(Debug, Clone, Default, PartialEq, Eq)]
pub struct CircuitPreprocessing {
    pub scalar_singlets: usize,
    pub scalar_triples: usize,
    pub base_field_singlets: usize,
    pub base_field_triples: usize,
    pub base_field_pow_pairs: HashMap<BoxedUint, usize>,
    pub bit_singlets: usize,
    pub bit_triples: usize,
    pub mersenne107_dabits: usize,
    pub mersenne107_singlets: usize,
    pub mersenne107_triples: usize,
    pub scalar_dabits: usize,
    pub base_field_dabits: usize,
}

impl Add for CircuitPreprocessing {
    type Output = Self;

    fn add(self, other: Self) -> Self::Output {
        Self {
            scalar_singlets: self.scalar_singlets + other.scalar_singlets,
            scalar_triples: self.scalar_triples + other.scalar_triples,
            base_field_singlets: self.base_field_singlets + other.base_field_singlets,
            base_field_triples: self.base_field_triples + other.base_field_triples,
            bit_singlets: self.bit_singlets + other.bit_singlets,
            bit_triples: self.bit_triples + other.bit_triples,
            mersenne107_dabits: self.mersenne107_dabits + other.mersenne107_dabits,
            mersenne107_singlets: self.mersenne107_singlets + other.mersenne107_singlets,
            mersenne107_triples: self.mersenne107_triples + other.mersenne107_triples,
            scalar_dabits: self.scalar_dabits + other.scalar_dabits,
            base_field_dabits: self.base_field_dabits + other.base_field_dabits,
            base_field_pow_pairs: {
                let mut combined = self.base_field_pow_pairs;
                for (k, v) in other.base_field_pow_pairs {
                    *combined.entry(k).or_insert(0) += v;
                }
                combined
            },
        }
    }
}

#[cfg(test)]
mod tests {
    use std::collections::HashSet;

    use primitives::algebra::elliptic_curve::Curve25519Ristretto as C;

    use super::*;
    use crate::circuit::FieldShareBinaryOp;

    #[test]
    fn test_ser_gate() {
        let no_curve_gate: Gate<C> = Gate::FieldShareBinaryOp {
            x: Label::from(1, 2),
            y: Label::from(3, 4),
            y_form: ShareOrPlaintext::Share,
            op: FieldShareBinaryOp::Add,
            field_type: FieldType::ScalarField,
        };
        let scalar_gate: Gate<C> = Gate::FieldShareBinaryOp {
            x: Label::from(1, 2),
            y: Label::from(3, 4),
            y_form: ShareOrPlaintext::Plaintext,
            op: FieldShareBinaryOp::Add,
            field_type: FieldType::ScalarField,
        };
        let point_gate: Gate<C> = Gate::PointShareBinaryOp {
            p: Label::from(1, 2),
            y: Label::from(3, 4),
            p_form: ShareOrPlaintext::Share,
            y_form: ShareOrPlaintext::Plaintext,
            op: PointShareBinaryOp::Add,
        };

        let no_curve_gate_ser = bincode::serialize(&no_curve_gate).unwrap();
        let scalar_gate_ser = bincode::serialize(&scalar_gate).unwrap();
        let point_gate_ser = bincode::serialize(&point_gate).unwrap();

        let no_curve_gate_de: Gate<C> = bincode::deserialize(&no_curve_gate_ser).unwrap();
        let scalar_gate_de: Gate<C> = bincode::deserialize(&scalar_gate_ser).unwrap();
        let point_gate_de: Gate<C> = bincode::deserialize(&point_gate_ser).unwrap();

        assert_eq!(no_curve_gate, no_curve_gate_de);
        assert_eq!(scalar_gate, scalar_gate_de);
        assert_eq!(point_gate, point_gate_de);
        let set = HashSet::from([
            no_curve_gate,
            no_curve_gate_de,
            scalar_gate,
            scalar_gate_de,
            point_gate,
            point_gate_de,
        ]);
        assert_eq!(set.len(), 3)
    }

    #[test]
    fn test_circuit_preprocessing_add() {
        let a = CircuitPreprocessing {
            scalar_singlets: 1,
            scalar_triples: 2,
            base_field_singlets: 3,
            base_field_triples: 4,
            bit_singlets: 0,
            bit_triples: 1,
            mersenne107_dabits: 0,
            mersenne107_singlets: 0,
            mersenne107_triples: 0,
            scalar_dabits: 1,
            base_field_dabits: 2,
            base_field_pow_pairs: vec![
                (BoxedUint::from(vec![21]), 5),
                (BoxedUint::from(vec![14]), 6),
            ]
            .into_iter()
            .collect(),
        };
        let b = CircuitPreprocessing {
            scalar_singlets: 2,
            scalar_triples: 3,
            base_field_singlets: 0,
            base_field_triples: 5,
            bit_singlets: 3,
            bit_triples: 4,
            mersenne107_dabits: 0,
            mersenne107_singlets: 3,
            mersenne107_triples: 2,
            scalar_dabits: 2,
            base_field_dabits: 3,
            base_field_pow_pairs: vec![
                (BoxedUint::from(vec![21]), 6),
                (BoxedUint::from(vec![13]), 7),
            ]
            .into_iter()
            .collect(),
        };

        let c = a + b;

        assert_eq!(c.scalar_singlets, 3);
        assert_eq!(c.scalar_triples, 5);
        assert_eq!(c.base_field_singlets, 3);
        assert_eq!(c.base_field_triples, 9);
        assert_eq!(c.bit_singlets, 3);
        assert_eq!(c.bit_triples, 5);
        assert_eq!(c.mersenne107_dabits, 0);
        assert_eq!(c.mersenne107_singlets, 3);
        assert_eq!(c.mersenne107_triples, 2);
        assert_eq!(c.scalar_dabits, 3);
        assert_eq!(c.base_field_dabits, 5);
        assert_eq!(
            c.base_field_pow_pairs.get(&BoxedUint::from(vec![21])),
            Some(&11)
        );
        assert_eq!(
            c.base_field_pow_pairs.get(&BoxedUint::from(vec![14])),
            Some(&6)
        );
        assert_eq!(
            c.base_field_pow_pairs.get(&BoxedUint::from(vec![13])),
            Some(&7)
        );
    }
}