Enum ark_r1cs_std::bits::boolean::Boolean

pub enum Boolean<F: Field> {
    Is(AllocatedBool<F>),
    Not(AllocatedBool<F>),
    Constant(bool),
}

Represents a boolean value in the constraint system which is guaranteed to be either zero or one.

Variants

Is(AllocatedBool<F>)

Existential view of the boolean variable.

Not(AllocatedBool<F>)

Negated view of the boolean variable.

Constant(bool)

Constant (not an allocated variable).

Implementations

impl<F: Field> Boolean<F>

pub const TRUE: Self

The constant true.

pub const FALSE: Self

The constant false.

pub fn lc(&self) -> LinearCombination<F>

Constructs a LinearCombination from Self’s variables according to the following map.

• Boolean::Constant(true) => lc!() + Variable::One
• Boolean::Constant(false) => lc!()
• Boolean::Is(v) => lc!() + v.variable()
• Boolean::Not(v) => lc!() + Variable::One - v.variable()

pub fn constant_vec_from_bytes(values: &[u8]) -> Vec<Self>

Constructs a Boolean vector from a slice of constant u8. The u8s are decomposed in little-endian manner.

This does not create any new variables or constraints.

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();
let t = Boolean::<Fr>::TRUE;
let f = Boolean::<Fr>::FALSE;

let bits = vec![f, t];
let generated_bits = Boolean::constant_vec_from_bytes(&[2]);
bits[..2].enforce_equal(&generated_bits[..2])?;
assert!(cs.is_satisfied().unwrap());

pub fn constant(b: bool) -> Self

Constructs a constant Boolean with value b.

This does not create any new variables or constraints.

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_r1cs_std::prelude::*;

let true_var = Boolean::<Fr>::TRUE;
let false_var = Boolean::<Fr>::FALSE;

true_var.enforce_equal(&Boolean::constant(true))?;
false_var.enforce_equal(&Boolean::constant(false))?;

pub fn not(&self) -> Self

Negates self.

This does not create any new variables or constraints.

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;

a.not().enforce_equal(&b)?;
b.not().enforce_equal(&a)?;

a.not().enforce_equal(&Boolean::FALSE)?;
b.not().enforce_equal(&Boolean::TRUE)?;

assert!(cs.is_satisfied().unwrap());

pub fn xor<'a>(&'a self, other: &'a Self) -> Result<Self, SynthesisError>

Outputs self ^ other.

If at least one of self and other are constants, then this method does not create any constraints or variables.

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;

a.xor(&b)?.enforce_equal(&Boolean::TRUE)?;
b.xor(&a)?.enforce_equal(&Boolean::TRUE)?;

a.xor(&a)?.enforce_equal(&Boolean::FALSE)?;
b.xor(&b)?.enforce_equal(&Boolean::FALSE)?;

assert!(cs.is_satisfied().unwrap());

pub fn or<'a>(&'a self, other: &'a Self) -> Result<Self, SynthesisError>

Outputs self | other.

If at least one of self and other are constants, then this method does not create any constraints or variables.

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;

a.or(&b)?.enforce_equal(&Boolean::TRUE)?;
b.or(&a)?.enforce_equal(&Boolean::TRUE)?;

a.or(&a)?.enforce_equal(&Boolean::TRUE)?;
b.or(&b)?.enforce_equal(&Boolean::FALSE)?;

assert!(cs.is_satisfied().unwrap());

pub fn and<'a>(&'a self, other: &'a Self) -> Result<Self, SynthesisError>

Outputs self & other.

If at least one of self and other are constants, then this method does not create any constraints or variables.

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;

a.and(&a)?.enforce_equal(&Boolean::TRUE)?;

a.and(&b)?.enforce_equal(&Boolean::FALSE)?;
b.and(&a)?.enforce_equal(&Boolean::FALSE)?;
b.and(&b)?.enforce_equal(&Boolean::FALSE)?;

assert!(cs.is_satisfied().unwrap());

pub fn kary_and(bits: &[Self]) -> Result<Self, SynthesisError>

Outputs bits[0] & bits[1] & ... & bits.last().unwrap().

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;
let c = Boolean::new_witness(cs.clone(), || Ok(true))?;

Boolean::kary_and(&[a.clone(), b.clone(), c.clone()])?.enforce_equal(&Boolean::FALSE)?;
Boolean::kary_and(&[a.clone(), c.clone()])?.enforce_equal(&Boolean::TRUE)?;

assert!(cs.is_satisfied().unwrap());

pub fn kary_or(bits: &[Self]) -> Result<Self, SynthesisError>

Outputs bits[0] | bits[1] | ... | bits.last().unwrap().

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;
let c = Boolean::new_witness(cs.clone(), || Ok(false))?;

Boolean::kary_or(&[a.clone(), b.clone(), c.clone()])?.enforce_equal(&Boolean::TRUE)?;
Boolean::kary_or(&[a.clone(), c.clone()])?.enforce_equal(&Boolean::TRUE)?;
Boolean::kary_or(&[b.clone(), c.clone()])?.enforce_equal(&Boolean::FALSE)?;

assert!(cs.is_satisfied().unwrap());

pub fn kary_nand(bits: &[Self]) -> Result<Self, SynthesisError>

Outputs (bits[0] & bits[1] & ... & bits.last().unwrap()).not().

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;
let c = Boolean::new_witness(cs.clone(), || Ok(true))?;

Boolean::kary_nand(&[a.clone(), b.clone(), c.clone()])?.enforce_equal(&Boolean::TRUE)?;
Boolean::kary_nand(&[a.clone(), c.clone()])?.enforce_equal(&Boolean::FALSE)?;
Boolean::kary_nand(&[b.clone(), c.clone()])?.enforce_equal(&Boolean::TRUE)?;

assert!(cs.is_satisfied().unwrap());

pub fn le_bits_to_fp_var(bits: &[Self]) -> Result<FpVar<F>, SynthesisError> where
    F: PrimeField, 

Convert a little-endian bitwise representation of a field element to FpVar<F>

pub fn enforce_in_field_le(bits: &[Self]) -> Result<(), SynthesisError>

Enforces that bits, when interpreted as a integer, is less than F::characteristic(), That is, interpret bits as a little-endian integer, and enforce that this integer is “in the field Z_p”, where p = F::characteristic() .

pub fn enforce_smaller_or_equal_than_le<'a>(
    bits: &[Self],
    element: impl AsRef<[u64]>
) -> Result<Vec<Self>, SynthesisError>

Enforces that bits is less than or equal to element, when both are interpreted as (little-endian) integers.

pub fn select<T: CondSelectGadget<F>>(
    &self,
    first: &T,
    second: &T
) -> Result<T, SynthesisError>

Conditionally selects one of first and second based on the value of self:

If self.is_eq(&Boolean::TRUE), this outputs first; else, it outputs second.

// We'll use the BLS12-381 scalar field for our constraints.
use ark_test_curves::bls12_381::Fr;
use ark_relations::r1cs::*;
use ark_r1cs_std::prelude::*;

let cs = ConstraintSystem::<Fr>::new_ref();

let a = Boolean::new_witness(cs.clone(), || Ok(true))?;
let b = Boolean::new_witness(cs.clone(), || Ok(false))?;

let cond = Boolean::new_witness(cs.clone(), || Ok(true))?;

cond.select(&a, &b)?.enforce_equal(&Boolean::TRUE)?;
cond.select(&b, &a)?.enforce_equal(&Boolean::FALSE)?;

assert!(cs.is_satisfied().unwrap());

Trait Implementations

impl<F: Field> AllocVar<bool, F> for Boolean<F>

fn new_variable<T: Borrow<bool>>(
    cs: impl Into<Namespace<F>>,
    f: impl FnOnce() -> Result<T, SynthesisError>,
    mode: AllocationMode
) -> Result<Self, SynthesisError>

Allocates a new variable of type Self in the ConstraintSystem cs. The mode of allocation is decided by mode.

fn new_constant(
    cs: impl Into<Namespace<F>>,
    t: impl Borrow<V>
) -> Result<Self, SynthesisError>

Allocates a new constant of type Self in the ConstraintSystem cs.

fn new_input<T: Borrow<V>>(
    cs: impl Into<Namespace<F>>,
    f: impl FnOnce() -> Result<T, SynthesisError>
) -> Result<Self, SynthesisError>

Allocates a new public input of type Self in the ConstraintSystem cs.

fn new_witness<T: Borrow<V>>(
    cs: impl Into<Namespace<F>>,
    f: impl FnOnce() -> Result<T, SynthesisError>
) -> Result<Self, SynthesisError>

Allocates a new private witness of type Self in the ConstraintSystem cs.

impl<F: Clone + Field> Clone for Boolean<F>

fn clone(&self) -> Boolean<F>

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<F: Field> CondSelectGadget<F> for Boolean<F>

fn conditionally_select(
    cond: &Boolean<F>,
    true_val: &Self,
    false_val: &Self
) -> Result<Self, SynthesisError>

If cond == &Boolean::TRUE, then this returns true_value; else, returns false_value.

fn conditionally_select_power_of_two_vector(
    position: &[Boolean<ConstraintF>],
    values: &[Self]
) -> Result<Self, SynthesisError>

Returns an element of values whose index in represented by position. position is an array of boolean that represents an unsigned integer in big endian order.

impl<F: Debug + Field> Debug for Boolean<F>

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<F: Field> EqGadget<F> for Boolean<F>

fn is_eq(&self, other: &Self) -> Result<Boolean<F>, SynthesisError>

Output a Boolean value representing whether self.value() == other.value().

fn conditional_enforce_equal(
    &self,
    other: &Self,
    condition: &Boolean<F>
) -> Result<(), SynthesisError>

If should_enforce == true, enforce that self and other are equal; else, enforce a vacuously true statement.

fn conditional_enforce_not_equal(
    &self,
    other: &Self,
    should_enforce: &Boolean<F>
) -> Result<(), SynthesisError>

If should_enforce == true, enforce that self and other are not equal; else, enforce a vacuously true statement.

fn is_neq(&self, other: &Self) -> Result<Boolean<F>, SynthesisError>

Output a Boolean value representing whether self.value() != other.value().

fn enforce_equal(&self, other: &Self) -> Result<(), SynthesisError>

Enforce that self and other are equal.

fn enforce_not_equal(&self, other: &Self) -> Result<(), SynthesisError>

Enforce that self and other are not equal.

impl<F: Field> From<AllocatedBool<F>> for Boolean<F>

fn from(b: AllocatedBool<F>) -> Self

Performs the conversion.

impl<BF, P> From<Boolean<<P as CubicExtParameters>::BasePrimeField>> for CubicExtVar<BF, P> where
    BF: FieldVar<P::BaseField, P::BasePrimeField>,
    for<'a> &'a BF: FieldOpsBounds<'a, P::BaseField, BF>,
    P: CubicExtVarParams<BF>, 

fn from(other: Boolean<P::BasePrimeField>) -> Self

Performs the conversion.

impl<BF, P> From<Boolean<<P as QuadExtParameters>::BasePrimeField>> for QuadExtVar<BF, P> where
    BF: FieldVar<P::BaseField, P::BasePrimeField>,
    for<'a> &'a BF: FieldOpsBounds<'a, P::BaseField, BF>,
    P: QuadExtVarParams<BF>, 

fn from(other: Boolean<P::BasePrimeField>) -> Self

Performs the conversion.

impl<F: PrimeField> From<Boolean<F>> for FpVar<F>

fn from(other: Boolean<F>) -> Self

Performs the conversion.

impl<F: PartialEq + Field> PartialEq<Boolean<F>> for Boolean<F>

fn eq(&self, other: &Boolean<F>) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Boolean<F>) -> bool

This method tests for !=.

impl<F: Field> R1CSVar<F> for Boolean<F>

type Value = bool

The type of the “native” value that Self represents in the constraint system.

fn cs(&self) -> ConstraintSystemRef<F>

Returns the underlying ConstraintSystemRef.

fn value(&self) -> Result<Self::Value, SynthesisError>

Returns the value that is assigned to self in the underlying ConstraintSystem.

fn is_constant(&self) -> bool

Returns true if self is a circuit-generation-time constant.

impl<F: Field> ToBitsGadget<F> for Boolean<F>

fn to_bits_le(&self) -> Result<Vec<Boolean<F>>, SynthesisError>

Outputs the canonical little-endian bit-wise representation of self.

fn to_non_unique_bits_le(&self) -> Result<Vec<Boolean<F>>, SynthesisError>

Outputs a possibly non-unique little-endian bit-wise representation of self.

fn to_bits_be(&self) -> Result<Vec<Boolean<F>>, SynthesisError>

Outputs the canonical big-endian bit-wise representation of self.

fn to_non_unique_bits_be(&self) -> Result<Vec<Boolean<F>>, SynthesisError>

Outputs a possibly non-unique big-endian bit-wise representation of self.

impl<F: Field> ToBytesGadget<F> for Boolean<F>

fn to_bytes(&self) -> Result<Vec<UInt8<F>>, SynthesisError>

Outputs 1u8 if self is true, and 0u8 otherwise.

fn to_non_unique_bytes(&self) -> Result<Vec<UInt8<F>>, SynthesisError>

Outputs a possibly non-unique byte decomposition of self.

impl<F: PrimeField> ToConstraintFieldGadget<F> for Boolean<F>

fn to_constraint_field(&self) -> Result<Vec<FpVar<F>>, SynthesisError>

Converts self to FpVar<ConstraintF> variables.

impl<F: Eq + Field> Eq for Boolean<F>

impl<F: Field> StructuralEq for Boolean<F>

impl<F: Field> StructuralPartialEq for Boolean<F>