arcis-compiler 0.9.2

A framework for writing secure multi-party computation (MPC) circuits to be executed on the Arcium network.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180

use crate::{
    core::{
        bounds::{CurveBounds, FieldBounds, IsBounds},
        expressions::{
            expr::EvalFailure,
            macro_uses::{BoundWrap, ConstantBoundSampler},
            InputKind,
        },
    },
    utils::{curve_point::CurvePoint, field::ScalarField, ignore_for_equality::IgnoreForEquality},
};
use arcis_internal_expr_macro::Expr;
use primitives::algebra::{
    elliptic_curve::{Curve as AsyncMPCCurve, Curve25519Ristretto},
    field::subfield_element::SubfieldElement,
};
use serde::{Deserialize, Serialize};
use std::{cell::Cell, marker::PhantomData, rc::Rc};

pub type InputId = usize;

/// The kind of input.

#[derive(Clone, Debug, PartialEq, Eq, Hash, Serialize, Deserialize)]
pub struct InputInfo {
    pub kind: InputKind,
    pub name: String,
    pub has_already_been_found_unused: IgnoreForEquality<Cell<bool>>,
}

impl InputInfo {
    pub fn to_async_mpc_input(&self) -> core_utils::circuit::Input<Curve25519Ristretto> {
        match self.kind {
            InputKind::Secret => core_utils::circuit::Input::Share {
                algebraic_type: core_utils::circuit::AlgebraicType::Point,
                batched: core_utils::circuit::Batched::No,
            },
            InputKind::SecretFromPlayer(i) => core_utils::circuit::Input::SecretPlaintext {
                inputer: i,
                algebraic_type: core_utils::circuit::AlgebraicType::Point,
                batched: core_utils::circuit::Batched::No,
            },
            InputKind::Plaintext => {
                core_utils::circuit::Input::Point(core_utils::circuit::PointPlaintext::<
                    Curve25519Ristretto,
                >::Input(1))
            }
        }
    }
}

impl Default for InputInfo {
    fn default() -> Self {
        let kind = InputKind::Plaintext;
        let name = "_".to_owned();
        let has_already_been_found_unused = IgnoreForEquality(Cell::new(false));
        Self {
            kind,
            name,
            has_already_been_found_unused,
        }
    }
}

impl InputInfo {
    pub fn is_plaintext(&self) -> bool {
        self.kind.is_plaintext()
    }
}

impl From<InputKind> for InputInfo {
    fn from(value: InputKind) -> Self {
        InputInfo {
            kind: value,
            ..InputInfo::default()
        }
    }
}

/// Expressions for elliptic curve circuits.
#[derive(Clone, Debug, PartialEq, Eq, Hash, Serialize, Deserialize, Expr)]
pub enum CurveExpr<C: Clone, S: Clone = C> {
    // C = Curve
    // S = Scalar
    /// An input that will produce a curve point.
    Input(InputId, Rc<InputInfo>),
    /// Addition between two curve points.
    Add(C, C),
    /// Negative of a curve point.
    Neg(C),
    /// Multiplication between a scalar and a curve point.
    Mul(S, C),
    /// Reveals a curve point, making it plaintext.
    /// Revealing an already revealed or plaintext curve point will work and not increase circuit
    /// size.
    Reveal(C),
    /// A curve point constant.
    Val(CurvePoint),
}

impl CurveExpr<bool> {
    pub fn is_plaintext(&self) -> bool {
        match self {
            CurveExpr::Input(_, info) => info.is_plaintext(),
            CurveExpr::Reveal(_) => true,
            CurveExpr::Val(_) => true,
            _ => self.get_deps().iter().all(|x| *x),
        }
    }
}

impl<T: Clone, S: Clone> CurveExpr<T, S> {
    pub fn is_eval_deterministic_fn_from_deps(&self) -> bool {
        !matches!(self, CurveExpr::Input(_, _))
    }

    pub fn get_input(&self) -> Option<InputId> {
        match self {
            CurveExpr::Input(id, _) => Some(*id),
            _ => None,
        }
    }

    pub fn get_input_name(&self) -> &str {
        match self {
            CurveExpr::Input(_, info) => info.name.as_str(),
            _ => "",
        }
    }

    pub fn get_is_input_already_optimized_out(&self) -> Option<&Cell<bool>> {
        match self {
            CurveExpr::Input(_, info) => Some(&info.has_already_been_found_unused.0),
            _ => None,
        }
    }
}

impl CurveExpr<CurvePoint, ScalarField> {
    pub fn eval(self) -> Result<CurvePoint, EvalFailure> {
        let val: CurvePoint = match self {
            CurveExpr::Input(_, _) => EvalFailure::err_imp("Input not evaluable here")?,
            CurveExpr::Add(e1, e2) => e1 + e2,
            CurveExpr::Mul(e1, e2) => {
                let e1 = SubfieldElement::new(
                    <Curve25519Ristretto as AsyncMPCCurve>::Scalar::from_canonical_bytes(
                        e1.to_le_bytes(),
                    )
                    .unwrap(),
                );
                // in async-mpc, multiplication is curve_point * scalar
                e2 * e1
            }
            CurveExpr::Reveal(e) => e,
            CurveExpr::Val(e) => e,
            CurveExpr::Neg(e) => -e,
        };
        Ok(val)
    }
}

impl CurveExpr<CurveBounds, FieldBounds<ScalarField>> {
    pub fn bounds(self) -> CurveBounds {
        match self {
            CurveExpr::Input(_, _) => CurveBounds::All,
            _ => {
                let deps = ApplyCurveExpr::apply(&mut BoundWrap, self.clone()).get_deps();
                if deps.iter().any(|x| x.is_empty()) {
                    CurveBounds::Empty
                } else if deps.iter().all(|x1| x1.as_constant().is_some()) {
                    let sampled = ApplyCurveExpr::apply(&mut ConstantBoundSampler, self);
                    let val = sampled.eval().expect("Can't evaluate constant CurveExpr");
                    CurveBounds::Constant(val)
                } else {
                    CurveBounds::All
                }
            }
        }
    }
}