Add Halo2 Circuit for SKEncryption (#21)

* chore: init rust crate * chore: init circuit * feat: update halo2 circuit * chore: minor fixes * chore: update poc to new notation * feat: add partial `sk_encryption_circuit` * feat: add script to generate circuit parameters * feat: complete `sk_encryption_circuit` * chore: fix variable naming * chore: prettify further and add tests * feat: update * chore: update folder structure * feat: update commitment logic and extend prover to `k` ciphertexts * chore: prettify syntax and in-line comments * feat: add negative tests * chore: update comments * chore: rename repo * chore: refactor * chore: minor fixes * feat: encode `qis` and `k0is` as constants of the circuti * fix: minor fixes * chore: add further testing * feat: init circuit profiling * feat: add circuit profiling in python * chore: minor
privacy-scaling-explorations · Feb 8, 2024 · 879d0de · 879d0de
1 parent 79ea0b8
commit 879d0de
Show file tree

Hide file tree

Showing 19 changed files with 1,443 additions and 902 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,160 +1,14 @@
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
-
-# C extensions
-*.so
-
-# Distribution / packaging
-.Python
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-wheels/
-share/python-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
-.nox/
-.coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*.cover
-*.py,cover
-.hypothesis/
-.pytest_cache/
-cover/
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-db.sqlite3
-db.sqlite3-journal
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-.pybuilder/
+# Generated by Cargo
+# will have compiled files and executables
+debug/
 target/
 
-# Jupyter Notebook
-.ipynb_checkpoints
-
-# IPython
-profile_default/
-ipython_config.py
-
-# pyenv
-#   For a library or package, you might want to ignore these files since the code is
-#   intended to run in multiple environments; otherwise, check them in:
-# .python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# poetry
-#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
-#   This is especially recommended for binary packages to ensure reproducibility, and is more
-#   commonly ignored for libraries.
-#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
-#poetry.lock
-
-# pdm
-#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
-#pdm.lock
-#   pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
-#   in version control.
-#   https://pdm.fming.dev/#use-with-ide
-.pdm.toml
-
-# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
-__pypackages__/
-
-# Celery stuff
-celerybeat-schedule
-celerybeat.pid
-
-# SageMath parsed files
-*.sage.py
-
-# Environments
-.env
-.venv
-env/
-venv/
-ENV/
-env.bak/
-venv.bak/
-
-# Spyder project settings
-.spyderproject
-.spyproject
-
-# Rope project settings
-.ropeproject
-
-# mkdocs documentation
-/site
-
-# mypy
-.mypy_cache/
-.dmypy.json
-dmypy.json
-
-# Pyre type checker
-.pyre/
-
-# pytype static type analyzer
-.pytype/
+# Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
+# More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html
+Cargo.lock
 
-# Cython debug symbols
-cython_debug/
+# These are backup files generated by rustfmt
+**/*.rs.bk
 
-# PyCharm
-#  JetBrains specific template is maintained in a separate JetBrains.gitignore that can
-#  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
-#  and can be added to the global gitignore or merged into this file.  For a more nuclear
-#  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
+# MSVC Windows builds of rustc generate these, which store debugging information
+*.pdb
diff --git a/Cargo.toml b/Cargo.toml
@@ -0,0 +1,43 @@
+[package]
+name = "greco"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+halo2-base = { git = "https://github.com/axiom-crypto/halo2-lib.git", tag = "v0.4.1-git", default-features = false, features = ["test-utils", "halo2-axiom"] }
+rand = "0.8"
+axiom-eth = { git = "https://github.com/gaussian-dev/axiom-eth", default-features = false, features = ["halo2-axiom"] }
+serde = { version = "=1.0", default-features = false, features = ["derive"] }
+serde_json = { version = "1.0", default-features = false }
+itertools = "0.11"
+
+[profile.dev]
+opt-level = 3
+debug = 2              # change to 0 or 2 for more or less debug info
+overflow-checks = true
+incremental = true
+
+# Local "release" mode, more optimized than dev but faster to compile than release
+[profile.local]
+inherits = "dev"
+opt-level = 3
+# Set this to 1 or 2 to get more useful backtraces
+debug = 1
+debug-assertions = true
+panic = 'unwind'
+# better recompile times
+incremental = true
+lto = "thin"
+codegen-units = 16
+
+[profile.release]
+opt-level = 3
+debug = false
+debug-assertions = false
+lto = "fat"
+# `codegen-units = 1` can lead to WORSE performance - always bench to find best profile for your machine!
+codegen-units = 1
+panic = "abort"
+incremental = false
diff --git a/README.md b/README.md
@@ -1,10 +1,57 @@
-# proof
+# Greco
 
-Circuit for proving the correct encryption under BFV fully homomorphic encryption scheme. Note that this can be also generalized to any RLWE-based FHE scheme. Based on https://hackmd.io/@gaussian/HJ8DYyjPp.
+Circuit for proving the correct encryption under BFV fully homomorphic encryption scheme. Note that this can be also generalized to any RLWE-based FHE scheme. Based on https://hackmd.io/@gaussian/r1W98Kqqa.
 
-The repository contains a python prototype for the secret key proof of encryption and for public key proof of encryption
+### Generate Parameters
 
-```python
-python3 circuit_sk.py
-python3 circuit_pk.py
-```
+To generate the parameters for the secret key proof of encryption circuit run the following command:
+
+```bash
+python3 scripts/circuit_sk.py -n 1024 -qis '[                                      
+    1152921504606584833,
+    1152921504598720513,
+    1152921504597016577,
+    1152921504595968001,
+    1152921504595640321,
+    1152921504593412097,
+    1152921504592822273,
+    1152921504592429057,
+    1152921504589938689,
+    1152921504586530817,
+    1152921504585547777,
+    1152921504583647233,
+    1152921504581877761,
+    1152921504581419009,
+    1152921504580894721
+]' -t 65537  -output_input ./src/data/sk_enc_input.json -output_constants ./src/constants/sk_enc.rs
+```
+
+Where `-n` is the degree of the polynomial, `-qis` is the list of moduli qis such that qis[i] is the modulus of the i-th CRT basis of the modulus q of the ciphertext space, `-t` is the plaintext modulus and `-output_input` is path to the json file containing the circuit input and `-output_constants` is the path to the rust file containing the circuit generic constants. The value of `𝜎` for the gaussian distribution is set to 3.2 by default.
+
+You can modify these parameters to fit your needs.
+
+As a result:
+- A file `./src/data/sk_enc_input.json` is generated including the input to the circuit that can be used for testing. It includes a random secret key, a random plaintext message and the corresponding ciphertext encrypted under the secret key.
+- A file `./src/constants/sk_enc.rs` is generated including the generic constants for the circuit. Note that we separate them from the input because these should be known at compile time.
+
+On top of that, the console will print an estimatation of the number of advice cells needed to compile the circuit in halo2 considering a single advice column and a lookup table of size 2^8.
+
+### Circuit
+
+```
+cargo build
+cargo test --release -- --nocapture
+```
+
+The halo2 circuit is based on a fork of `axiom-eth` that implements two minor changes:
+
+- `RlcCircuit` and `RlcExecutor` are included into a utils mod such that they can be consumed outside of the crate 
+- The `RlcCircuitInstructions` are modified to enable equality constraints on instance column in Second Phase
+
+Further testing, incorporating the whole flow of generating random parameters and random input and generating a proof can be run with:
+
+```
+python3 scripts/test.py 20
+```
+
+Where `20` is number of times the test should be run. Any error is added to the `scripts/error_log.txt` file.