Merging master into aztec3

cpp/CMakeLists.txt

@@ -61,7 +61,7 @@ endif()
 
 set(CMAKE_C_STANDARD 11)
 set(CMAKE_C_EXTENSIONS ON)
-set(CMAKE_CXX_STANDARD 20)
+set(CMAKE_CXX_STANDARD 23)
 set(CMAKE_CXX_STANDARD_REQUIRED TRUE)
 set(CMAKE_CXX_EXTENSIONS ON)
 

cpp/scripts/bb-tests

@@ -2,7 +2,7 @@ crypto_aes128_tests
 crypto_blake2s_tests
 crypto_blake3s_tests
 crypto_ecdsa_tests
-crypto_pedersen_tests
+crypto_pedersen_commitment_tests
 crypto_schnorr_tests
 crypto_sha256_tests
 ecc_tests
@@ -18,7 +18,7 @@ stdlib_blake2s_tests
 stdlib_blake3s_tests
 stdlib_ecdsa_tests
 stdlib_merkle_tree_tests
-stdlib_pedersen_tests
+stdlib_pedersen_commitment_tests
 stdlib_schnorr_tests
 stdlib_sha256_tests
 transcript_tests

cpp/src/aztec/CMakeLists.txt

@@ -71,13 +71,15 @@ if(WASM)
         $<TARGET_OBJECTS:crypto_blake3s_objects>
         $<TARGET_OBJECTS:crypto_keccak_objects>
         $<TARGET_OBJECTS:crypto_schnorr_objects>
-        $<TARGET_OBJECTS:crypto_pedersen_objects>
+        $<TARGET_OBJECTS:crypto_generators_objects>
+        $<TARGET_OBJECTS:crypto_pedersen_commitment_objects>
         $<TARGET_OBJECTS:ecc_objects>
         $<TARGET_OBJECTS:polynomials_objects>
         $<TARGET_OBJECTS:plonk_objects>
         $<TARGET_OBJECTS:stdlib_primitives_objects>
         $<TARGET_OBJECTS:stdlib_schnorr_objects>
-        $<TARGET_OBJECTS:stdlib_pedersen_objects>
+        $<TARGET_OBJECTS:stdlib_pedersen_hash_objects>
+        $<TARGET_OBJECTS:stdlib_pedersen_commitment_objects>
         $<TARGET_OBJECTS:stdlib_blake2s_objects>
         $<TARGET_OBJECTS:stdlib_blake3s_objects>
     )
@@ -117,13 +119,15 @@ if(WASM)
         $<TARGET_OBJECTS:crypto_blake3s_objects>
         $<TARGET_OBJECTS:crypto_keccak_objects>
         $<TARGET_OBJECTS:crypto_schnorr_objects>
-        $<TARGET_OBJECTS:crypto_pedersen_objects>
+        $<TARGET_OBJECTS:crypto_pedersen_hash_objects>
+        $<TARGET_OBJECTS:crypto_pedersen_commitment_objects>
         $<TARGET_OBJECTS:ecc_objects>
         $<TARGET_OBJECTS:polynomials_objects>
         $<TARGET_OBJECTS:plonk_objects>
         $<TARGET_OBJECTS:stdlib_primitives_objects>
         $<TARGET_OBJECTS:stdlib_schnorr_objects>
-        $<TARGET_OBJECTS:stdlib_pedersen_objects>
+        $<TARGET_OBJECTS:stdlib_pedersen_hash_objects>
+        $<TARGET_OBJECTS:stdlib_pedersen_commitment_objects>
         $<TARGET_OBJECTS:stdlib_blake2s_objects>
         $<TARGET_OBJECTS:stdlib_blake3s_objects>
         $<TARGET_OBJECTS:stdlib_sha256_objects>
@@ -145,13 +149,15 @@ else()
         $<TARGET_OBJECTS:crypto_blake3s_objects>
         $<TARGET_OBJECTS:crypto_keccak_objects>
         $<TARGET_OBJECTS:crypto_schnorr_objects>
-        $<TARGET_OBJECTS:crypto_pedersen_objects>
+        $<TARGET_OBJECTS:crypto_pedersen_hash_objects>
+        $<TARGET_OBJECTS:crypto_pedersen_commitment_objects>
         $<TARGET_OBJECTS:ecc_objects>
         $<TARGET_OBJECTS:polynomials_objects>
         $<TARGET_OBJECTS:plonk_objects>
         $<TARGET_OBJECTS:stdlib_primitives_objects>
         $<TARGET_OBJECTS:stdlib_schnorr_objects>
-        $<TARGET_OBJECTS:stdlib_pedersen_objects>
+        $<TARGET_OBJECTS:stdlib_pedersen_hash_objects>
+        $<TARGET_OBJECTS:stdlib_pedersen_commitment_objects>
         $<TARGET_OBJECTS:stdlib_blake2s_objects>
         $<TARGET_OBJECTS:stdlib_blake3s_objects>
         $<TARGET_OBJECTS:stdlib_sha256_objects>

cpp/src/aztec/common/container.hpp

@@ -48,4 +48,16 @@ InnerCont flatten(Cont<InnerCont, Args...> const& in)
         result.insert(result.end(), e.begin(), e.end());
     }
     return result;
+}
+
+// Return the first index at which a given item can be found in the vector.
+// Only safe for vectors with length less than the size_t overflow size.
+template <typename T> long index_of(std::vector<T> const& vec, T const& item)
+{
+    auto const& begin = vec.begin();
+    auto const& end = vec.end();
+
+    auto const& itr = std::find(begin, end, item);
+
+    return itr == end ? -1 : std::distance(begin, itr);
 }

cpp/src/aztec/common/map.hpp

@@ -10,13 +10,29 @@ template <template <typename, typename...> typename Cont,
           typename... Args,
           typename F,
           typename OutElem = typename std::invoke_result<F, InElem const&>::type>
-Cont<OutElem> map(Cont<InElem, Args...> const& in, F op)
+Cont<OutElem> map(Cont<InElem, Args...> const& in, F&& op)
 {
     Cont<OutElem> result;
     std::transform(in.begin(), in.end(), std::back_inserter(result), op);
     return result;
 }
 
+/*
+ * Generic map function for mapping a std::array's elements to another type.
+ * TODO: this has only been added because I (Mike) couldn't get the above to work
+ * with an array.
+ */
+template <std::size_t SIZE,
+          typename InElem,
+          typename F,
+          typename OutElem = typename std::invoke_result<F, InElem const&>::type>
+std::array<OutElem, SIZE> map(std::array<InElem, SIZE> const& in, F&& op)
+{
+    std::array<OutElem, SIZE> result;
+    std::transform(in.begin(), in.end(), result.begin(), op);
+    return result;
+}
+
 /*
  * Generic map function for mapping a containers element to another type.
  * This version passes the element index as a second argument to the operator function.

cpp/src/aztec/common/serialize.hpp

@@ -34,6 +34,7 @@
 #include <map>
 #include <iostream>
 #include <common/log.hpp>
+#include <optional>
 
 #ifndef __i386__
 __extension__ using uint128_t = unsigned __int128;
@@ -311,6 +312,33 @@ template <typename B, typename T, typename U> inline void write(B& buf, std::map
     }
 }
 
+// Read std::optional<T>.
+template <typename B, typename T> inline void read(B& it, std::optional<T>& opt_value)
+{
+    bool is_nullopt;
+    read(it, is_nullopt);
+    if (is_nullopt) {
+        opt_value = std::nullopt;
+        return;
+    }
+    T value;
+    read(it, value);
+    opt_value = T(value);
+}
+
+// Write std::optional<T>.
+// Note: It takes up a different amount of space, depending on whether it's std::nullopt or populated with an actual
+// value.
+template <typename B, typename T> inline void write(B& buf, std::optional<T> const& opt_value)
+{
+    if (opt_value) {
+        write(buf, false); // is not nullopt
+        write(buf, *opt_value);
+        return;
+    }
+    write(buf, true); // is nullopt
+}
+
 } // namespace std
 
 // Helper functions that have return values.

cpp/src/aztec/common/streams.hpp

@@ -1,6 +1,7 @@
 #pragma once
 #include <iomanip>
 #include <ostream>
+#include <map>
 #include <vector>
 
 namespace std {
@@ -35,7 +36,7 @@ inline std::ostream& operator<<(std::ostream& os, std::vector<T> const& arr)
     for (auto element : arr) {
         os << ' ' << element << '\n';
     }
-    os << "]\n";
+    os << "]";
     return os;
 }
 
@@ -63,4 +64,25 @@ template <typename T, size_t S> inline std::ostream& operator<<(std::ostream& os
     return os;
 }
 
+template <typename T, typename U> inline std::ostream& operator<<(std::ostream& os, std::pair<T, U> const& pair)
+{
+    os << "(" << pair.first << ", " << pair.second << ")";
+    return os;
+}
+
+template <typename T> inline std::ostream& operator<<(std::ostream& os, std::optional<T> const& opt)
+{
+    return opt ? os << *opt : os << "std::nullopt";
+}
+
+template <typename T, typename U> inline std::ostream& operator<<(std::ostream& os, std::map<T, U> const& map)
+{
+    os << "[\n";
+    for (const auto& elem : map) {
+        os << " " << elem.first << ": " << elem.second << "\n";
+    }
+    os << "]";
+    return os;
+}
+
 } // namespace std

cpp/src/aztec/crypto/CMakeLists.txt

@@ -1,9 +1,11 @@
 add_subdirectory(hmac)
+add_subdirectory(generators)
 add_subdirectory(blake2s)
 add_subdirectory(blake3s)
 add_subdirectory(blake3s_full)
 add_subdirectory(keccak)
-add_subdirectory(pedersen)
+add_subdirectory(pedersen_commitment)
+add_subdirectory(pedersen_hash)
 add_subdirectory(schnorr)
 add_subdirectory(sha256)
 add_subdirectory(ecdsa)

cpp/src/aztec/crypto/generators/CMakeLists.txt

@@ -0,0 +1 @@
+barretenberg_module(crypto_generators ecc)

cpp/src/aztec/crypto/pedersen/fixed_base_scalar_mul.hpp → cpp/src/aztec/crypto/generators/fixed_base_scalar_mul.hpp

@@ -1,8 +1,9 @@
 #pragma once
 #include <ecc/curves/grumpkin/grumpkin.hpp>
+#include "./generator_data.hpp"
 
 namespace crypto {
-namespace pedersen {
+namespace generators {
 
 constexpr uint64_t WNAF_MASK = 0x7fffffffUL;
 
@@ -17,7 +18,7 @@ grumpkin::g1::element fixed_base_scalar_mul(const barretenberg::fr& in, const si
     constexpr size_t num_quads = ((num_quads_base << 1) + 1 < num_bits) ? num_quads_base + 1 : num_quads_base;
     constexpr size_t num_wnaf_bits = (num_quads << 1) + 1;
 
-    const crypto::pedersen::fixed_base_ladder* ladder = gen_data.get_ladder(num_bits);
+    const crypto::generators::fixed_base_ladder* ladder = gen_data.get_ladder(num_bits);
 
     uint64_t wnaf_entries[num_quads + 2] = { 0 };
     bool skew = false;
@@ -40,5 +41,5 @@ grumpkin::g1::element fixed_base_scalar_mul(const barretenberg::fr& in, const si
     return accumulator.normalize();
 }
 
-} // namespace pedersen
+} // namespace generators
 } // namespace crypto

cpp/src/aztec/crypto/pedersen/generator_data.cpp → cpp/src/aztec/crypto/generators/generator_data.cpp

@@ -1,7 +1,7 @@
 #include "./generator_data.hpp"
 
 namespace crypto {
-namespace pedersen {
+namespace generators {
 namespace {
 
 // The number of unique base points with default main index with precomputed ladders
@@ -276,5 +276,5 @@ const fixed_base_ladder* generator_data::get_hash_ladder(size_t num_bits) const
     return get_ladder_internal(hash_ladder, num_bits);
 }
 
-} // namespace pedersen
+} // namespace generators
 } // namespace crypto

cpp/src/aztec/crypto/pedersen/generator_data.hpp → cpp/src/aztec/crypto/generators/generator_data.hpp

@@ -4,7 +4,7 @@
 #include <ecc/curves/grumpkin/grumpkin.hpp>
 
 namespace crypto {
-namespace pedersen {
+namespace generators {
 
 struct generator_index_t {
     size_t index;
@@ -58,5 +58,5 @@ std::vector<std::unique_ptr<generator_data>> const& init_generator_data();
 const fixed_base_ladder* get_g1_ladder(const size_t num_bits);
 generator_data const& get_generator_data(generator_index_t index);
 
-} // namespace pedersen
+} // namespace generators
 } // namespace crypto

cpp/src/aztec/crypto/pedersen/pedersen.test.cpp → cpp/src/aztec/crypto/generators/generator_data.test.cpp

@@ -1,10 +1,11 @@
 #include <gtest/gtest.h>
 #include <common/streams.hpp>
-#include "./pedersen.hpp"
+#include "./fixed_base_scalar_mul.hpp"
+#include "./generator_data.hpp"
 
-using namespace crypto::pedersen;
+using namespace crypto::generators;
 
-TEST(pedersen, hash_ladder_structure)
+TEST(generators, hash_ladder_structure)
 {
     generator_index_t index = { 2, 0 };
     generator_data gen_data = get_generator_data(index);
@@ -60,7 +61,7 @@ TEST(pedersen, hash_ladder_structure)
     EXPECT_EQ(grumpkin::g1::element(hash_ladder[0].one), mult);
 }
 
-TEST(pedersen, fixed_base_scalar_mul)
+TEST(generators, fixed_base_scalar_mul)
 {
     uint256_t scalar(123, 0, 0, 0);
 

cpp/src/aztec/crypto/pedersen_commitment/CMakeLists.txt

@@ -0,0 +1 @@
+barretenberg_module(crypto_pedersen_commitment ecc crypto_generators crypto_pedersen_hash)

cpp/src/aztec/crypto/pedersen_commitment/c_bind.cpp

@@ -0,0 +1,37 @@
+#include "pedersen.hpp"
+#include <common/serialize.hpp>
+#include <common/timer.hpp>
+#include <common/mem.hpp>
+#include <common/streams.hpp>
+#define WASM_EXPORT __attribute__((visibility("default")))
+
+extern "C" {
+
+WASM_EXPORT void pedersen__init()
+{
+    crypto::generators::init_generator_data();
+}
+
+WASM_EXPORT void pedersen__compress(uint8_t const* inputs_buffer, uint8_t* output)
+{
+    std::vector<grumpkin::fq> to_compress;
+    read(inputs_buffer, to_compress);
+    auto r = crypto::pedersen_commitment::compress_native(to_compress);
+    barretenberg::fr::serialize_to_buffer(r, output);
+}
+
+WASM_EXPORT void pedersen__compress_with_hash_index(uint8_t const* inputs_buffer, uint8_t* output, uint32_t hash_index)
+{
+    std::vector<grumpkin::fq> to_compress;
+    read(inputs_buffer, to_compress);
+    auto r = crypto::pedersen_commitment::compress_native(to_compress, hash_index);
+    barretenberg::fr::serialize_to_buffer(r, output);
+}
+
+WASM_EXPORT void pedersen__buffer_to_field(uint8_t const* data, size_t length, uint8_t* r)
+{
+    std::vector<uint8_t> to_compress(data, data + length);
+    auto output = crypto::pedersen_commitment::compress_native(to_compress);
+    write(r, output);
+}
+}