feat: cache lookup consts vk

.github/workflows/ci.yml

@@ -16,18 +16,22 @@ jobs:
       - name: Install toolchain
         uses: actions-rs/toolchain@v1
         with:
-          toolchain: stable
+          toolchain: 1.77.2
           profile: minimal
-
+          
       - uses: Swatinem/rust-cache@v1
         with:
           cache-on-failure: true
 
       - name: Install solc
-        run: (hash svm 2>/dev/null || cargo install svm-rs) && svm install 0.8.21 && solc --version
+        run: (hash svm 2>/dev/null || cargo install svm-rs) && svm install 0.8.20 && svm use 0.8.20 && solc --version
 
-      - name: Run test
+      - name: Run test (mv lookups)
         run: cargo test --workspace --all-features --all-targets -- --nocapture
+      - name: Run test (non-mv lookups)
+        run: cargo test --workspace --all-targets -- --nocapture
+      - name: Run separate example
+        run: cargo run --package halo2_solidity_verifier --example separately --all-features -- --nocapture
 
   lint:
     name: Lint

Cargo.toml

@@ -4,28 +4,33 @@ version = "0.1.0"
 edition = "2021"
 
 [dependencies]
-halo2_proofs = { git = "https://github.com/privacy-scaling-explorations/halo2", tag = "v2023_04_20" }
+halo2_proofs = { git = "https://github.com/zkonduit/halo2?branch=ac/cache-lookup-commitments#8b13a0d2a7a34d8daab010dadb2c47dfa47d37d0", package = "halo2_proofs", branch = "ac/cache-lookup-commitments" }
 askama = { version = "0.12.0", features = ["config"], default-features = false }
 hex = "0.4.3"
-ruint = "1"
+ruint = "1.8.0"
 sha3 = "0.10"
 itertools = "0.11.0"
 
 # Remove when `vk.transcript_repr()` is ready for usage.
 blake2b_simd = "1"
 
 # For feature = "evm"
-revm = { version = "3.3.0", default-features = false, optional = true }
+revm = { version = "14.0.1", default-features = false, optional = true }
 
 [dev-dependencies]
 rand = "0.8.5"
-revm = { version = "3.3.0", default-features = false }
-halo2_maingate = { git = "https://github.com/privacy-scaling-explorations/halo2wrong", tag = "v2023_04_20", package = "maingate" }
+revm = { version = "14.0.1", default-features = false }
+halo2_maingate = { git = "https://github.com/zkonduit/halo2wrong", branch = "ac/chunked-mv-lookup", package = "maingate" }
+
 
 [features]
 default = []
 evm = ["dep:revm"]
+mv-lookup = ["halo2_proofs/mv-lookup", "halo2_maingate/mv-lookup"]
 
 [[example]]
 name = "separately"
 required-features = ["evm"]
+
+[patch.'https://github.com/zkonduit/halo2']
+halo2_proofs = { git = "https://github.com/zkonduit/halo2?branch=ac/cache-lookup-commitments#8b13a0d2a7a34d8daab010dadb2c47dfa47d37d0", package = "halo2_proofs", branch = "ac/cache-lookup-commitments" }

README.md

@@ -8,7 +8,7 @@ For audited solidity verifier generator and proof aggregation toolkits, please r
 
 ## Usage
 
-### Generate verifier and verifying key separately as 2 solidity contracts
+### Generate fully reusable verifier and verifying artifact separately as 2 solidity contracts
 
 ```rust
 let generator = SolidityGenerator::new(&params, &vk, Bdfg21, num_instances);
@@ -42,7 +42,7 @@ Note that function selector is already included.
 
 The [`Keccak256Transcript`](./src/transcript.rs#L19) behaves exactly same as the `EvmTranscript` in `snark-verifier`.
 
-## Design Rationale
+## Design Rationale for Conjoined Verifier
 
 The current solidity verifier generator within `snark-verifier` faces a couple of issues:
 
@@ -51,6 +51,21 @@ The current solidity verifier generator within `snark-verifier` faces a couple o
 
 This repository is a ground-up rebuild, addressing these concerns while maintaining a focus on code size and readability. Remarkably, the gas cost is comparable, if not slightly lower, than the one generated by `snark-verifier`.
 
+## Design Rationale for Reusable Verifier
+
+The previous `render_separately` solidity verifier, although granted some degree of reusability, was still dependent on a given circuit's configuation despite being independent of the verifying key. We wanted to reengineer the separate verifier to be completely independent of the circuit configuration, allowing for a single verifier to be used across multiple circuits. 
+
+In the process we created two new types of contracts--`Halo2VerifierReusable` and `Halo2VerifierArtifact`-- that replaced the previous `Halo2Verifier` and `Halo2VerifierKey` contracts generated by the `render_seperately` compilation respectively. 
+
+The `Halo2VerifierArtifact` extends the original `Halo2VerifierKey` by encoding all of the circuit configuration data that was hardcoded in the original separate `Halo2Verifier` into memory. The `Halo2VerifierReusable` then loads this configuration data dynamicaly from the `Halo2VerifierArtifact` at runtime, decodes it and executes the verification computation in a functionally identical manner to the conjoined version.
+
+For large circuits, this reduces deployment costs by 77 percent enabling the deployment of circuits that were previously infeasible due to the contract size limit, requiring an aggregation to get below the limit.
+
 ## Acknowledgement
 
 The template is heavily inspired by Aztec's [`BaseUltraVerifier.sol`](https://github.com/AztecProtocol/barretenberg/blob/4c456a2b196282160fd69bead6a1cea85289af37/sol/src/ultra/BaseUltraVerifier.sol).
+
+
+## Lookup Modularity 
+
+Note that we have extended the verifier to include the ability to verify mvlookup / logup lookups. This is hidden behind the `mvlookup` feature flag.

examples/separately.rs

@@ -1,6 +1,7 @@
 use application::StandardPlonk;
 use prelude::*;
 
+use halo2_proofs::poly::commitment::Params;
 use halo2_solidity_verifier::{
     compile_solidity, encode_calldata, BatchOpenScheme::Bdfg21, Evm, Keccak256Transcript,
     SolidityGenerator,
@@ -16,14 +17,14 @@ fn main() {
     let vk = keygen_vk(&params[&K_RANGE.start], &StandardPlonk::default()).unwrap();
     let generator = SolidityGenerator::new(&params[&K_RANGE.start], &vk, Bdfg21, 0);
     let (verifier_solidity, _) = generator.render_separately().unwrap();
-    save_solidity("Halo2Verifier.sol", &verifier_solidity);
+    save_solidity("Halo2VerifierReusable.sol", &verifier_solidity);
 
     let verifier_creation_code = compile_solidity(&verifier_solidity);
     let verifier_creation_code_size = verifier_creation_code.len();
     println!("Verifier creation code size: {verifier_creation_code_size}");
 
     let mut evm = Evm::default();
-    let verifier_address = evm.create(verifier_creation_code);
+    let (verifier_address, _) = evm.create(verifier_creation_code);
 
     let deployed_verifier_solidity = verifier_solidity;
 
@@ -35,12 +36,12 @@ fn main() {
         let pk = keygen_pk(&params[&k], vk, &circuit).unwrap();
         let generator = SolidityGenerator::new(&params[&k], pk.get_vk(), Bdfg21, num_instances);
         let (verifier_solidity, vk_solidity) = generator.render_separately().unwrap();
-        save_solidity(format!("Halo2VerifyingKey-{k}.sol"), &vk_solidity);
+        save_solidity(format!("Halo2VerifyingArtifact-{k}.sol"), &vk_solidity);
 
         assert_eq!(deployed_verifier_solidity, verifier_solidity);
 
         let vk_creation_code = compile_solidity(&vk_solidity);
-        let vk_address = evm.create(vk_creation_code);
+        let (vk_address, _) = evm.create(vk_creation_code);
 
         let calldata = {
             let instances = circuit.instances();
@@ -75,7 +76,7 @@ fn create_proof_checked(
     pk: &ProvingKey<G1Affine>,
     circuit: impl Circuit<Fr>,
     instances: &[Fr],
-    mut rng: impl RngCore,
+    mut rng: impl RngCore + Send + Sync,
 ) -> Vec<u8> {
     use halo2_proofs::{
         poly::kzg::{
@@ -107,6 +108,7 @@ fn create_proof_checked(
             SingleStrategy::new(params),
             &[&[instances]],
             &mut transcript,
+            params.n(),
         )
     };
     assert!(result.is_ok());

rust-toolchain

@@ -0,0 +1,2 @@
+[toolchain]
+channel = "nightly-2024-07-18"