Featurize middleware types that are actually defined by the backend (#94)

At the middleware we were defining some types that actually are dependant on the
backend no matter how we define them in the middleware.

For example, we were hardcoding the `Hash` and `Value` types and their related
behaviour (eg. `.to_fields()`) to be based on the length of 4 field elements,
but that's not a choice of the middleware, and in fact this is determined by the
backend itself. On the same time, those types and related methods do not belong
to the backend, since conceptually they are part of the middleware reasoning.

The intention of this PR is not to prematurely abstract the library, but to
avoid inconsistencies where a type or parameter is defined in the middleware to
have certain carachteristic and later in the backend it gets used differently.
The idea is that those types and parameters (eg. lengths) have a single source
of truth in the code; and in the case of the "base types" (hash, value, etc)
this is determined by the backend being used under the hood, not by a choice of
the middleware parameters.

The idea with this approach, is that the frontend & middleware should not need
to import the proving library used by the backend (eg. plonky2, plonky3, etc).

As mentioned earlier, the `Hash` and `Value` types are types belonging at the
middleware, and is the middleware who reasons about them, but depending on the
backend being used, the `Hash` and `Value` types will have different sizes. So
it's the backend being used who actually defines their nature under the hood.
For example with a plonky2 backend, these types will have a length of 4 field
elements, whereas with a plonky3 backend they will have a length of 8 field
eleements.

Note that his approach does not introduce new traits or abstract code, just
makes use of rust features to define 'base types' that are being used in the
middleware.

Author: arnaucube

Cargo.toml

@@ -8,10 +8,15 @@ name = "pod2"
 path = "src/lib.rs"
 
 [dependencies]
-plonky2 = { git = "https://github.com/0xPolygonZero/plonky2" }
 hex = "0.4.3"
 itertools = "0.14.0"
 strum = "0.26"
 strum_macros = "0.26"
 anyhow = "1.0.56"
 dyn-clone = "1.0.18"
+# enabled by features:
+plonky2 = { git = "https://github.com/0xPolygonZero/plonky2", optional = true }
+
+[features]
+default = ["backend_plonky2"]
+backend_plonky2 = ["plonky2"]

README.md

@@ -2,6 +2,8 @@
 
 ## Usage
 - Run tests: `cargo test --release`
+- Rustfmt: `cargo fmt`
+- Check [typos](https://github.com/crate-ci/typos): `typos -c .github/workflows/typos.toml`
 
 ## Book
 The `book` contains the specification of POD2. A rendered version of the site can be found at: https://0xparc.github.io/pod2/

src/backends/mod.rs

@@ -1,3 +1,2 @@
-pub mod mock_main;
-pub mod mock_signed;
+#[cfg(feature = "backend_plonky2")]
 pub mod plonky2;

src/backends/plonky2.rs

@@ -0,0 +1,203 @@
+//! This file exposes the middleware::basetypes to be used in the middleware when the
+//! `backend_plonky2` feature is enabled.
+//! See src/middleware/basetypes.rs for more details.
+
+use anyhow::{anyhow, Error, Result};
+use hex::{FromHex, FromHexError};
+use plonky2::field::goldilocks_field::GoldilocksField;
+use plonky2::field::types::{Field, PrimeField64};
+use plonky2::hash::poseidon::PoseidonHash;
+use plonky2::plonk::config::Hasher;
+use plonky2::plonk::config::PoseidonGoldilocksConfig;
+use std::cmp::{Ord, Ordering};
+use std::fmt;
+
+use crate::middleware::{Params, ToFields};
+
+/// F is the native field we use everywhere.  Currently it's Goldilocks from plonky2
+pub type F = GoldilocksField;
+/// C is the Plonky2 config used in POD2 to work with Plonky2 recursion.
+pub type C = PoseidonGoldilocksConfig;
+/// D defines the extension degree of the field used in the Plonky2 proofs (quadratic extension).
+pub const D: usize = 2;
+
+pub const HASH_SIZE: usize = 4;
+pub const VALUE_SIZE: usize = 4;
+
+pub const EMPTY: Value = Value([F::ZERO, F::ZERO, F::ZERO, F::ZERO]);
+pub const SELF_ID_HASH: Hash = Hash([F::ONE, F::ZERO, F::ZERO, F::ZERO]);
+pub const NULL: Hash = Hash([F::ZERO, F::ZERO, F::ZERO, F::ZERO]);
+
+#[derive(Clone, Copy, Debug, Default, Hash, PartialEq, Eq)]
+pub struct Value(pub [F; VALUE_SIZE]);
+
+impl ToFields for Value {
+    fn to_fields(&self, _params: &Params) -> (Vec<F>, usize) {
+        (self.0.to_vec(), VALUE_SIZE)
+    }
+}
+
+impl Value {
+    pub fn to_bytes(self) -> Vec<u8> {
+        self.0
+            .iter()
+            .flat_map(|e| e.to_canonical_u64().to_le_bytes())
+            .collect()
+    }
+}
+
+impl Ord for Value {
+    fn cmp(&self, other: &Self) -> Ordering {
+        for (lhs, rhs) in self.0.iter().zip(other.0.iter()).rev() {
+            let (lhs, rhs) = (lhs.to_canonical_u64(), rhs.to_canonical_u64());
+            if lhs < rhs {
+                return Ordering::Less;
+            } else if lhs > rhs {
+                return Ordering::Greater;
+            }
+        }
+        return Ordering::Equal;
+    }
+}
+
+impl PartialOrd for Value {
+    fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
+        Some(self.cmp(other))
+    }
+}
+
+impl From<i64> for Value {
+    fn from(v: i64) -> Self {
+        let lo = F::from_canonical_u64((v as u64) & 0xffffffff);
+        let hi = F::from_canonical_u64((v as u64) >> 32);
+        Value([lo, hi, F::ZERO, F::ZERO])
+    }
+}
+
+impl From<Hash> for Value {
+    fn from(h: Hash) -> Self {
+        Value(h.0)
+    }
+}
+
+impl TryInto<i64> for Value {
+    type Error = Error;
+    fn try_into(self) -> std::result::Result<i64, Self::Error> {
+        let value = self.0;
+        if &value[2..] != &[F::ZERO, F::ZERO]
+            || value[..2]
+                .iter()
+                .all(|x| x.to_canonical_u64() > u32::MAX as u64)
+        {
+            Err(anyhow!("Value not an element of the i64 embedding."))
+        } else {
+            Ok((value[0].to_canonical_u64() + value[1].to_canonical_u64() << 32) as i64)
+        }
+    }
+}
+
+impl fmt::Display for Value {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        if self.0[2].is_zero() && self.0[3].is_zero() {
+            // Assume this is an integer
+            let (l0, l1) = (self.0[0].to_canonical_u64(), self.0[1].to_canonical_u64());
+            assert!(l0 < (1 << 32));
+            assert!(l1 < (1 << 32));
+            write!(f, "{}", l0 + l1 * (1 << 32))
+        } else {
+            // Assume this is a hash
+            Hash(self.0).fmt(f)
+        }
+    }
+}
+
+#[derive(Clone, Copy, Debug, Default, Hash, Eq, PartialEq)]
+pub struct Hash(pub [F; HASH_SIZE]);
+
+pub fn hash_value(input: &Value) -> Hash {
+    Hash(PoseidonHash::hash_no_pad(&input.0).elements)
+}
+pub fn hash_fields(input: &[F]) -> Hash {
+    Hash(PoseidonHash::hash_no_pad(&input).elements)
+}
+
+impl From<Value> for Hash {
+    fn from(v: Value) -> Self {
+        Hash(v.0)
+    }
+}
+impl Hash {
+    pub fn value(self) -> Value {
+        Value(self.0)
+    }
+}
+
+impl ToFields for Hash {
+    fn to_fields(&self, _params: &Params) -> (Vec<F>, usize) {
+        (self.0.to_vec(), VALUE_SIZE)
+    }
+}
+
+impl Ord for Hash {
+    fn cmp(&self, other: &Self) -> Ordering {
+        Value(self.0).cmp(&Value(other.0))
+    }
+}
+
+impl PartialOrd for Hash {
+    fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
+        Some(self.cmp(other))
+    }
+}
+
+impl fmt::Display for Hash {
+    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+        let v0 = self.0[0].to_canonical_u64();
+        for i in 0..4 {
+            write!(f, "{:02x}", (v0 >> (i * 8)) & 0xff)?;
+        }
+        write!(f, "…")
+    }
+}
+
+impl FromHex for Hash {
+    type Error = FromHexError;
+
+    // TODO make it dependant on backend::Value len
+    fn from_hex<T: AsRef<[u8]>>(hex: T) -> Result<Self, Self::Error> {
+        // In little endian
+        let bytes = <[u8; 32]>::from_hex(hex)?;
+        let mut buf: [u8; 8] = [0; 8];
+        let mut inner = [F::ZERO; 4];
+        for i in 0..4 {
+            buf.copy_from_slice(&bytes[8 * i..8 * (i + 1)]);
+            inner[i] = F::from_canonical_u64(u64::from_le_bytes(buf));
+        }
+        Ok(Self(inner))
+    }
+}
+
+impl From<&str> for Hash {
+    fn from(s: &str) -> Self {
+        hash_str(s)
+    }
+}
+
+pub fn hash_str(s: &str) -> Hash {
+    let mut input = s.as_bytes().to_vec();
+    input.push(1); // padding
+
+    // Merge 7 bytes into 1 field, because the field is slightly below 64 bits
+    let input: Vec<F> = input
+        .chunks(7)
+        .map(|bytes| {
+            let mut v: u64 = 0;
+            for b in bytes.iter().rev() {
+                v <<= 8;
+                v += *b as u64;
+            }
+            F::from_canonical_u64(v)
+        })
+        .collect();
+    Hash(PoseidonHash::hash_no_pad(&input).elements)
+}

src/backends/plonky2/basetypes.rs

@@ -327,7 +327,7 @@ impl MockMainPod {
             statements[statements.len() - params.max_public_statements..].to_vec();
 
         // get the id out of the public statements
-        let id: PodId = PodId(hash_statements(&public_statements, *params));
+        let id: PodId = PodId(hash_statements(&public_statements, params));
 
         Ok(Self {
             params: params.clone(),
@@ -362,10 +362,10 @@ impl MockMainPod {
     }
 }
 
-pub fn hash_statements(statements: &[Statement], params: Params) -> middleware::Hash {
+pub fn hash_statements(statements: &[Statement], _params: &Params) -> middleware::Hash {
     let field_elems = statements
         .into_iter()
-        .flat_map(|statement| statement.clone().to_fields(params).0)
+        .flat_map(|statement| statement.clone().to_fields(_params).0)
         .collect::<Vec<_>>();
     Hash(PoseidonHash::hash_no_pad(&field_elems).elements)
 }
@@ -376,7 +376,7 @@ impl Pod for MockMainPod {
         // get the input_statements from the self.statements
         let input_statements = &self.statements[input_statement_offset..];
         // get the id out of the public statements, and ensure it is equal to self.id
-        let ids_match = self.id == PodId(hash_statements(&self.public_statements, self.params));
+        let ids_match = self.id == PodId(hash_statements(&self.public_statements, &self.params));
         // find a ValueOf statement from the public statements with key=KEY_TYPE and check that the
         // value is PodType::MockMainPod
         let has_type_statement = self
@@ -474,7 +474,7 @@ impl Pod for MockMainPod {
 #[cfg(test)]
 pub mod tests {
     use super::*;
-    use crate::backends::mock_signed::MockSigner;
+    use crate::backends::plonky2::mock_signed::MockSigner;
     use crate::examples::{
         great_boy_pod_full_flow, tickets_pod_full_flow, zu_kyc_pod_builder,
         zu_kyc_sign_pod_builders,

src/backends/mock_main/mod.rs src/backends/plonky2/mock_main/mod.rssrc/backends/mock_main/mod.rs renamed to src/backends/plonky2/mock_main/mod.rs

@@ -21,13 +21,13 @@ impl Statement {
 }
 
 impl ToFields for Statement {
-    fn to_fields(&self, params: Params) -> (Vec<middleware::F>, usize) {
-        let (native_statement_f, native_statement_f_len) = self.0.to_fields(params);
+    fn to_fields(&self, _params: &Params) -> (Vec<middleware::F>, usize) {
+        let (native_statement_f, native_statement_f_len) = self.0.to_fields(_params);
         let (vec_statementarg_f, vec_statementarg_f_len) = self
             .1
             .clone()
             .into_iter()
-            .map(|statement_arg| statement_arg.to_fields(params))
+            .map(|statement_arg| statement_arg.to_fields(_params))
             .fold((Vec::new(), 0), |mut acc, (f, l)| {
                 acc.0.extend(f);
                 acc.1 += l;

src/backends/mock_main/operation.rs …/backends/plonky2/mock_main/operation.rssrc/backends/mock_main/operation.rs renamed to src/backends/plonky2/mock_main/operation.rs src/backends/mock_main/operation.rs renamed to src/backends/plonky2/mock_main/operation.rs

@@ -0,0 +1,3 @@
+pub mod basetypes;
+pub mod mock_main;
+pub mod mock_signed;