From 2961ee00a8a3714b1b6883f0f28c243fb1556def Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Thu, 24 Oct 2024 18:22:37 +0000 Subject: [PATCH 1/2] chore: use Brillig opcode when possible for less-than operations on fields --- .../src/brillig/brillig_gen/brillig_block.rs | 24 ++++++ .../noirc_evaluator/src/ssa/acir_gen/mod.rs | 3 + .../check_for_underconstrained_values.rs | 3 +- .../noirc_evaluator/src/ssa/ir/instruction.rs | 7 +- .../src/ssa/ir/instruction/call.rs | 10 +++ .../src/ssa/opt/remove_enable_side_effects.rs | 3 +- .../src/ssa/opt/remove_if_else.rs | 3 +- .../src/hir/comptime/interpreter/builtin.rs | 10 +++ noir/noir-repo/noir_stdlib/src/field/bn254.nr | 73 +++++-------------- noir/noir-repo/noir_stdlib/src/field/mod.nr | 50 +++++++++---- 10 files changed, 115 insertions(+), 71 deletions(-) diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs b/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs index deaae6a05cc..f3b2f4a9152 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs @@ -604,7 +604,31 @@ impl<'block> BrilligBlock<'block> { // `Intrinsic::AsWitness` is used to provide hints to acir-gen on optimal expression splitting. // It is then useless in the brillig runtime and so we can ignore it Value::Intrinsic(Intrinsic::AsWitness) => (), + Value::Intrinsic(Intrinsic::FieldLessThan) => { + let lhs = self.convert_ssa_single_addr_value(arguments[0], dfg); + assert!(lhs.bit_size == FieldElement::max_num_bits()); + let rhs = self.convert_ssa_single_addr_value(arguments[1], dfg); + assert!(rhs.bit_size == FieldElement::max_num_bits()); + let results = dfg.instruction_results(instruction_id); + let destination = self + .variables + .define_variable( + self.function_context, + self.brillig_context, + results[0], + dfg, + ) + .extract_single_addr(); + assert!(destination.bit_size == 1); + + self.brillig_context.binary_instruction( + lhs, + rhs, + destination, + BrilligBinaryOp::LessThan, + ); + } _ => { unreachable!("unsupported function call type {:?}", dfg[*func]) } diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs index a5c51392114..50a895df237 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/acir_gen/mod.rs @@ -2789,6 +2789,9 @@ impl<'a> Context<'a> { Intrinsic::DerivePedersenGenerators => { unreachable!("DerivePedersenGenerators can only be called with constants") } + Intrinsic::FieldLessThan => { + unreachable!("FieldLessThan can only be called in unconstrained") + } } } diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/checks/check_for_underconstrained_values.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/checks/check_for_underconstrained_values.rs index 7bee18d24a0..90eb79ccb69 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/checks/check_for_underconstrained_values.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/checks/check_for_underconstrained_values.rs @@ -218,7 +218,8 @@ impl Context { | Intrinsic::StaticAssert | Intrinsic::StrAsBytes | Intrinsic::ToBits(..) - | Intrinsic::ToRadix(..) => { + | Intrinsic::ToRadix(..) + | Intrinsic::FieldLessThan => { self.value_sets.push(instruction_arguments_and_results); } }, diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs index d8dba499a43..f187a279b9b 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs @@ -72,6 +72,7 @@ pub(crate) enum Intrinsic { AsWitness, IsUnconstrained, DerivePedersenGenerators, + FieldLessThan, } impl std::fmt::Display for Intrinsic { @@ -100,6 +101,7 @@ impl std::fmt::Display for Intrinsic { Intrinsic::AsWitness => write!(f, "as_witness"), Intrinsic::IsUnconstrained => write!(f, "is_unconstrained"), Intrinsic::DerivePedersenGenerators => write!(f, "derive_pedersen_generators"), + Intrinsic::FieldLessThan => write!(f, "field_less_than"), } } } @@ -131,7 +133,8 @@ impl Intrinsic { | Intrinsic::FromField | Intrinsic::AsField | Intrinsic::IsUnconstrained - | Intrinsic::DerivePedersenGenerators => false, + | Intrinsic::DerivePedersenGenerators + | Intrinsic::FieldLessThan => false, // Some black box functions have side-effects Intrinsic::BlackBox(func) => matches!( @@ -169,6 +172,8 @@ impl Intrinsic { "as_witness" => Some(Intrinsic::AsWitness), "is_unconstrained" => Some(Intrinsic::IsUnconstrained), "derive_pedersen_generators" => Some(Intrinsic::DerivePedersenGenerators), + "field_less_than" => Some(Intrinsic::FieldLessThan), + other => BlackBoxFunc::lookup(other).map(Intrinsic::BlackBox), } } diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs index 0bf7fe6a146..9dbd2c56993 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/call.rs @@ -355,6 +355,16 @@ pub(super) fn simplify_call( unreachable!("Derive Pedersen Generators must return an array"); } } + Intrinsic::FieldLessThan => { + if let Some(constants) = constant_args { + let lhs = constants[0]; + let rhs = constants[1]; + let result = dfg.make_constant((lhs < rhs).into(), Type::bool()); + SimplifyResult::SimplifiedTo(result) + } else { + SimplifyResult::None + } + } } } diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_enable_side_effects.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_enable_side_effects.rs index 222ae0aaf29..012f6e6b27d 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_enable_side_effects.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_enable_side_effects.rs @@ -178,7 +178,8 @@ impl Context { | Intrinsic::AsSlice | Intrinsic::AsWitness | Intrinsic::IsUnconstrained - | Intrinsic::DerivePedersenGenerators => false, + | Intrinsic::DerivePedersenGenerators + | Intrinsic::FieldLessThan => false, }, // We must assume that functions contain a side effect as we cannot inspect more deeply. diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_if_else.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_if_else.rs index bfcfada2d94..c387e0b6234 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_if_else.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/opt/remove_if_else.rs @@ -237,6 +237,7 @@ fn slice_capacity_change( | Intrinsic::IsUnconstrained | Intrinsic::DerivePedersenGenerators | Intrinsic::ToBits(_) - | Intrinsic::ToRadix(_) => SizeChange::None, + | Intrinsic::ToRadix(_) + | Intrinsic::FieldLessThan => SizeChange::None, } } diff --git a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin.rs b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin.rs index 273f34a8a5e..d8842215a29 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin.rs @@ -109,6 +109,7 @@ impl<'local, 'context> Interpreter<'local, 'context> { "expr_is_continue" => expr_is_continue(interner, arguments, location), "expr_resolve" => expr_resolve(self, arguments, location), "is_unconstrained" => Ok(Value::Bool(true)), + "field_less_than" => field_less_than(arguments, location), "fmtstr_as_ctstring" => fmtstr_as_ctstring(interner, arguments, location), "fmtstr_quoted_contents" => fmtstr_quoted_contents(interner, arguments, location), "fresh_type_variable" => fresh_type_variable(interner), @@ -2849,3 +2850,12 @@ fn derive_generators( Ok(Value::Array(results, return_type)) } + +fn field_less_than(arguments: Vec<(Value, Location)>, location: Location) -> IResult { + let (lhs, rhs) = check_two_arguments(arguments, location)?; + + let lhs = get_field(lhs)?; + let rhs = get_field(rhs)?; + + Ok(Value::Bool(lhs < rhs)) +} diff --git a/noir/noir-repo/noir_stdlib/src/field/bn254.nr b/noir/noir-repo/noir_stdlib/src/field/bn254.nr index 9642c2aa1b8..a7ca7d77373 100644 --- a/noir/noir-repo/noir_stdlib/src/field/bn254.nr +++ b/noir/noir-repo/noir_stdlib/src/field/bn254.nr @@ -1,3 +1,4 @@ +use crate::field::field_less_than; use crate::runtime::is_unconstrained; // The low and high decomposition of the field modulus @@ -25,47 +26,20 @@ pub(crate) unconstrained fn decompose_hint(x: Field) -> (Field, Field) { compute_decomposition(x) } -fn compute_lt(x: Field, y: Field, num_bytes: u32) -> bool { - let x_bytes: [u8; 32] = x.to_le_bytes(); - let y_bytes: [u8; 32] = y.to_le_bytes(); - let mut x_is_lt = false; - let mut done = false; - for i in 0..num_bytes { - if (!done) { - let x_byte = x_bytes[num_bytes - 1 - i]; - let y_byte = y_bytes[num_bytes - 1 - i]; - let bytes_match = x_byte == y_byte; - if !bytes_match { - x_is_lt = x_byte < y_byte; - done = true; - } - } - } - x_is_lt -} - -fn compute_lte(x: Field, y: Field, num_bytes: u32) -> bool { +unconstrained fn lte_hint(x: Field, y: Field) -> bool { if x == y { true } else { - compute_lt(x, y, num_bytes) + field_less_than(x, y) } } -unconstrained fn lt_32_hint(x: Field, y: Field) -> bool { - compute_lt(x, y, 32) -} - -unconstrained fn lte_16_hint(x: Field, y: Field) -> bool { - compute_lte(x, y, 16) -} - // Assert that (alo > blo && ahi >= bhi) || (alo <= blo && ahi > bhi) fn assert_gt_limbs(a: (Field, Field), b: (Field, Field)) { let (alo, ahi) = a; let (blo, bhi) = b; unsafe { - let borrow = lte_16_hint(alo, blo); + let borrow = lte_hint(alo, blo); let rlo = alo - blo - 1 + (borrow as Field) * TWO_POW_128; let rhi = ahi - bhi - (borrow as Field); @@ -100,7 +74,7 @@ pub fn decompose(x: Field) -> (Field, Field) { pub fn assert_gt(a: Field, b: Field) { if is_unconstrained() { - assert(compute_lt(b, a, 32)); + assert(unsafe { field_less_than(b, a) }); } else { // Decompose a and b let a_limbs = decompose(a); @@ -117,13 +91,15 @@ pub fn assert_lt(a: Field, b: Field) { pub fn gt(a: Field, b: Field) -> bool { if is_unconstrained() { - compute_lt(b, a, 32) + unsafe { + field_less_than(b, a) + } } else if a == b { false } else { // Take a hint of the comparison and verify it unsafe { - if lt_32_hint(a, b) { + if field_less_than(a, b) { assert_gt(b, a); false } else { @@ -140,9 +116,7 @@ pub fn lt(a: Field, b: Field) -> bool { mod tests { // TODO: Allow imports from "super" - use crate::field::bn254::{ - assert_gt, compute_lt, compute_lte, decompose, gt, PHI, PLO, TWO_POW_128, - }; + use crate::field::bn254::{assert_gt, decompose, gt, lte_hint, PHI, PLO, TWO_POW_128}; #[test] fn check_decompose() { @@ -159,24 +133,15 @@ mod tests { } #[test] - fn check_compute_lt() { - assert(compute_lt(0, 1, 16)); - assert(compute_lt(0, 0x100, 16)); - assert(compute_lt(0x100, TWO_POW_128 - 1, 16)); - assert(!compute_lt(0, TWO_POW_128, 16)); - } - - #[test] - fn check_compute_lte() { - assert(compute_lte(0, 1, 16)); - assert(compute_lte(0, 0x100, 16)); - assert(compute_lte(0x100, TWO_POW_128 - 1, 16)); - assert(!compute_lte(0, TWO_POW_128, 16)); - - assert(compute_lte(0, 0, 16)); - assert(compute_lte(0x100, 0x100, 16)); - assert(compute_lte(TWO_POW_128 - 1, TWO_POW_128 - 1, 16)); - assert(compute_lte(TWO_POW_128, TWO_POW_128, 16)); + unconstrained fn check_lte_hint() { + assert(lte_hint(0, 1)); + assert(lte_hint(0, 0x100)); + assert(lte_hint(0x100, TWO_POW_128 - 1)); + assert(!lte_hint(0 - 1, 0)); + + assert(lte_hint(0, 0)); + assert(lte_hint(0x100, 0x100)); + assert(lte_hint(0 - 1, 0 - 1)); } #[test] diff --git a/noir/noir-repo/noir_stdlib/src/field/mod.nr b/noir/noir-repo/noir_stdlib/src/field/mod.nr index b632cf1f7a2..4b89cae4f30 100644 --- a/noir/noir-repo/noir_stdlib/src/field/mod.nr +++ b/noir/noir-repo/noir_stdlib/src/field/mod.nr @@ -211,6 +211,14 @@ pub comptime fn modulus_be_bytes() -> [u8] {} #[builtin(modulus_le_bytes)] pub comptime fn modulus_le_bytes() -> [u8] {} +/// An unconstrained only built in to efficiently compare fields. +#[builtin(field_less_than)] +unconstrained fn __field_less_than(x: Field, y: Field) -> bool {} + +pub(crate) unconstrained fn field_less_than(x: Field, y: Field) -> bool { + __field_less_than(x, y) +} + // Convert a 32 byte array to a field element by modding pub fn bytes32_to_field(bytes32: [u8; 32]) -> Field { // Convert it to a field element @@ -228,25 +236,33 @@ pub fn bytes32_to_field(bytes32: [u8; 32]) -> Field { } fn lt_fallback(x: Field, y: Field) -> bool { - let x_bytes: [u8; 32] = x.to_le_bytes(); - let y_bytes: [u8; 32] = y.to_le_bytes(); - let mut x_is_lt = false; - let mut done = false; - for i in 0..32 { - if (!done) { - let x_byte = x_bytes[32 - 1 - i] as u8; - let y_byte = y_bytes[32 - 1 - i] as u8; - let bytes_match = x_byte == y_byte; - if !bytes_match { - x_is_lt = x_byte < y_byte; - done = true; + if is_unconstrained() { + unsafe { + field_less_than(x, y) + } + } else { + let x_bytes: [u8; 32] = x.to_le_bytes(); + let y_bytes: [u8; 32] = y.to_le_bytes(); + let mut x_is_lt = false; + let mut done = false; + for i in 0..32 { + if (!done) { + let x_byte = x_bytes[32 - 1 - i] as u8; + let y_byte = y_bytes[32 - 1 - i] as u8; + let bytes_match = x_byte == y_byte; + if !bytes_match { + x_is_lt = x_byte < y_byte; + done = true; + } } } + x_is_lt } - x_is_lt } mod tests { + use super::field_less_than; + #[test] // docs:start:to_be_bits_example fn test_to_be_bits() { @@ -304,4 +320,12 @@ mod tests { assert_eq(Field::from_le_bytes::<8>(bits), field); } // docs:end:to_le_radix_example + + #[test] + unconstrained fn test_field_less_than() { + assert(field_less_than(0, 1)); + assert(field_less_than(0, 0x100)); + assert(field_less_than(0x100, 0 - 1)); + assert(!field_less_than(0 - 1, 0)); + } } From 8401d97f4694c4ec7e31f7b6ff52db10b758fc81 Mon Sep 17 00:00:00 2001 From: dbanks12 Date: Tue, 22 Oct 2024 20:23:23 +0000 Subject: [PATCH 2/2] chore!: ToRadixLE -> ToRadixBE in Brillig and AVM --- avm-transpiler/src/opcodes.rs | 4 +-- avm-transpiler/src/transpile.rs | 2 +- .../cpp/pil/avm/gadgets/conversion.pil | 7 ++-- barretenberg/cpp/pil/avm/main.pil | 10 +++--- .../vm/avm/generated/circuit_builder.cpp | 4 +-- .../barretenberg/vm/avm/generated/flavor.cpp | 12 +++---- .../barretenberg/vm/avm/generated/flavor.hpp | 2 +- .../vm/avm/generated/full_row.cpp | 8 ++--- .../vm/avm/generated/full_row.hpp | 4 +-- .../vm/avm/generated/relations/conversion.hpp | 2 +- .../vm/avm/generated/relations/main.hpp | 4 +-- .../generated/relations/perm_main_conv.hpp | 14 ++++---- .../vm/avm/tests/execution.test.cpp | 32 +++++++++-------- .../vm/avm/trace/deserialization.cpp | 2 +- .../barretenberg/vm/avm/trace/execution.cpp | 4 +-- .../barretenberg/vm/avm/trace/fixed_gas.cpp | 2 +- .../barretenberg/vm/avm/trace/fixed_gas.hpp | 2 +- .../vm/avm/trace/gadgets/conversion_trace.cpp | 19 ++++++----- .../vm/avm/trace/gadgets/conversion_trace.hpp | 4 +-- .../src/barretenberg/vm/avm/trace/opcode.cpp | 4 +-- .../src/barretenberg/vm/avm/trace/opcode.hpp | 2 +- .../src/barretenberg/vm/avm/trace/trace.cpp | 18 +++++----- .../src/barretenberg/vm/avm/trace/trace.hpp | 2 +- .../src/barretenberg/vm/aztec_constants.hpp | 4 +-- .../crates/types/src/constants.nr | 4 +-- .../acvm-repo/brillig_vm/src/black_box.rs | 10 +++--- .../src/brillig/brillig_gen/brillig_block.rs | 4 +-- .../brillig/brillig_ir/codegen_intrinsic.rs | 5 +-- yarn-project/circuits.js/src/constants.gen.ts | 4 +-- yarn-project/simulator/src/avm/avm_gas.ts | 4 +-- .../src/avm/opcodes/conversion.test.ts | 34 +++++++++++-------- .../simulator/src/avm/opcodes/conversion.ts | 15 ++++---- .../serialization/bytecode_serialization.ts | 4 +-- .../instruction_serialization.ts | 2 +- 34 files changed, 135 insertions(+), 119 deletions(-) diff --git a/avm-transpiler/src/opcodes.rs b/avm-transpiler/src/opcodes.rs index e10f8639df4..9e60aee398f 100644 --- a/avm-transpiler/src/opcodes.rs +++ b/avm-transpiler/src/opcodes.rs @@ -77,7 +77,7 @@ pub enum AvmOpcode { ECADD, MSM, // Conversions - TORADIXLE, + TORADIXBE, } impl AvmOpcode { @@ -171,7 +171,7 @@ impl AvmOpcode { AvmOpcode::ECADD => "ECADD", AvmOpcode::MSM => "MSM", // Conversions - AvmOpcode::TORADIXLE => "TORADIXLE", + AvmOpcode::TORADIXBE => "TORADIXBE", } } } diff --git a/avm-transpiler/src/transpile.rs b/avm-transpiler/src/transpile.rs index 0cfa1889a4a..8cb33bbd68e 100644 --- a/avm-transpiler/src/transpile.rs +++ b/avm-transpiler/src/transpile.rs @@ -1042,7 +1042,7 @@ fn handle_black_box_function(avm_instrs: &mut Vec, operation: &B let radix_offset = radix.to_usize() as u32; avm_instrs.push(AvmInstruction { - opcode: AvmOpcode::TORADIXLE, + opcode: AvmOpcode::TORADIXBE, indirect: Some( AddressingModeBuilder::default() .direct_operand(input) diff --git a/barretenberg/cpp/pil/avm/gadgets/conversion.pil b/barretenberg/cpp/pil/avm/gadgets/conversion.pil index 5ab45ee45b1..2209261fa9d 100644 --- a/barretenberg/cpp/pil/avm/gadgets/conversion.pil +++ b/barretenberg/cpp/pil/avm/gadgets/conversion.pil @@ -3,11 +3,12 @@ namespace conversion(256); pol commit clk; // Selector for Radix Operation - pol commit sel_to_radix_le; - sel_to_radix_le * (1 - sel_to_radix_le) = 0; + pol commit sel_to_radix_be; + sel_to_radix_be * (1 - sel_to_radix_be) = 0; - // ===== DRAFT: Planned Constraints for To Radix LE + // ===== DRAFT: Planned Constraints for To Radix BE // Similar to the binary trace; multi-row decomposition of the input using the number of limbs specified as the row count. + // TODO: modify this draft plan to work for big-endian To Radix // (1) limb_ctr' - limb_ctr + 1 = 0; // Next row decrements the limb_ctr // (2) Check equality to 0 of limb_ctr to terminate the operations. // (3) An accumulation column to track the partial re-composition of the limbs diff --git a/barretenberg/cpp/pil/avm/main.pil b/barretenberg/cpp/pil/avm/main.pil index 753cd19c4f5..6e0fe0069c0 100644 --- a/barretenberg/cpp/pil/avm/main.pil +++ b/barretenberg/cpp/pil/avm/main.pil @@ -85,7 +85,7 @@ namespace main(256); pol commit opcode_val; //===== Gadget Selectors ====================================================== - pol commit sel_op_radix_le; + pol commit sel_op_radix_be; pol commit sel_op_sha256; pol commit sel_op_poseidon2; pol commit sel_op_keccak; @@ -243,7 +243,7 @@ namespace main(256); sel_op_sload * (1 - sel_op_sload) = 0; sel_op_sstore * (1 - sel_op_sstore) = 0; - sel_op_radix_le * (1 - sel_op_radix_le) = 0; + sel_op_radix_be * (1 - sel_op_radix_be) = 0; sel_op_sha256 * (1 - sel_op_sha256) = 0; sel_op_poseidon2 * (1 - sel_op_poseidon2) = 0; sel_op_keccak * (1 - sel_op_keccak) = 0; @@ -416,7 +416,7 @@ namespace main(256); pol SEL_ALL_ALU = SEL_ALU_R_TAG + SEL_ALU_W_TAG; pol SEL_ALL_LEFTGAS = sel_op_dagasleft + sel_op_l2gasleft; pol SEL_ALL_BINARY = sel_op_and + sel_op_or + sel_op_xor; - pol SEL_ALL_GADGET = sel_op_radix_le + sel_op_sha256 + sel_op_poseidon2 + sel_op_keccak + pol SEL_ALL_GADGET = sel_op_radix_be + sel_op_sha256 + sel_op_poseidon2 + sel_op_keccak + sel_op_ecadd + sel_op_msm; pol SEL_ALL_MEMORY = sel_op_mov + sel_op_set; pol OPCODE_SELECTORS = sel_op_fdiv + sel_op_calldata_copy + sel_op_get_contract_instance @@ -537,9 +537,9 @@ namespace main(256); binary.start {binary.clk, binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id, binary.in_tag}; #[PERM_MAIN_CONV] - sel_op_radix_le {clk, ia, ib, ic, id} + sel_op_radix_be {clk, ia, ib, ic, id} is - conversion.sel_to_radix_le {conversion.clk, conversion.input, conversion.radix, conversion.num_limbs, conversion.output_bits}; + conversion.sel_to_radix_be {conversion.clk, conversion.input, conversion.radix, conversion.num_limbs, conversion.output_bits}; #[PERM_MAIN_SHA256] sel_op_sha256 {clk, ia, ib, ic} diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/circuit_builder.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/circuit_builder.cpp index 928732dc976..0eef105104e 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/circuit_builder.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/circuit_builder.cpp @@ -170,7 +170,7 @@ AvmCircuitBuilder::ProverPolynomials AvmCircuitBuilder::compute_polynomials() co polys.conversion_num_limbs.set_if_valid_index(i, rows[i].conversion_num_limbs); polys.conversion_output_bits.set_if_valid_index(i, rows[i].conversion_output_bits); polys.conversion_radix.set_if_valid_index(i, rows[i].conversion_radix); - polys.conversion_sel_to_radix_le.set_if_valid_index(i, rows[i].conversion_sel_to_radix_le); + polys.conversion_sel_to_radix_be.set_if_valid_index(i, rows[i].conversion_sel_to_radix_be); polys.keccakf1600_clk.set_if_valid_index(i, rows[i].keccakf1600_clk); polys.keccakf1600_input.set_if_valid_index(i, rows[i].keccakf1600_input); polys.keccakf1600_output.set_if_valid_index(i, rows[i].keccakf1600_output); @@ -285,7 +285,7 @@ AvmCircuitBuilder::ProverPolynomials AvmCircuitBuilder::compute_polynomials() co polys.main_sel_op_nullifier_exists.set_if_valid_index(i, rows[i].main_sel_op_nullifier_exists); polys.main_sel_op_or.set_if_valid_index(i, rows[i].main_sel_op_or); polys.main_sel_op_poseidon2.set_if_valid_index(i, rows[i].main_sel_op_poseidon2); - polys.main_sel_op_radix_le.set_if_valid_index(i, rows[i].main_sel_op_radix_le); + polys.main_sel_op_radix_be.set_if_valid_index(i, rows[i].main_sel_op_radix_be); polys.main_sel_op_sender.set_if_valid_index(i, rows[i].main_sel_op_sender); polys.main_sel_op_set.set_if_valid_index(i, rows[i].main_sel_op_set); polys.main_sel_op_sha256.set_if_valid_index(i, rows[i].main_sel_op_sha256); diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp index 4541fca3ea8..06a61093640 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.cpp @@ -127,7 +127,7 @@ AvmFlavor::AllConstRefValues::AllConstRefValues( , conversion_num_limbs(il[119]) , conversion_output_bits(il[120]) , conversion_radix(il[121]) - , conversion_sel_to_radix_le(il[122]) + , conversion_sel_to_radix_be(il[122]) , keccakf1600_clk(il[123]) , keccakf1600_input(il[124]) , keccakf1600_output(il[125]) @@ -235,7 +235,7 @@ AvmFlavor::AllConstRefValues::AllConstRefValues( , main_sel_op_nullifier_exists(il[227]) , main_sel_op_or(il[228]) , main_sel_op_poseidon2(il[229]) - , main_sel_op_radix_le(il[230]) + , main_sel_op_radix_be(il[230]) , main_sel_op_sender(il[231]) , main_sel_op_set(il[232]) , main_sel_op_sha256(il[233]) @@ -931,7 +931,7 @@ AvmFlavor::AllConstRefValues AvmFlavor::ProverPolynomials::get_row(size_t row_id conversion_num_limbs[row_idx], conversion_output_bits[row_idx], conversion_radix[row_idx], - conversion_sel_to_radix_le[row_idx], + conversion_sel_to_radix_be[row_idx], keccakf1600_clk[row_idx], keccakf1600_input[row_idx], keccakf1600_output[row_idx], @@ -1039,7 +1039,7 @@ AvmFlavor::AllConstRefValues AvmFlavor::ProverPolynomials::get_row(size_t row_id main_sel_op_nullifier_exists[row_idx], main_sel_op_or[row_idx], main_sel_op_poseidon2[row_idx], - main_sel_op_radix_le[row_idx], + main_sel_op_radix_be[row_idx], main_sel_op_sender[row_idx], main_sel_op_set[row_idx], main_sel_op_sha256[row_idx], @@ -1723,7 +1723,7 @@ AvmFlavor::CommitmentLabels::CommitmentLabels() Base::conversion_num_limbs = "CONVERSION_NUM_LIMBS"; Base::conversion_output_bits = "CONVERSION_OUTPUT_BITS"; Base::conversion_radix = "CONVERSION_RADIX"; - Base::conversion_sel_to_radix_le = "CONVERSION_SEL_TO_RADIX_LE"; + Base::conversion_sel_to_radix_be = "CONVERSION_SEL_TO_RADIX_BE"; Base::keccakf1600_clk = "KECCAKF1600_CLK"; Base::keccakf1600_input = "KECCAKF1600_INPUT"; Base::keccakf1600_output = "KECCAKF1600_OUTPUT"; @@ -1831,7 +1831,7 @@ AvmFlavor::CommitmentLabels::CommitmentLabels() Base::main_sel_op_nullifier_exists = "MAIN_SEL_OP_NULLIFIER_EXISTS"; Base::main_sel_op_or = "MAIN_SEL_OP_OR"; Base::main_sel_op_poseidon2 = "MAIN_SEL_OP_POSEIDON2"; - Base::main_sel_op_radix_le = "MAIN_SEL_OP_RADIX_LE"; + Base::main_sel_op_radix_be = "MAIN_SEL_OP_RADIX_BE"; Base::main_sel_op_sender = "MAIN_SEL_OP_SENDER"; Base::main_sel_op_set = "MAIN_SEL_OP_SET"; Base::main_sel_op_sha256 = "MAIN_SEL_OP_SHA256"; diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp index 711a694ad24..0b283a07027 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/flavor.hpp @@ -95,7 +95,7 @@ template using tuple_cat_t = decltype(std::tuple_cat(std:: // The entities that will be used in the flavor. // clang-format off #define PRECOMPUTED_ENTITIES byte_lookup_sel_bin, byte_lookup_table_byte_lengths, byte_lookup_table_in_tags, byte_lookup_table_input_a, byte_lookup_table_input_b, byte_lookup_table_op_id, byte_lookup_table_output, gas_base_da_gas_fixed_table, gas_base_l2_gas_fixed_table, gas_dyn_da_gas_fixed_table, gas_dyn_l2_gas_fixed_table, gas_sel_gas_cost, main_clk, main_sel_da_end_gas_kernel_input, main_sel_da_start_gas_kernel_input, main_sel_first, main_sel_l2_end_gas_kernel_input, main_sel_l2_start_gas_kernel_input, main_sel_start_exec, main_zeroes, powers_power_of_2 -#define WIRE_ENTITIES main_kernel_inputs, main_kernel_value_out, main_kernel_side_effect_out, main_kernel_metadata_out, main_calldata, main_returndata, alu_a_hi, alu_a_lo, alu_b_hi, alu_b_lo, alu_b_pow, alu_c_hi, alu_c_lo, alu_cf, alu_clk, alu_cmp_gadget_gt, alu_cmp_gadget_input_a, alu_cmp_gadget_input_b, alu_cmp_gadget_result, alu_cmp_gadget_sel, alu_ff_tag, alu_ia, alu_ib, alu_ic, alu_in_tag, alu_max_bits_sub_b_bits, alu_max_bits_sub_b_pow, alu_op_add, alu_op_cast, alu_op_div, alu_op_eq, alu_op_lt, alu_op_lte, alu_op_mul, alu_op_not, alu_op_shl, alu_op_shr, alu_op_sub, alu_partial_prod_hi, alu_partial_prod_lo, alu_range_check_input_value, alu_range_check_num_bits, alu_range_check_sel, alu_remainder, alu_sel_alu, alu_sel_cmp, alu_sel_shift_which, alu_u128_tag, alu_u16_tag, alu_u1_tag, alu_u32_tag, alu_u64_tag, alu_u8_tag, alu_zero_shift, binary_acc_ia, binary_acc_ib, binary_acc_ic, binary_clk, binary_ia_bytes, binary_ib_bytes, binary_ic_bytes, binary_in_tag, binary_mem_tag_ctr, binary_mem_tag_ctr_inv, binary_op_id, binary_sel_bin, binary_start, bytecode_end_latch, bytecode_length_remaining, bytecode_packed, bytecode_running_hash, cmp_a_hi, cmp_a_lo, cmp_b_hi, cmp_b_lo, cmp_borrow, cmp_clk, cmp_cmp_rng_ctr, cmp_input_a, cmp_input_b, cmp_op_eq, cmp_op_eq_diff_inv, cmp_op_gt, cmp_p_a_borrow, cmp_p_b_borrow, cmp_p_sub_a_hi, cmp_p_sub_a_lo, cmp_p_sub_b_hi, cmp_p_sub_b_lo, cmp_range_chk_clk, cmp_res_hi, cmp_res_lo, cmp_result, cmp_sel_cmp, cmp_sel_rng_chk, cmp_shift_sel, conversion_clk, conversion_input, conversion_num_limbs, conversion_output_bits, conversion_radix, conversion_sel_to_radix_le, keccakf1600_clk, keccakf1600_input, keccakf1600_output, keccakf1600_sel_keccakf1600, main_abs_da_rem_gas, main_abs_l2_rem_gas, main_alu_in_tag, main_base_da_gas_op_cost, main_base_l2_gas_op_cost, main_bin_op_id, main_call_ptr, main_da_gas_remaining, main_da_out_of_gas, main_dyn_da_gas_op_cost, main_dyn_gas_multiplier, main_dyn_l2_gas_op_cost, main_emit_l2_to_l1_msg_write_offset, main_emit_note_hash_write_offset, main_emit_nullifier_write_offset, main_emit_unencrypted_log_write_offset, main_ia, main_ib, main_ic, main_id, main_id_zero, main_ind_addr_a, main_ind_addr_b, main_ind_addr_c, main_ind_addr_d, main_internal_return_ptr, main_inv, main_is_fake_row, main_is_gas_accounted, main_kernel_in_offset, main_kernel_out_offset, main_l1_to_l2_msg_exists_write_offset, main_l2_gas_remaining, main_l2_out_of_gas, main_mem_addr_a, main_mem_addr_b, main_mem_addr_c, main_mem_addr_d, main_note_hash_exist_write_offset, main_nullifier_exists_write_offset, main_nullifier_non_exists_write_offset, main_op_err, main_opcode_val, main_pc, main_r_in_tag, main_rwa, main_rwb, main_rwc, main_rwd, main_sel_alu, main_sel_bin, main_sel_calldata, main_sel_execution_end, main_sel_execution_row, main_sel_kernel_inputs, main_sel_kernel_out, main_sel_mem_op_a, main_sel_mem_op_b, main_sel_mem_op_c, main_sel_mem_op_d, main_sel_mov_ia_to_ic, main_sel_mov_ib_to_ic, main_sel_op_add, main_sel_op_address, main_sel_op_and, main_sel_op_block_number, main_sel_op_calldata_copy, main_sel_op_cast, main_sel_op_chain_id, main_sel_op_dagasleft, main_sel_op_div, main_sel_op_ecadd, main_sel_op_emit_l2_to_l1_msg, main_sel_op_emit_note_hash, main_sel_op_emit_nullifier, main_sel_op_emit_unencrypted_log, main_sel_op_eq, main_sel_op_external_call, main_sel_op_external_return, main_sel_op_external_revert, main_sel_op_fdiv, main_sel_op_fee_per_da_gas, main_sel_op_fee_per_l2_gas, main_sel_op_function_selector, main_sel_op_get_contract_instance, main_sel_op_internal_call, main_sel_op_internal_return, main_sel_op_is_static_call, main_sel_op_jump, main_sel_op_jumpi, main_sel_op_keccak, main_sel_op_l1_to_l2_msg_exists, main_sel_op_l2gasleft, main_sel_op_lt, main_sel_op_lte, main_sel_op_mov, main_sel_op_msm, main_sel_op_mul, main_sel_op_not, main_sel_op_note_hash_exists, main_sel_op_nullifier_exists, main_sel_op_or, main_sel_op_poseidon2, main_sel_op_radix_le, main_sel_op_sender, main_sel_op_set, main_sel_op_sha256, main_sel_op_shl, main_sel_op_shr, main_sel_op_sload, main_sel_op_sstore, main_sel_op_static_call, main_sel_op_sub, main_sel_op_timestamp, main_sel_op_transaction_fee, main_sel_op_version, main_sel_op_xor, main_sel_q_kernel_lookup, main_sel_q_kernel_output_lookup, main_sel_resolve_ind_addr_a, main_sel_resolve_ind_addr_b, main_sel_resolve_ind_addr_c, main_sel_resolve_ind_addr_d, main_sel_returndata, main_sel_rng_16, main_sel_rng_8, main_sel_slice_gadget, main_side_effect_counter, main_sload_write_offset, main_space_id, main_sstore_write_offset, main_tag_err, main_w_in_tag, mem_addr, mem_clk, mem_diff, mem_glob_addr, mem_last, mem_lastAccess, mem_one_min_inv, mem_r_in_tag, mem_rw, mem_sel_mem, mem_sel_mov_ia_to_ic, mem_sel_mov_ib_to_ic, mem_sel_op_a, mem_sel_op_b, mem_sel_op_c, mem_sel_op_d, mem_sel_op_poseidon_read_a, mem_sel_op_poseidon_read_b, mem_sel_op_poseidon_read_c, mem_sel_op_poseidon_read_d, mem_sel_op_poseidon_write_a, mem_sel_op_poseidon_write_b, mem_sel_op_poseidon_write_c, mem_sel_op_poseidon_write_d, mem_sel_op_slice, mem_sel_resolve_ind_addr_a, mem_sel_resolve_ind_addr_b, mem_sel_resolve_ind_addr_c, mem_sel_resolve_ind_addr_d, mem_sel_rng_chk, mem_skip_check_tag, mem_space_id, mem_tag, mem_tag_err, mem_tsp, mem_val, mem_w_in_tag, poseidon2_B_10_0, poseidon2_B_10_1, poseidon2_B_10_2, poseidon2_B_10_3, poseidon2_B_11_0, poseidon2_B_11_1, poseidon2_B_11_2, poseidon2_B_11_3, poseidon2_B_12_0, poseidon2_B_12_1, poseidon2_B_12_2, poseidon2_B_12_3, poseidon2_B_13_0, poseidon2_B_13_1, poseidon2_B_13_2, poseidon2_B_13_3, poseidon2_B_14_0, poseidon2_B_14_1, poseidon2_B_14_2, poseidon2_B_14_3, poseidon2_B_15_0, poseidon2_B_15_1, poseidon2_B_15_2, poseidon2_B_15_3, poseidon2_B_16_0, poseidon2_B_16_1, poseidon2_B_16_2, poseidon2_B_16_3, poseidon2_B_17_0, poseidon2_B_17_1, poseidon2_B_17_2, poseidon2_B_17_3, poseidon2_B_18_0, poseidon2_B_18_1, poseidon2_B_18_2, poseidon2_B_18_3, poseidon2_B_19_0, poseidon2_B_19_1, poseidon2_B_19_2, poseidon2_B_19_3, poseidon2_B_20_0, poseidon2_B_20_1, poseidon2_B_20_2, poseidon2_B_20_3, poseidon2_B_21_0, poseidon2_B_21_1, poseidon2_B_21_2, poseidon2_B_21_3, poseidon2_B_22_0, poseidon2_B_22_1, poseidon2_B_22_2, poseidon2_B_22_3, poseidon2_B_23_0, poseidon2_B_23_1, poseidon2_B_23_2, poseidon2_B_23_3, poseidon2_B_24_0, poseidon2_B_24_1, poseidon2_B_24_2, poseidon2_B_24_3, poseidon2_B_25_0, poseidon2_B_25_1, poseidon2_B_25_2, poseidon2_B_25_3, poseidon2_B_26_0, poseidon2_B_26_1, poseidon2_B_26_2, poseidon2_B_26_3, poseidon2_B_27_0, poseidon2_B_27_1, poseidon2_B_27_2, poseidon2_B_27_3, poseidon2_B_28_0, poseidon2_B_28_1, poseidon2_B_28_2, poseidon2_B_28_3, poseidon2_B_29_0, poseidon2_B_29_1, poseidon2_B_29_2, poseidon2_B_29_3, poseidon2_B_30_0, poseidon2_B_30_1, poseidon2_B_30_2, poseidon2_B_30_3, poseidon2_B_31_0, poseidon2_B_31_1, poseidon2_B_31_2, poseidon2_B_31_3, poseidon2_B_32_0, poseidon2_B_32_1, poseidon2_B_32_2, poseidon2_B_32_3, poseidon2_B_33_0, poseidon2_B_33_1, poseidon2_B_33_2, poseidon2_B_33_3, poseidon2_B_34_0, poseidon2_B_34_1, poseidon2_B_34_2, poseidon2_B_34_3, poseidon2_B_35_0, poseidon2_B_35_1, poseidon2_B_35_2, poseidon2_B_35_3, poseidon2_B_36_0, poseidon2_B_36_1, poseidon2_B_36_2, poseidon2_B_36_3, poseidon2_B_37_0, poseidon2_B_37_1, poseidon2_B_37_2, poseidon2_B_37_3, poseidon2_B_38_0, poseidon2_B_38_1, poseidon2_B_38_2, poseidon2_B_38_3, poseidon2_B_39_0, poseidon2_B_39_1, poseidon2_B_39_2, poseidon2_B_39_3, poseidon2_B_40_0, poseidon2_B_40_1, poseidon2_B_40_2, poseidon2_B_40_3, poseidon2_B_41_0, poseidon2_B_41_1, poseidon2_B_41_2, poseidon2_B_41_3, poseidon2_B_42_0, poseidon2_B_42_1, poseidon2_B_42_2, poseidon2_B_42_3, poseidon2_B_43_0, poseidon2_B_43_1, poseidon2_B_43_2, poseidon2_B_43_3, poseidon2_B_44_0, poseidon2_B_44_1, poseidon2_B_44_2, poseidon2_B_44_3, poseidon2_B_45_0, poseidon2_B_45_1, poseidon2_B_45_2, poseidon2_B_45_3, poseidon2_B_46_0, poseidon2_B_46_1, poseidon2_B_46_2, poseidon2_B_46_3, poseidon2_B_47_0, poseidon2_B_47_1, poseidon2_B_47_2, poseidon2_B_47_3, poseidon2_B_48_0, poseidon2_B_48_1, poseidon2_B_48_2, poseidon2_B_48_3, poseidon2_B_49_0, poseidon2_B_49_1, poseidon2_B_49_2, poseidon2_B_49_3, poseidon2_B_4_0, poseidon2_B_4_1, poseidon2_B_4_2, poseidon2_B_4_3, poseidon2_B_50_0, poseidon2_B_50_1, poseidon2_B_50_2, poseidon2_B_50_3, poseidon2_B_51_0, poseidon2_B_51_1, poseidon2_B_51_2, poseidon2_B_51_3, poseidon2_B_52_0, poseidon2_B_52_1, poseidon2_B_52_2, poseidon2_B_52_3, poseidon2_B_53_0, poseidon2_B_53_1, poseidon2_B_53_2, poseidon2_B_53_3, poseidon2_B_54_0, poseidon2_B_54_1, poseidon2_B_54_2, poseidon2_B_54_3, poseidon2_B_55_0, poseidon2_B_55_1, poseidon2_B_55_2, poseidon2_B_55_3, poseidon2_B_56_0, poseidon2_B_56_1, poseidon2_B_56_2, poseidon2_B_56_3, poseidon2_B_57_0, poseidon2_B_57_1, poseidon2_B_57_2, poseidon2_B_57_3, poseidon2_B_58_0, poseidon2_B_58_1, poseidon2_B_58_2, poseidon2_B_58_3, poseidon2_B_59_0, poseidon2_B_59_1, poseidon2_B_59_2, poseidon2_B_59_3, poseidon2_B_5_0, poseidon2_B_5_1, poseidon2_B_5_2, poseidon2_B_5_3, poseidon2_B_6_0, poseidon2_B_6_1, poseidon2_B_6_2, poseidon2_B_6_3, poseidon2_B_7_0, poseidon2_B_7_1, poseidon2_B_7_2, poseidon2_B_7_3, poseidon2_B_8_0, poseidon2_B_8_1, poseidon2_B_8_2, poseidon2_B_8_3, poseidon2_B_9_0, poseidon2_B_9_1, poseidon2_B_9_2, poseidon2_B_9_3, poseidon2_EXT_LAYER_4, poseidon2_EXT_LAYER_5, poseidon2_EXT_LAYER_6, poseidon2_EXT_LAYER_7, poseidon2_T_0_4, poseidon2_T_0_5, poseidon2_T_0_6, poseidon2_T_0_7, poseidon2_T_1_4, poseidon2_T_1_5, poseidon2_T_1_6, poseidon2_T_1_7, poseidon2_T_2_4, poseidon2_T_2_5, poseidon2_T_2_6, poseidon2_T_2_7, poseidon2_T_3_4, poseidon2_T_3_5, poseidon2_T_3_6, poseidon2_T_3_7, poseidon2_T_60_4, poseidon2_T_60_5, poseidon2_T_60_6, poseidon2_T_60_7, poseidon2_T_61_4, poseidon2_T_61_5, poseidon2_T_61_6, poseidon2_T_61_7, poseidon2_T_62_4, poseidon2_T_62_5, poseidon2_T_62_6, poseidon2_T_62_7, poseidon2_T_63_4, poseidon2_T_63_5, poseidon2_T_63_6, poseidon2_T_63_7, poseidon2_a_0, poseidon2_a_1, poseidon2_a_2, poseidon2_a_3, poseidon2_b_0, poseidon2_b_1, poseidon2_b_2, poseidon2_b_3, poseidon2_clk, poseidon2_full_a_0, poseidon2_full_a_1, poseidon2_full_a_2, poseidon2_full_a_3, poseidon2_full_b_0, poseidon2_full_b_1, poseidon2_full_b_2, poseidon2_full_b_3, poseidon2_full_clk, poseidon2_full_end_poseidon, poseidon2_full_execute_poseidon_perm, poseidon2_full_input_0, poseidon2_full_input_1, poseidon2_full_input_2, poseidon2_full_input_len, poseidon2_full_num_perm_rounds_rem, poseidon2_full_num_perm_rounds_rem_inv, poseidon2_full_output, poseidon2_full_padding, poseidon2_full_sel_poseidon, poseidon2_full_start_poseidon, poseidon2_input_addr, poseidon2_mem_addr_read_a, poseidon2_mem_addr_read_b, poseidon2_mem_addr_read_c, poseidon2_mem_addr_read_d, poseidon2_mem_addr_write_a, poseidon2_mem_addr_write_b, poseidon2_mem_addr_write_c, poseidon2_mem_addr_write_d, poseidon2_output_addr, poseidon2_sel_poseidon_perm, poseidon2_sel_poseidon_perm_immediate, poseidon2_sel_poseidon_perm_mem_op, poseidon2_space_id, range_check_alu_rng_chk, range_check_clk, range_check_cmp_hi_bits_rng_chk, range_check_cmp_lo_bits_rng_chk, range_check_dyn_diff, range_check_dyn_rng_chk_bits, range_check_dyn_rng_chk_pow_2, range_check_gas_da_rng_chk, range_check_gas_l2_rng_chk, range_check_is_lte_u112, range_check_is_lte_u128, range_check_is_lte_u16, range_check_is_lte_u32, range_check_is_lte_u48, range_check_is_lte_u64, range_check_is_lte_u80, range_check_is_lte_u96, range_check_mem_rng_chk, range_check_rng_chk_bits, range_check_sel_lookup_0, range_check_sel_lookup_1, range_check_sel_lookup_2, range_check_sel_lookup_3, range_check_sel_lookup_4, range_check_sel_lookup_5, range_check_sel_lookup_6, range_check_sel_rng_chk, range_check_u16_r0, range_check_u16_r1, range_check_u16_r2, range_check_u16_r3, range_check_u16_r4, range_check_u16_r5, range_check_u16_r6, range_check_u16_r7, range_check_value, sha256_clk, sha256_input, sha256_output, sha256_sel_sha256_compression, sha256_state, slice_addr, slice_clk, slice_cnt, slice_col_offset, slice_one_min_inv, slice_sel_cd_cpy, slice_sel_mem_active, slice_sel_return, slice_sel_start, slice_space_id, slice_val, lookup_rng_chk_pow_2_counts, lookup_rng_chk_diff_counts, lookup_rng_chk_0_counts, lookup_rng_chk_1_counts, lookup_rng_chk_2_counts, lookup_rng_chk_3_counts, lookup_rng_chk_4_counts, lookup_rng_chk_5_counts, lookup_rng_chk_6_counts, lookup_rng_chk_7_counts, lookup_pow_2_0_counts, lookup_pow_2_1_counts, lookup_byte_lengths_counts, lookup_byte_operations_counts, lookup_opcode_gas_counts, kernel_output_lookup_counts, lookup_into_kernel_counts, lookup_cd_value_counts, lookup_ret_value_counts, incl_main_tag_err_counts, incl_mem_tag_err_counts +#define WIRE_ENTITIES main_kernel_inputs, main_kernel_value_out, main_kernel_side_effect_out, main_kernel_metadata_out, main_calldata, main_returndata, alu_a_hi, alu_a_lo, alu_b_hi, alu_b_lo, alu_b_pow, alu_c_hi, alu_c_lo, alu_cf, alu_clk, alu_cmp_gadget_gt, alu_cmp_gadget_input_a, alu_cmp_gadget_input_b, alu_cmp_gadget_result, alu_cmp_gadget_sel, alu_ff_tag, alu_ia, alu_ib, alu_ic, alu_in_tag, alu_max_bits_sub_b_bits, alu_max_bits_sub_b_pow, alu_op_add, alu_op_cast, alu_op_div, alu_op_eq, alu_op_lt, alu_op_lte, alu_op_mul, alu_op_not, alu_op_shl, alu_op_shr, alu_op_sub, alu_partial_prod_hi, alu_partial_prod_lo, alu_range_check_input_value, alu_range_check_num_bits, alu_range_check_sel, alu_remainder, alu_sel_alu, alu_sel_cmp, alu_sel_shift_which, alu_u128_tag, alu_u16_tag, alu_u1_tag, alu_u32_tag, alu_u64_tag, alu_u8_tag, alu_zero_shift, binary_acc_ia, binary_acc_ib, binary_acc_ic, binary_clk, binary_ia_bytes, binary_ib_bytes, binary_ic_bytes, binary_in_tag, binary_mem_tag_ctr, binary_mem_tag_ctr_inv, binary_op_id, binary_sel_bin, binary_start, bytecode_end_latch, bytecode_length_remaining, bytecode_packed, bytecode_running_hash, cmp_a_hi, cmp_a_lo, cmp_b_hi, cmp_b_lo, cmp_borrow, cmp_clk, cmp_cmp_rng_ctr, cmp_input_a, cmp_input_b, cmp_op_eq, cmp_op_eq_diff_inv, cmp_op_gt, cmp_p_a_borrow, cmp_p_b_borrow, cmp_p_sub_a_hi, cmp_p_sub_a_lo, cmp_p_sub_b_hi, cmp_p_sub_b_lo, cmp_range_chk_clk, cmp_res_hi, cmp_res_lo, cmp_result, cmp_sel_cmp, cmp_sel_rng_chk, cmp_shift_sel, conversion_clk, conversion_input, conversion_num_limbs, conversion_output_bits, conversion_radix, conversion_sel_to_radix_be, keccakf1600_clk, keccakf1600_input, keccakf1600_output, keccakf1600_sel_keccakf1600, main_abs_da_rem_gas, main_abs_l2_rem_gas, main_alu_in_tag, main_base_da_gas_op_cost, main_base_l2_gas_op_cost, main_bin_op_id, main_call_ptr, main_da_gas_remaining, main_da_out_of_gas, main_dyn_da_gas_op_cost, main_dyn_gas_multiplier, main_dyn_l2_gas_op_cost, main_emit_l2_to_l1_msg_write_offset, main_emit_note_hash_write_offset, main_emit_nullifier_write_offset, main_emit_unencrypted_log_write_offset, main_ia, main_ib, main_ic, main_id, main_id_zero, main_ind_addr_a, main_ind_addr_b, main_ind_addr_c, main_ind_addr_d, main_internal_return_ptr, main_inv, main_is_fake_row, main_is_gas_accounted, main_kernel_in_offset, main_kernel_out_offset, main_l1_to_l2_msg_exists_write_offset, main_l2_gas_remaining, main_l2_out_of_gas, main_mem_addr_a, main_mem_addr_b, main_mem_addr_c, main_mem_addr_d, main_note_hash_exist_write_offset, main_nullifier_exists_write_offset, main_nullifier_non_exists_write_offset, main_op_err, main_opcode_val, main_pc, main_r_in_tag, main_rwa, main_rwb, main_rwc, main_rwd, main_sel_alu, main_sel_bin, main_sel_calldata, main_sel_execution_end, main_sel_execution_row, main_sel_kernel_inputs, main_sel_kernel_out, main_sel_mem_op_a, main_sel_mem_op_b, main_sel_mem_op_c, main_sel_mem_op_d, main_sel_mov_ia_to_ic, main_sel_mov_ib_to_ic, main_sel_op_add, main_sel_op_address, main_sel_op_and, main_sel_op_block_number, main_sel_op_calldata_copy, main_sel_op_cast, main_sel_op_chain_id, main_sel_op_dagasleft, main_sel_op_div, main_sel_op_ecadd, main_sel_op_emit_l2_to_l1_msg, main_sel_op_emit_note_hash, main_sel_op_emit_nullifier, main_sel_op_emit_unencrypted_log, main_sel_op_eq, main_sel_op_external_call, main_sel_op_external_return, main_sel_op_external_revert, main_sel_op_fdiv, main_sel_op_fee_per_da_gas, main_sel_op_fee_per_l2_gas, main_sel_op_function_selector, main_sel_op_get_contract_instance, main_sel_op_internal_call, main_sel_op_internal_return, main_sel_op_is_static_call, main_sel_op_jump, main_sel_op_jumpi, main_sel_op_keccak, main_sel_op_l1_to_l2_msg_exists, main_sel_op_l2gasleft, main_sel_op_lt, main_sel_op_lte, main_sel_op_mov, main_sel_op_msm, main_sel_op_mul, main_sel_op_not, main_sel_op_note_hash_exists, main_sel_op_nullifier_exists, main_sel_op_or, main_sel_op_poseidon2, main_sel_op_radix_be, main_sel_op_sender, main_sel_op_set, main_sel_op_sha256, main_sel_op_shl, main_sel_op_shr, main_sel_op_sload, main_sel_op_sstore, main_sel_op_static_call, main_sel_op_sub, main_sel_op_timestamp, main_sel_op_transaction_fee, main_sel_op_version, main_sel_op_xor, main_sel_q_kernel_lookup, main_sel_q_kernel_output_lookup, main_sel_resolve_ind_addr_a, main_sel_resolve_ind_addr_b, main_sel_resolve_ind_addr_c, main_sel_resolve_ind_addr_d, main_sel_returndata, main_sel_rng_16, main_sel_rng_8, main_sel_slice_gadget, main_side_effect_counter, main_sload_write_offset, main_space_id, main_sstore_write_offset, main_tag_err, main_w_in_tag, mem_addr, mem_clk, mem_diff, mem_glob_addr, mem_last, mem_lastAccess, mem_one_min_inv, mem_r_in_tag, mem_rw, mem_sel_mem, mem_sel_mov_ia_to_ic, mem_sel_mov_ib_to_ic, mem_sel_op_a, mem_sel_op_b, mem_sel_op_c, mem_sel_op_d, mem_sel_op_poseidon_read_a, mem_sel_op_poseidon_read_b, mem_sel_op_poseidon_read_c, mem_sel_op_poseidon_read_d, mem_sel_op_poseidon_write_a, mem_sel_op_poseidon_write_b, mem_sel_op_poseidon_write_c, mem_sel_op_poseidon_write_d, mem_sel_op_slice, mem_sel_resolve_ind_addr_a, mem_sel_resolve_ind_addr_b, mem_sel_resolve_ind_addr_c, mem_sel_resolve_ind_addr_d, mem_sel_rng_chk, mem_skip_check_tag, mem_space_id, mem_tag, mem_tag_err, mem_tsp, mem_val, mem_w_in_tag, poseidon2_B_10_0, poseidon2_B_10_1, poseidon2_B_10_2, poseidon2_B_10_3, poseidon2_B_11_0, poseidon2_B_11_1, poseidon2_B_11_2, poseidon2_B_11_3, poseidon2_B_12_0, poseidon2_B_12_1, poseidon2_B_12_2, poseidon2_B_12_3, poseidon2_B_13_0, poseidon2_B_13_1, poseidon2_B_13_2, poseidon2_B_13_3, poseidon2_B_14_0, poseidon2_B_14_1, poseidon2_B_14_2, poseidon2_B_14_3, poseidon2_B_15_0, poseidon2_B_15_1, poseidon2_B_15_2, poseidon2_B_15_3, poseidon2_B_16_0, poseidon2_B_16_1, poseidon2_B_16_2, poseidon2_B_16_3, poseidon2_B_17_0, poseidon2_B_17_1, poseidon2_B_17_2, poseidon2_B_17_3, poseidon2_B_18_0, poseidon2_B_18_1, poseidon2_B_18_2, poseidon2_B_18_3, poseidon2_B_19_0, poseidon2_B_19_1, poseidon2_B_19_2, poseidon2_B_19_3, poseidon2_B_20_0, poseidon2_B_20_1, poseidon2_B_20_2, poseidon2_B_20_3, poseidon2_B_21_0, poseidon2_B_21_1, poseidon2_B_21_2, poseidon2_B_21_3, poseidon2_B_22_0, poseidon2_B_22_1, poseidon2_B_22_2, poseidon2_B_22_3, poseidon2_B_23_0, poseidon2_B_23_1, poseidon2_B_23_2, poseidon2_B_23_3, poseidon2_B_24_0, poseidon2_B_24_1, poseidon2_B_24_2, poseidon2_B_24_3, poseidon2_B_25_0, poseidon2_B_25_1, poseidon2_B_25_2, poseidon2_B_25_3, poseidon2_B_26_0, poseidon2_B_26_1, poseidon2_B_26_2, poseidon2_B_26_3, poseidon2_B_27_0, poseidon2_B_27_1, poseidon2_B_27_2, poseidon2_B_27_3, poseidon2_B_28_0, poseidon2_B_28_1, poseidon2_B_28_2, poseidon2_B_28_3, poseidon2_B_29_0, poseidon2_B_29_1, poseidon2_B_29_2, poseidon2_B_29_3, poseidon2_B_30_0, poseidon2_B_30_1, poseidon2_B_30_2, poseidon2_B_30_3, poseidon2_B_31_0, poseidon2_B_31_1, poseidon2_B_31_2, poseidon2_B_31_3, poseidon2_B_32_0, poseidon2_B_32_1, poseidon2_B_32_2, poseidon2_B_32_3, poseidon2_B_33_0, poseidon2_B_33_1, poseidon2_B_33_2, poseidon2_B_33_3, poseidon2_B_34_0, poseidon2_B_34_1, poseidon2_B_34_2, poseidon2_B_34_3, poseidon2_B_35_0, poseidon2_B_35_1, poseidon2_B_35_2, poseidon2_B_35_3, poseidon2_B_36_0, poseidon2_B_36_1, poseidon2_B_36_2, poseidon2_B_36_3, poseidon2_B_37_0, poseidon2_B_37_1, poseidon2_B_37_2, poseidon2_B_37_3, poseidon2_B_38_0, poseidon2_B_38_1, poseidon2_B_38_2, poseidon2_B_38_3, poseidon2_B_39_0, poseidon2_B_39_1, poseidon2_B_39_2, poseidon2_B_39_3, poseidon2_B_40_0, poseidon2_B_40_1, poseidon2_B_40_2, poseidon2_B_40_3, poseidon2_B_41_0, poseidon2_B_41_1, poseidon2_B_41_2, poseidon2_B_41_3, poseidon2_B_42_0, poseidon2_B_42_1, poseidon2_B_42_2, poseidon2_B_42_3, poseidon2_B_43_0, poseidon2_B_43_1, poseidon2_B_43_2, poseidon2_B_43_3, poseidon2_B_44_0, poseidon2_B_44_1, poseidon2_B_44_2, poseidon2_B_44_3, poseidon2_B_45_0, poseidon2_B_45_1, poseidon2_B_45_2, poseidon2_B_45_3, poseidon2_B_46_0, poseidon2_B_46_1, poseidon2_B_46_2, poseidon2_B_46_3, poseidon2_B_47_0, poseidon2_B_47_1, poseidon2_B_47_2, poseidon2_B_47_3, poseidon2_B_48_0, poseidon2_B_48_1, poseidon2_B_48_2, poseidon2_B_48_3, poseidon2_B_49_0, poseidon2_B_49_1, poseidon2_B_49_2, poseidon2_B_49_3, poseidon2_B_4_0, poseidon2_B_4_1, poseidon2_B_4_2, poseidon2_B_4_3, poseidon2_B_50_0, poseidon2_B_50_1, poseidon2_B_50_2, poseidon2_B_50_3, poseidon2_B_51_0, poseidon2_B_51_1, poseidon2_B_51_2, poseidon2_B_51_3, poseidon2_B_52_0, poseidon2_B_52_1, poseidon2_B_52_2, poseidon2_B_52_3, poseidon2_B_53_0, poseidon2_B_53_1, poseidon2_B_53_2, poseidon2_B_53_3, poseidon2_B_54_0, poseidon2_B_54_1, poseidon2_B_54_2, poseidon2_B_54_3, poseidon2_B_55_0, poseidon2_B_55_1, poseidon2_B_55_2, poseidon2_B_55_3, poseidon2_B_56_0, poseidon2_B_56_1, poseidon2_B_56_2, poseidon2_B_56_3, poseidon2_B_57_0, poseidon2_B_57_1, poseidon2_B_57_2, poseidon2_B_57_3, poseidon2_B_58_0, poseidon2_B_58_1, poseidon2_B_58_2, poseidon2_B_58_3, poseidon2_B_59_0, poseidon2_B_59_1, poseidon2_B_59_2, poseidon2_B_59_3, poseidon2_B_5_0, poseidon2_B_5_1, poseidon2_B_5_2, poseidon2_B_5_3, poseidon2_B_6_0, poseidon2_B_6_1, poseidon2_B_6_2, poseidon2_B_6_3, poseidon2_B_7_0, poseidon2_B_7_1, poseidon2_B_7_2, poseidon2_B_7_3, poseidon2_B_8_0, poseidon2_B_8_1, poseidon2_B_8_2, poseidon2_B_8_3, poseidon2_B_9_0, poseidon2_B_9_1, poseidon2_B_9_2, poseidon2_B_9_3, poseidon2_EXT_LAYER_4, poseidon2_EXT_LAYER_5, poseidon2_EXT_LAYER_6, poseidon2_EXT_LAYER_7, poseidon2_T_0_4, poseidon2_T_0_5, poseidon2_T_0_6, poseidon2_T_0_7, poseidon2_T_1_4, poseidon2_T_1_5, poseidon2_T_1_6, poseidon2_T_1_7, poseidon2_T_2_4, poseidon2_T_2_5, poseidon2_T_2_6, poseidon2_T_2_7, poseidon2_T_3_4, poseidon2_T_3_5, poseidon2_T_3_6, poseidon2_T_3_7, poseidon2_T_60_4, poseidon2_T_60_5, poseidon2_T_60_6, poseidon2_T_60_7, poseidon2_T_61_4, poseidon2_T_61_5, poseidon2_T_61_6, poseidon2_T_61_7, poseidon2_T_62_4, poseidon2_T_62_5, poseidon2_T_62_6, poseidon2_T_62_7, poseidon2_T_63_4, poseidon2_T_63_5, poseidon2_T_63_6, poseidon2_T_63_7, poseidon2_a_0, poseidon2_a_1, poseidon2_a_2, poseidon2_a_3, poseidon2_b_0, poseidon2_b_1, poseidon2_b_2, poseidon2_b_3, poseidon2_clk, poseidon2_full_a_0, poseidon2_full_a_1, poseidon2_full_a_2, poseidon2_full_a_3, poseidon2_full_b_0, poseidon2_full_b_1, poseidon2_full_b_2, poseidon2_full_b_3, poseidon2_full_clk, poseidon2_full_end_poseidon, poseidon2_full_execute_poseidon_perm, poseidon2_full_input_0, poseidon2_full_input_1, poseidon2_full_input_2, poseidon2_full_input_len, poseidon2_full_num_perm_rounds_rem, poseidon2_full_num_perm_rounds_rem_inv, poseidon2_full_output, poseidon2_full_padding, poseidon2_full_sel_poseidon, poseidon2_full_start_poseidon, poseidon2_input_addr, poseidon2_mem_addr_read_a, poseidon2_mem_addr_read_b, poseidon2_mem_addr_read_c, poseidon2_mem_addr_read_d, poseidon2_mem_addr_write_a, poseidon2_mem_addr_write_b, poseidon2_mem_addr_write_c, poseidon2_mem_addr_write_d, poseidon2_output_addr, poseidon2_sel_poseidon_perm, poseidon2_sel_poseidon_perm_immediate, poseidon2_sel_poseidon_perm_mem_op, poseidon2_space_id, range_check_alu_rng_chk, range_check_clk, range_check_cmp_hi_bits_rng_chk, range_check_cmp_lo_bits_rng_chk, range_check_dyn_diff, range_check_dyn_rng_chk_bits, range_check_dyn_rng_chk_pow_2, range_check_gas_da_rng_chk, range_check_gas_l2_rng_chk, range_check_is_lte_u112, range_check_is_lte_u128, range_check_is_lte_u16, range_check_is_lte_u32, range_check_is_lte_u48, range_check_is_lte_u64, range_check_is_lte_u80, range_check_is_lte_u96, range_check_mem_rng_chk, range_check_rng_chk_bits, range_check_sel_lookup_0, range_check_sel_lookup_1, range_check_sel_lookup_2, range_check_sel_lookup_3, range_check_sel_lookup_4, range_check_sel_lookup_5, range_check_sel_lookup_6, range_check_sel_rng_chk, range_check_u16_r0, range_check_u16_r1, range_check_u16_r2, range_check_u16_r3, range_check_u16_r4, range_check_u16_r5, range_check_u16_r6, range_check_u16_r7, range_check_value, sha256_clk, sha256_input, sha256_output, sha256_sel_sha256_compression, sha256_state, slice_addr, slice_clk, slice_cnt, slice_col_offset, slice_one_min_inv, slice_sel_cd_cpy, slice_sel_mem_active, slice_sel_return, slice_sel_start, slice_space_id, slice_val, lookup_rng_chk_pow_2_counts, lookup_rng_chk_diff_counts, lookup_rng_chk_0_counts, lookup_rng_chk_1_counts, lookup_rng_chk_2_counts, lookup_rng_chk_3_counts, lookup_rng_chk_4_counts, lookup_rng_chk_5_counts, lookup_rng_chk_6_counts, lookup_rng_chk_7_counts, lookup_pow_2_0_counts, lookup_pow_2_1_counts, lookup_byte_lengths_counts, lookup_byte_operations_counts, lookup_opcode_gas_counts, kernel_output_lookup_counts, lookup_into_kernel_counts, lookup_cd_value_counts, lookup_ret_value_counts, incl_main_tag_err_counts, incl_mem_tag_err_counts #define DERIVED_WITNESS_ENTITIES perm_rng_mem_inv, perm_rng_cmp_lo_inv, perm_rng_cmp_hi_inv, perm_rng_alu_inv, perm_cmp_alu_inv, perm_rng_gas_l2_inv, perm_rng_gas_da_inv, perm_l2_start_gas_inv, perm_da_start_gas_inv, perm_l2_end_gas_inv, perm_da_end_gas_inv, perm_pos_mem_read_a_inv, perm_pos_mem_read_b_inv, perm_pos_mem_read_c_inv, perm_pos_mem_read_d_inv, perm_pos_mem_write_a_inv, perm_pos_mem_write_b_inv, perm_pos_mem_write_c_inv, perm_pos_mem_write_d_inv, perm_pos2_fixed_pos2_perm_inv, perm_slice_mem_inv, perm_main_alu_inv, perm_main_bin_inv, perm_main_conv_inv, perm_main_sha256_inv, perm_main_pos2_perm_inv, perm_main_slice_inv, perm_main_mem_a_inv, perm_main_mem_b_inv, perm_main_mem_c_inv, perm_main_mem_d_inv, perm_main_mem_ind_addr_a_inv, perm_main_mem_ind_addr_b_inv, perm_main_mem_ind_addr_c_inv, perm_main_mem_ind_addr_d_inv, lookup_rng_chk_pow_2_inv, lookup_rng_chk_diff_inv, lookup_rng_chk_0_inv, lookup_rng_chk_1_inv, lookup_rng_chk_2_inv, lookup_rng_chk_3_inv, lookup_rng_chk_4_inv, lookup_rng_chk_5_inv, lookup_rng_chk_6_inv, lookup_rng_chk_7_inv, lookup_pow_2_0_inv, lookup_pow_2_1_inv, lookup_byte_lengths_inv, lookup_byte_operations_inv, lookup_opcode_gas_inv, kernel_output_lookup_inv, lookup_into_kernel_inv, lookup_cd_value_inv, lookup_ret_value_inv, incl_main_tag_err_inv, incl_mem_tag_err_inv #define SHIFTED_ENTITIES binary_acc_ia_shift, binary_acc_ib_shift, binary_acc_ic_shift, binary_mem_tag_ctr_shift, binary_op_id_shift, cmp_a_hi_shift, cmp_a_lo_shift, cmp_b_hi_shift, cmp_b_lo_shift, cmp_cmp_rng_ctr_shift, cmp_op_gt_shift, cmp_p_sub_a_hi_shift, cmp_p_sub_a_lo_shift, cmp_p_sub_b_hi_shift, cmp_p_sub_b_lo_shift, cmp_sel_rng_chk_shift, main_da_gas_remaining_shift, main_emit_l2_to_l1_msg_write_offset_shift, main_emit_note_hash_write_offset_shift, main_emit_nullifier_write_offset_shift, main_emit_unencrypted_log_write_offset_shift, main_internal_return_ptr_shift, main_l1_to_l2_msg_exists_write_offset_shift, main_l2_gas_remaining_shift, main_note_hash_exist_write_offset_shift, main_nullifier_exists_write_offset_shift, main_nullifier_non_exists_write_offset_shift, main_pc_shift, main_sel_execution_end_shift, main_sel_execution_row_shift, main_sload_write_offset_shift, main_sstore_write_offset_shift, mem_glob_addr_shift, mem_rw_shift, mem_sel_mem_shift, mem_tag_shift, mem_tsp_shift, mem_val_shift, poseidon2_full_a_0_shift, poseidon2_full_a_1_shift, poseidon2_full_a_2_shift, poseidon2_full_a_3_shift, poseidon2_full_execute_poseidon_perm_shift, poseidon2_full_input_0_shift, poseidon2_full_input_1_shift, poseidon2_full_input_2_shift, poseidon2_full_num_perm_rounds_rem_shift, poseidon2_full_sel_poseidon_shift, poseidon2_full_start_poseidon_shift, slice_addr_shift, slice_clk_shift, slice_cnt_shift, slice_col_offset_shift, slice_sel_cd_cpy_shift, slice_sel_mem_active_shift, slice_sel_return_shift, slice_sel_start_shift, slice_space_id_shift #define TO_BE_SHIFTED(e) e.binary_acc_ia, e.binary_acc_ib, e.binary_acc_ic, e.binary_mem_tag_ctr, e.binary_op_id, e.cmp_a_hi, e.cmp_a_lo, e.cmp_b_hi, e.cmp_b_lo, e.cmp_cmp_rng_ctr, e.cmp_op_gt, e.cmp_p_sub_a_hi, e.cmp_p_sub_a_lo, e.cmp_p_sub_b_hi, e.cmp_p_sub_b_lo, e.cmp_sel_rng_chk, e.main_da_gas_remaining, e.main_emit_l2_to_l1_msg_write_offset, e.main_emit_note_hash_write_offset, e.main_emit_nullifier_write_offset, e.main_emit_unencrypted_log_write_offset, e.main_internal_return_ptr, e.main_l1_to_l2_msg_exists_write_offset, e.main_l2_gas_remaining, e.main_note_hash_exist_write_offset, e.main_nullifier_exists_write_offset, e.main_nullifier_non_exists_write_offset, e.main_pc, e.main_sel_execution_end, e.main_sel_execution_row, e.main_sload_write_offset, e.main_sstore_write_offset, e.mem_glob_addr, e.mem_rw, e.mem_sel_mem, e.mem_tag, e.mem_tsp, e.mem_val, e.poseidon2_full_a_0, e.poseidon2_full_a_1, e.poseidon2_full_a_2, e.poseidon2_full_a_3, e.poseidon2_full_execute_poseidon_perm, e.poseidon2_full_input_0, e.poseidon2_full_input_1, e.poseidon2_full_input_2, e.poseidon2_full_num_perm_rounds_rem, e.poseidon2_full_sel_poseidon, e.poseidon2_full_start_poseidon, e.slice_addr, e.slice_clk, e.slice_cnt, e.slice_col_offset, e.slice_sel_cd_cpy, e.slice_sel_mem_active, e.slice_sel_return, e.slice_sel_start, e.slice_space_id diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.cpp index 76c4e64bb98..df14176558d 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.cpp @@ -141,7 +141,7 @@ template std::vector AvmFullRow::names() "conversion_num_limbs", "conversion_output_bits", "conversion_radix", - "conversion_sel_to_radix_le", + "conversion_sel_to_radix_be", "keccakf1600_clk", "keccakf1600_input", "keccakf1600_output", @@ -249,7 +249,7 @@ template std::vector AvmFullRow::names() "main_sel_op_nullifier_exists", "main_sel_op_or", "main_sel_op_poseidon2", - "main_sel_op_radix_le", + "main_sel_op_radix_be", "main_sel_op_sender", "main_sel_op_set", "main_sel_op_sha256", @@ -876,7 +876,7 @@ template RefVector AvmFullRow::as_vector() const conversion_num_limbs, conversion_output_bits, conversion_radix, - conversion_sel_to_radix_le, + conversion_sel_to_radix_be, keccakf1600_clk, keccakf1600_input, keccakf1600_output, @@ -984,7 +984,7 @@ template RefVector AvmFullRow::as_vector() const main_sel_op_nullifier_exists, main_sel_op_or, main_sel_op_poseidon2, - main_sel_op_radix_le, + main_sel_op_radix_be, main_sel_op_sender, main_sel_op_set, main_sel_op_sha256, diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.hpp index 68a3b8f4457..01a8603f23e 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/full_row.hpp @@ -132,7 +132,7 @@ template struct AvmFullRow { FF conversion_num_limbs{}; FF conversion_output_bits{}; FF conversion_radix{}; - FF conversion_sel_to_radix_le{}; + FF conversion_sel_to_radix_be{}; FF keccakf1600_clk{}; FF keccakf1600_input{}; FF keccakf1600_output{}; @@ -240,7 +240,7 @@ template struct AvmFullRow { FF main_sel_op_nullifier_exists{}; FF main_sel_op_or{}; FF main_sel_op_poseidon2{}; - FF main_sel_op_radix_le{}; + FF main_sel_op_radix_be{}; FF main_sel_op_sender{}; FF main_sel_op_set{}; FF main_sel_op_sha256{}; diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/conversion.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/conversion.hpp index ec82a7624ae..e39957ed8bb 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/conversion.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/conversion.hpp @@ -21,7 +21,7 @@ template class conversionImpl { { using Accumulator = typename std::tuple_element_t<0, ContainerOverSubrelations>; - auto tmp = (new_term.conversion_sel_to_radix_le * (FF(1) - new_term.conversion_sel_to_radix_le)); + auto tmp = (new_term.conversion_sel_to_radix_be * (FF(1) - new_term.conversion_sel_to_radix_be)); tmp *= scaling_factor; std::get<0>(evals) += typename Accumulator::View(tmp); } diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/main.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/main.hpp index 8869a0fb847..257ab6eb453 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/main.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/main.hpp @@ -65,7 +65,7 @@ template class mainImpl { const auto main_SEL_ALL_BINARY = ((new_term.main_sel_op_and + new_term.main_sel_op_or) + new_term.main_sel_op_xor); const auto main_SEL_ALL_GADGET = - (((((new_term.main_sel_op_radix_le + new_term.main_sel_op_sha256) + new_term.main_sel_op_poseidon2) + + (((((new_term.main_sel_op_radix_be + new_term.main_sel_op_sha256) + new_term.main_sel_op_poseidon2) + new_term.main_sel_op_keccak) + new_term.main_sel_op_ecadd) + new_term.main_sel_op_msm); @@ -245,7 +245,7 @@ template class mainImpl { } { using Accumulator = typename std::tuple_element_t<26, ContainerOverSubrelations>; - auto tmp = (new_term.main_sel_op_radix_le * (FF(1) - new_term.main_sel_op_radix_le)); + auto tmp = (new_term.main_sel_op_radix_be * (FF(1) - new_term.main_sel_op_radix_be)); tmp *= scaling_factor; std::get<26>(evals) += typename Accumulator::View(tmp); } diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/perm_main_conv.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/perm_main_conv.hpp index a97b8c1a046..de82abea0a5 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/perm_main_conv.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/generated/relations/perm_main_conv.hpp @@ -15,15 +15,15 @@ class perm_main_conv_permutation_settings { template static inline auto inverse_polynomial_is_computed_at_row(const AllEntities& in) { - return (in.main_sel_op_radix_le == 1 || in.conversion_sel_to_radix_le == 1); + return (in.main_sel_op_radix_be == 1 || in.conversion_sel_to_radix_be == 1); } template static inline auto get_const_entities(const AllEntities& in) { return std::forward_as_tuple(in.perm_main_conv_inv, - in.main_sel_op_radix_le, - in.main_sel_op_radix_le, - in.conversion_sel_to_radix_le, + in.main_sel_op_radix_be, + in.main_sel_op_radix_be, + in.conversion_sel_to_radix_be, in.main_clk, in.main_ia, in.main_ib, @@ -39,9 +39,9 @@ class perm_main_conv_permutation_settings { template static inline auto get_nonconst_entities(AllEntities& in) { return std::forward_as_tuple(in.perm_main_conv_inv, - in.main_sel_op_radix_le, - in.main_sel_op_radix_le, - in.conversion_sel_to_radix_le, + in.main_sel_op_radix_be, + in.main_sel_op_radix_be, + in.conversion_sel_to_radix_be, in.main_clk, in.main_ia, in.main_ib, diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/tests/execution.test.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/tests/execution.test.cpp index 4eabce2b29d..229cf357c99 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/tests/execution.test.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/tests/execution.test.cpp @@ -734,8 +734,8 @@ TEST_F(AvmExecutionTests, setAndCastOpcodes) validate_trace(std::move(trace), public_inputs); } -// Positive test with TO_RADIX_LE. -TEST_F(AvmExecutionTests, toRadixLeOpcode) +// Positive test with TO_RADIX_BE. +TEST_F(AvmExecutionTests, toRadixBeOpcodeBytes) { std::string bytecode_hex = to_hex(OpCode::SET_8) + // opcode SET "00" // Indirect flag @@ -767,7 +767,7 @@ TEST_F(AvmExecutionTests, toRadixLeOpcode) + to_hex(AvmMemoryTag::U32) + "02" // value 2 (i.e. radix 2 - perform bitwise decomposition) "80" // radix_offset 80 - + to_hex(OpCode::TORADIXLE) + // opcode TO_RADIX_LE + + to_hex(OpCode::TORADIXBE) + // opcode TO_RADIX_BE "03" // Indirect flag "0011" // src_offset 17 (indirect) "0015" // dst_offset 21 (indirect) @@ -788,21 +788,23 @@ TEST_F(AvmExecutionTests, toRadixLeOpcode) auto trace = gen_trace(bytecode, std::vector{ FF::modulus - FF(1) }, public_inputs_vec, returndata, execution_hints); - // Find the first row enabling the TORADIXLE selector + // Find the first row enabling the TORADIXBE selector // Expected output is bitwise decomposition of MODULUS - 1..could hardcode the result but it's a bit long - std::vector expected_output; + size_t num_limbs = 256; + std::vector expected_output(num_limbs); // Extract each bit. - for (size_t i = 0; i < 256; i++) { + for (size_t i = 0; i < num_limbs; i++) { + auto byte_index = num_limbs - i - 1; FF expected_limb = (FF::modulus - 1) >> i & 1; - expected_output.emplace_back(expected_limb); + expected_output[byte_index] = expected_limb; } EXPECT_EQ(returndata, expected_output); validate_trace(std::move(trace), public_inputs, { FF::modulus - FF(1) }, returndata); } -// Positive test with TO_RADIX_LE. -TEST_F(AvmExecutionTests, toRadixLeOpcodeBitsMode) +// Positive test with TO_RADIX_BE. +TEST_F(AvmExecutionTests, toRadixBeOpcodeBitsMode) { std::string bytecode_hex = to_hex(OpCode::SET_8) + // opcode SET "00" // Indirect flag @@ -834,7 +836,7 @@ TEST_F(AvmExecutionTests, toRadixLeOpcodeBitsMode) + to_hex(AvmMemoryTag::U32) + "02" // value 2 (i.e. radix 2 - perform bitwise decomposition) "80" // radix_offset 80 - + to_hex(OpCode::TORADIXLE) + // opcode TO_RADIX_LE + + to_hex(OpCode::TORADIXBE) + // opcode TO_RADIX_BE "03" // Indirect flag "0011" // src_offset 17 (indirect) "0015" // dst_offset 21 (indirect) @@ -855,13 +857,15 @@ TEST_F(AvmExecutionTests, toRadixLeOpcodeBitsMode) auto trace = gen_trace(bytecode, std::vector{ FF::modulus - FF(1) }, public_inputs_vec, returndata, execution_hints); - // Find the first row enabling the TORADIXLE selector + // Find the first row enabling the TORADIXBE selector // Expected output is bitwise decomposition of MODULUS - 1..could hardcode the result but it's a bit long - std::vector expected_output; + size_t num_limbs = 256; + std::vector expected_output(num_limbs); // Extract each bit. - for (size_t i = 0; i < 256; i++) { + for (size_t i = 0; i < num_limbs; i++) { + auto byte_index = num_limbs - i - 1; FF expected_limb = (FF::modulus - 1) >> i & 1; - expected_output.emplace_back(expected_limb); + expected_output[byte_index] = expected_limb; } EXPECT_EQ(returndata, expected_output); diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/deserialization.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/deserialization.cpp index 88be6bca8df..2770ab5bfda 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/deserialization.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/deserialization.cpp @@ -176,7 +176,7 @@ const std::unordered_map> OPCODE_WIRE_FORMAT = { OpCode::MSM, { OperandType::INDIRECT8, OperandType::UINT16, OperandType::UINT16, OperandType::UINT16, OperandType::UINT16 } }, // Gadget - Conversion - { OpCode::TORADIXLE, + { OpCode::TORADIXBE, { OperandType::INDIRECT8, OperandType::UINT16, OperandType::UINT16, diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/execution.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/execution.cpp index 6e5659f91dd..6d6f7fbfc47 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/execution.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/execution.cpp @@ -726,8 +726,8 @@ std::vector Execution::gen_trace(std::vector const& calldata, break; // Conversions - case OpCode::TORADIXLE: - trace_builder.op_to_radix_le(std::get(inst.operands.at(0)), + case OpCode::TORADIXBE: + trace_builder.op_to_radix_be(std::get(inst.operands.at(0)), std::get(inst.operands.at(1)), std::get(inst.operands.at(2)), std::get(inst.operands.at(3)), diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.cpp index d64c7f3e310..edb550f2b15 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.cpp @@ -87,7 +87,7 @@ const std::unordered_map GAS_COST_TABLE = { { OpCode::KECCAKF1600, make_cost(AVM_KECCAKF1600_BASE_L2_GAS, 0, 0, 0) }, { OpCode::ECADD, make_cost(AVM_ECADD_BASE_L2_GAS, 0, 0, 0) }, { OpCode::MSM, make_cost(AVM_MSM_BASE_L2_GAS, 0, AVM_MSM_DYN_L2_GAS, 0) }, - { OpCode::TORADIXLE, make_cost(AVM_TORADIXLE_BASE_L2_GAS, 0, AVM_TORADIXLE_DYN_L2_GAS, 0) }, + { OpCode::TORADIXBE, make_cost(AVM_TORADIXBE_BASE_L2_GAS, 0, AVM_TORADIXBE_DYN_L2_GAS, 0) }, }; } // namespace diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.hpp index b91cbf6a598..d157c458bfd 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/fixed_gas.hpp @@ -39,4 +39,4 @@ template void merge_into(DestRow& dest, FixedGasTable::GasRow dest.gas_dyn_da_gas_fixed_table = src.dyn_da_gas_fixed_table; } -} // namespace bb::avm_trace \ No newline at end of file +} // namespace bb::avm_trace diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.cpp index 07a4320ec9c..2d855610bed 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.cpp @@ -14,39 +14,42 @@ void AvmConversionTraceBuilder::reset() } /** - * @brief Build conversion trace and compute the result of a TO_RADIX_LE operation. + * @brief Build conversion trace and compute the result of a TO_RADIX_BE operation. * This operation is only valid for the FF instr_tag and always returns a byte array * - * @param a First operand of the TO_RADIX_LE, the value to be converted + * @param a First operand of the TO_RADIX_BE, the value to be converted * @param radix The upper bound for each limbm 0 <= limb < radix * @param num_limbs The number of limbs to the value into. * @param output_bits Should the output be U1s instead of U8s? * @param clk Clock referring to the operation in the main trace. * - * @return std::vector The LE converted values stored as bytes or bits. + * @return std::vector The BE converted values stored as bytes or bits. */ -std::vector AvmConversionTraceBuilder::op_to_radix_le( +std::vector AvmConversionTraceBuilder::op_to_radix_be( FF const& a, uint32_t radix, uint32_t num_limbs, uint8_t output_bits, uint32_t clk) { + // TODO: constraints for these assertions + ASSERT(num_limbs > 0); ASSERT(radix <= 256); // should never reach here because main trace won't call with bad radix auto a_uint256 = uint256_t(a); auto radix_uint256 = uint256_t(radix); - std::vector bytes_or_bits; + std::vector bytes_or_bits(num_limbs); for (uint32_t i = 0; i < num_limbs; i++) { + auto byte_index = num_limbs - i - 1; auto limb = a_uint256 % radix_uint256; if (output_bits > 0) { - bytes_or_bits.emplace_back(static_cast(limb == 0 ? 0 : 1)); + bytes_or_bits[byte_index] = static_cast(limb == 0 ? 0 : 1); } else { - bytes_or_bits.emplace_back(static_cast(limb)); + bytes_or_bits[byte_index] = static_cast(limb); } a_uint256 /= radix_uint256; } conversion_trace.emplace_back(ConversionTraceEntry{ .conversion_clk = clk, - .to_radix_le_sel = true, + .to_radix_be_sel = true, .input = a, .radix = radix, .num_limbs = num_limbs, diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.hpp index cf0ac4723bf..84cb3ea299a 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/gadgets/conversion_trace.hpp @@ -13,7 +13,7 @@ class AvmConversionTraceBuilder { public: struct ConversionTraceEntry { uint32_t conversion_clk = 0; - bool to_radix_le_sel = false; + bool to_radix_be_sel = false; FF input{}; uint32_t radix = 0; uint32_t num_limbs = 0; @@ -26,7 +26,7 @@ class AvmConversionTraceBuilder { // Finalize the trace std::vector finalize(); - std::vector op_to_radix_le( + std::vector op_to_radix_be( FF const& a, uint32_t radix, uint32_t num_limbs, uint8_t output_bits, uint32_t clk); private: diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.cpp index 2d9348eff83..d247fca4661 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.cpp @@ -168,8 +168,8 @@ std::string to_string(OpCode opcode) case OpCode::MSM: return "MSM"; // Conversions - case OpCode::TORADIXLE: - return "TORADIXLE"; + case OpCode::TORADIXBE: + return "TORADIXBE"; // Sentinel case OpCode::LAST_OPCODE_SENTINEL: return "LAST_OPCODE_SENTINEL"; diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.hpp index 4aef84ee5bf..427ae5831fd 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/opcode.hpp @@ -104,7 +104,7 @@ enum class OpCode : uint8_t { ECADD, MSM, // Conversions - TORADIXLE, + TORADIXBE, // Sentinel LAST_OPCODE_SENTINEL, diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.cpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.cpp index 4ab0662376d..cde323e5005 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.cpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.cpp @@ -3203,17 +3203,17 @@ void AvmTraceBuilder::op_variable_msm(uint8_t indirect, **************************************************************************************************/ /** - * @brief To_Radix_LE with direct or indirect memory access. + * @brief To_Radix_BE with direct or indirect memory access. * * @param indirect A byte encoding information about indirect/direct memory access. - * @param src_offset An index in memory pointing to the input of the To_Radix_LE conversion. - * @param dst_offset An index in memory pointing to the output of the To_Radix_LE conversion. + * @param src_offset An index in memory pointing to the input of the To_Radix_BE conversion. + * @param dst_offset An index in memory pointing to the output of the To_Radix_BE conversion. * @param radix_offset An index in memory pointing to the strict upper bound of each converted limb, i.e., 0 <= limb < * radix. * @param num_limbs The number of limbs to the value into. * @param output_bits Should the output be U1s instead of U8s? */ -void AvmTraceBuilder::op_to_radix_le(uint8_t indirect, +void AvmTraceBuilder::op_to_radix_be(uint8_t indirect, uint32_t src_offset, uint32_t dst_offset, uint32_t radix_offset, @@ -3249,12 +3249,12 @@ void AvmTraceBuilder::op_to_radix_le(uint8_t indirect, // Therefore, we do not create any entry in gadget table and we return a vector of 0. std::vector res = error ? std::vector(num_limbs, 0) - : conversion_trace_builder.op_to_radix_le(input, radix, num_limbs, output_bits, clk); + : conversion_trace_builder.op_to_radix_be(input, radix, num_limbs, output_bits, clk); // Constrain gas cost - gas_trace_builder.constrain_gas(clk, OpCode::TORADIXLE, num_limbs); + gas_trace_builder.constrain_gas(clk, OpCode::TORADIXBE, num_limbs); - // This is the row that contains the selector to trigger the sel_op_radix_le + // This is the row that contains the selector to trigger the sel_op_radix_be // In this row, we read the input value and the destination address into register A and B respectively main_trace.push_back(Row{ .main_clk = clk, @@ -3276,7 +3276,7 @@ void AvmTraceBuilder::op_to_radix_le(uint8_t indirect, .main_sel_mem_op_a = FF(1), // TODO:(8603): uncomment //.main_sel_mem_op_b = FF(1), - .main_sel_op_radix_le = FF(1), + .main_sel_op_radix_be = FF(1), .main_sel_resolve_ind_addr_a = FF(static_cast(read_src.is_indirect)), // TODO:(8603): uncomment //.main_sel_resolve_ind_addr_b = FF(static_cast(read_radix.is_indirect)), @@ -3487,7 +3487,7 @@ std::vector AvmTraceBuilder::finalize() for (size_t i = 0; i < conv_trace_size; i++) { auto const& src = conv_trace.at(i); auto& dest = main_trace.at(i); - dest.conversion_sel_to_radix_le = FF(static_cast(src.to_radix_le_sel)); + dest.conversion_sel_to_radix_be = FF(static_cast(src.to_radix_be_sel)); dest.conversion_clk = FF(src.conversion_clk); dest.conversion_input = src.input; dest.conversion_radix = FF(src.radix); diff --git a/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.hpp b/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.hpp index 59c4fb2e2c0..dd9bf07d13b 100644 --- a/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/avm/trace/trace.hpp @@ -158,7 +158,7 @@ class AvmTraceBuilder { uint32_t output_offset, uint32_t point_length_offset); // Conversions - void op_to_radix_le(uint8_t indirect, + void op_to_radix_be(uint8_t indirect, uint32_t src_offset, uint32_t dst_offset, uint32_t radix_offset, diff --git a/barretenberg/cpp/src/barretenberg/vm/aztec_constants.hpp b/barretenberg/cpp/src/barretenberg/vm/aztec_constants.hpp index 9e0746ab7c0..ebdfe490ce5 100644 --- a/barretenberg/cpp/src/barretenberg/vm/aztec_constants.hpp +++ b/barretenberg/cpp/src/barretenberg/vm/aztec_constants.hpp @@ -114,7 +114,7 @@ #define AVM_KECCAKF1600_BASE_L2_GAS 300 #define AVM_ECADD_BASE_L2_GAS 62 #define AVM_MSM_BASE_L2_GAS 1000 -#define AVM_TORADIXLE_BASE_L2_GAS 46 +#define AVM_TORADIXBE_BASE_L2_GAS 46 #define AVM_CALLDATACOPY_DYN_L2_GAS 6 #define AVM_EMITUNENCRYPTEDLOG_DYN_L2_GAS 146 #define AVM_CALL_DYN_L2_GAS 4 @@ -122,7 +122,7 @@ #define AVM_RETURN_DYN_L2_GAS 6 #define AVM_REVERT_DYN_L2_GAS 6 #define AVM_MSM_DYN_L2_GAS 100 -#define AVM_TORADIXLE_DYN_L2_GAS 20 +#define AVM_TORADIXBE_DYN_L2_GAS 20 #define AVM_SSTORE_BASE_DA_GAS 512 #define AVM_EMITNOTEHASH_BASE_DA_GAS 512 #define AVM_EMITNULLIFIER_BASE_DA_GAS 512 diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/constants.nr b/noir-projects/noir-protocol-circuits/crates/types/src/constants.nr index 7a6d5ed32df..9a0e8c3656d 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/constants.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/constants.nr @@ -666,7 +666,7 @@ global AVM_SHA256COMPRESSION_BASE_L2_GAS: u32 = 261; global AVM_KECCAKF1600_BASE_L2_GAS: u32 = 300; global AVM_ECADD_BASE_L2_GAS: u32 = 62; global AVM_MSM_BASE_L2_GAS: u32 = 1000; -global AVM_TORADIXLE_BASE_L2_GAS: u32 = 46; +global AVM_TORADIXBE_BASE_L2_GAS: u32 = 46; // Dynamic L2 GAS global AVM_CALLDATACOPY_DYN_L2_GAS: u32 = 6; @@ -677,7 +677,7 @@ global AVM_STATICCALL_DYN_L2_GAS: u32 = 4; global AVM_RETURN_DYN_L2_GAS: u32 = 6; global AVM_REVERT_DYN_L2_GAS: u32 = 6; global AVM_MSM_DYN_L2_GAS: u32 = 100; -global AVM_TORADIXLE_DYN_L2_GAS: u32 = 20; +global AVM_TORADIXBE_DYN_L2_GAS: u32 = 20; // Base DA Gas global AVM_SSTORE_BASE_DA_GAS: u32 = DA_BYTES_PER_FIELD * DA_GAS_PER_BYTE; diff --git a/noir/noir-repo/acvm-repo/brillig_vm/src/black_box.rs b/noir/noir-repo/acvm-repo/brillig_vm/src/black_box.rs index 04dd85d9324..0d90a4c8502 100644 --- a/noir/noir-repo/acvm-repo/brillig_vm/src/black_box.rs +++ b/noir/noir-repo/acvm-repo/brillig_vm/src/black_box.rs @@ -330,18 +330,18 @@ pub(crate) fn evaluate_black_box let mut input = BigUint::from_bytes_be(&input.to_be_bytes()); let radix = BigUint::from_bytes_be(&radix.to_be_bytes()); - let mut limbs: Vec> = Vec::with_capacity(output.size); + let mut limbs: Vec> = vec![MemoryValue::default(); output.size]; - for _ in 0..output.size { + for i in (0..output.size).rev() { let limb = &input % &radix; if *output_bits { - limbs.push(MemoryValue::new_integer( + limbs[i] = MemoryValue::new_integer( if limb.is_zero() { 0 } else { 1 }, IntegerBitSize::U1, - )); + ); } else { let limb: u8 = limb.try_into().unwrap(); - limbs.push(MemoryValue::new_integer(limb as u128, IntegerBitSize::U8)); + limbs[i] = MemoryValue::new_integer(limb as u128, IntegerBitSize::U8); }; input /= &radix; } diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs b/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs index f3b2f4a9152..42c0d62bacc 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_gen/brillig_block.rs @@ -569,7 +569,7 @@ impl<'block> BrilligBlock<'block> { source, target_array, radix, - matches!(endianness, Endian::Big), + matches!(endianness, Endian::Little), false, ); } @@ -594,7 +594,7 @@ impl<'block> BrilligBlock<'block> { source, target_array, two, - matches!(endianness, Endian::Big), + matches!(endianness, Endian::Little), true, ); diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_ir/codegen_intrinsic.rs b/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_ir/codegen_intrinsic.rs index 5f4781788f5..ba89823ef13 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_ir/codegen_intrinsic.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/brillig/brillig_ir/codegen_intrinsic.rs @@ -69,7 +69,7 @@ impl BrilligContext< source_field: SingleAddrVariable, target_array: BrilligArray, radix: SingleAddrVariable, - big_endian: bool, + little_endian: bool, output_bits: bool, // If true will generate bit limbs, if false will generate byte limbs ) { assert!(source_field.bit_size == F::max_num_bits()); @@ -79,6 +79,7 @@ impl BrilligContext< let heap_array = self.codegen_brillig_array_to_heap_array(target_array); + // Perform big-endian ToRadix self.black_box_op_instruction(BlackBoxOp::ToRadix { input: source_field.address, radix: radix.address, @@ -86,7 +87,7 @@ impl BrilligContext< output_bits, }); - if big_endian { + if little_endian { let items_len = self.make_usize_constant_instruction(target_array.size.into()); self.codegen_array_reverse(heap_array.pointer, items_len.address); self.deallocate_single_addr(items_len); diff --git a/yarn-project/circuits.js/src/constants.gen.ts b/yarn-project/circuits.js/src/constants.gen.ts index 7c7dde12b1c..a442e6d477e 100644 --- a/yarn-project/circuits.js/src/constants.gen.ts +++ b/yarn-project/circuits.js/src/constants.gen.ts @@ -302,7 +302,7 @@ export const AVM_SHA256COMPRESSION_BASE_L2_GAS = 261; export const AVM_KECCAKF1600_BASE_L2_GAS = 300; export const AVM_ECADD_BASE_L2_GAS = 62; export const AVM_MSM_BASE_L2_GAS = 1000; -export const AVM_TORADIXLE_BASE_L2_GAS = 46; +export const AVM_TORADIXBE_BASE_L2_GAS = 46; export const AVM_CALLDATACOPY_DYN_L2_GAS = 6; export const AVM_EMITUNENCRYPTEDLOG_DYN_L2_GAS = 146; export const AVM_CALL_DYN_L2_GAS = 4; @@ -310,7 +310,7 @@ export const AVM_STATICCALL_DYN_L2_GAS = 4; export const AVM_RETURN_DYN_L2_GAS = 6; export const AVM_REVERT_DYN_L2_GAS = 6; export const AVM_MSM_DYN_L2_GAS = 100; -export const AVM_TORADIXLE_DYN_L2_GAS = 20; +export const AVM_TORADIXBE_DYN_L2_GAS = 20; export const AVM_SSTORE_BASE_DA_GAS = 512; export const AVM_EMITNOTEHASH_BASE_DA_GAS = 512; export const AVM_EMITNULLIFIER_BASE_DA_GAS = 512; diff --git a/yarn-project/simulator/src/avm/avm_gas.ts b/yarn-project/simulator/src/avm/avm_gas.ts index e2e2c321386..88f1b27d706 100644 --- a/yarn-project/simulator/src/avm/avm_gas.ts +++ b/yarn-project/simulator/src/avm/avm_gas.ts @@ -122,7 +122,7 @@ const BASE_GAS_COSTS: Record = { [Opcode.KECCAKF1600]: makeCost(c.AVM_KECCAKF1600_BASE_L2_GAS, 0), [Opcode.ECADD]: makeCost(c.AVM_ECADD_BASE_L2_GAS, 0), [Opcode.MSM]: makeCost(c.AVM_MSM_BASE_L2_GAS, 0), - [Opcode.TORADIXLE]: makeCost(c.AVM_TORADIXLE_BASE_L2_GAS, 0), + [Opcode.TORADIXBE]: makeCost(c.AVM_TORADIXBE_BASE_L2_GAS, 0), }; const DYNAMIC_GAS_COSTS = new Map([ @@ -134,7 +134,7 @@ const DYNAMIC_GAS_COSTS = new Map([ [Opcode.REVERT_8, makeCost(c.AVM_REVERT_DYN_L2_GAS, 0)], [Opcode.REVERT_16, makeCost(c.AVM_REVERT_DYN_L2_GAS, 0)], [Opcode.MSM, makeCost(c.AVM_MSM_DYN_L2_GAS, 0)], - [Opcode.TORADIXLE, makeCost(c.AVM_TORADIXLE_DYN_L2_GAS, 0)], + [Opcode.TORADIXBE, makeCost(c.AVM_TORADIXBE_DYN_L2_GAS, 0)], ]); /** Returns the fixed base gas cost for a given opcode. */ diff --git a/yarn-project/simulator/src/avm/opcodes/conversion.test.ts b/yarn-project/simulator/src/avm/opcodes/conversion.test.ts index b211848780d..8db134f6d09 100644 --- a/yarn-project/simulator/src/avm/opcodes/conversion.test.ts +++ b/yarn-project/simulator/src/avm/opcodes/conversion.test.ts @@ -2,7 +2,7 @@ import { type AvmContext } from '../avm_context.js'; import { Field, type Uint1, type Uint8, Uint32 } from '../avm_memory_types.js'; import { initContext } from '../fixtures/index.js'; import { Addressing, AddressingMode } from './addressing_mode.js'; -import { ToRadixLE } from './conversion.js'; +import { ToRadixBE } from './conversion.js'; describe('Conversion Opcodes', () => { let context: AvmContext; @@ -11,10 +11,10 @@ describe('Conversion Opcodes', () => { context = initContext(); }); - describe('To Radix LE', () => { + describe('To Radix BE', () => { it('Should (de)serialize correctly', () => { const buf = Buffer.from([ - ToRadixLE.opcode, // opcode + ToRadixBE.opcode, // opcode 1, // indirect ...Buffer.from('1234', 'hex'), // inputStateOffset ...Buffer.from('2345', 'hex'), // outputStateOffset @@ -22,7 +22,7 @@ describe('Conversion Opcodes', () => { ...Buffer.from('0100', 'hex'), // numLimbs ...Buffer.from('01', 'hex'), // outputBits ]); - const inst = new ToRadixLE( + const inst = new ToRadixBE( /*indirect=*/ 1, /*srcOffset=*/ 0x1234, /*dstOffset=*/ 0x2345, @@ -31,7 +31,7 @@ describe('Conversion Opcodes', () => { /*outputBits=*/ 1, ); - expect(ToRadixLE.deserialize(buf)).toEqual(inst); + expect(ToRadixBE.deserialize(buf)).toEqual(inst); expect(inst.serialize()).toEqual(buf); }); @@ -47,13 +47,15 @@ describe('Conversion Opcodes', () => { context.machineState.memory.set(srcOffset, arg); context.machineState.memory.set(radixOffset, radix); - await new ToRadixLE(indirect, srcOffset, dstOffset, radixOffset, numLimbs, outputBits).execute(context); + await new ToRadixBE(indirect, srcOffset, dstOffset, radixOffset, numLimbs, outputBits).execute(context); const resultBuffer: Buffer = Buffer.concat( context.machineState.memory.getSliceAs(dstOffset, numLimbs).map(byte => byte.toBuffer()), ); - // The expected result is the first 10 bits of the input, reversed - const expectedResults = '1011101010100'.split('').reverse().slice(0, numLimbs).map(Number); + // The expected result is the first 10 bits of the input + // Reverse before slice because still only care about the first `numLimb` bytes. + // Then reverse back since we want big endian (as the original string is). + const expectedResults = '1011101010100'.split('').reverse().slice(0, numLimbs).reverse().map(Number); for (let i = 0; i < numLimbs; i++) { expect(resultBuffer.readUInt8(i)).toEqual(expectedResults[i]); } @@ -71,13 +73,15 @@ describe('Conversion Opcodes', () => { context.machineState.memory.set(srcOffset, arg); context.machineState.memory.set(radixOffset, radix); - await new ToRadixLE(indirect, srcOffset, dstOffset, radixOffset, numLimbs, outputBits).execute(context); + await new ToRadixBE(indirect, srcOffset, dstOffset, radixOffset, numLimbs, outputBits).execute(context); const resultBuffer: Buffer = Buffer.concat( context.machineState.memory.getSliceAs(dstOffset, numLimbs).map(byte => byte.toBuffer()), ); - // The expected result is the first 10 bits of the input, reversed - const expectedResults = '1011101010100'.split('').reverse().slice(0, numLimbs).map(Number); + // The expected result is the first 10 bits of the input + // Reverse before slice because still only care about the first `numLimb` bytes. + // Then reverse back since we want big endian (as the original string is). + const expectedResults = '1011101010100'.split('').reverse().slice(0, numLimbs).reverse().map(Number); for (let i = 0; i < numLimbs; i++) { expect(resultBuffer.readUInt8(i)).toEqual(expectedResults[i]); } @@ -106,20 +110,20 @@ describe('Conversion Opcodes', () => { const numLimbs = 32; // 256-bit decomposition const outputBits = 0; // false, output as bytes - await new ToRadixLE(indirect, srcOffset, dstOffset, radixOffset, numLimbs, outputBits).execute(context); + await new ToRadixBE(indirect, srcOffset, dstOffset, radixOffset, numLimbs, outputBits).execute(context); const resultBuffer: Buffer = Buffer.concat( context.machineState.memory.getSliceAs(dstOffsetReal, numLimbs).map(byte => byte.toBuffer()), ); - // The expected result is the input (padded to 256 bits),and reversed + // The expected result is the input (padded to 256 bits) const expectedResults = '1234567890abcdef' .padStart(64, '0') .split('') - .reverse() .map(a => parseInt(a, 16)); // Checking the value in each byte of the buffer is correct for (let i = 0; i < numLimbs; i++) { - expect(resultBuffer.readUInt8(i)).toEqual(expectedResults[2 * i] + expectedResults[2 * i + 1] * 16); + // Compute the expected byte's numerical value from its two hex digits + expect(resultBuffer.readUInt8(i)).toEqual(expectedResults[2 * i] * 16 + expectedResults[2 * i + 1]); } }); }); diff --git a/yarn-project/simulator/src/avm/opcodes/conversion.ts b/yarn-project/simulator/src/avm/opcodes/conversion.ts index a9713f96566..38156debcc0 100644 --- a/yarn-project/simulator/src/avm/opcodes/conversion.ts +++ b/yarn-project/simulator/src/avm/opcodes/conversion.ts @@ -5,9 +5,9 @@ import { Opcode, OperandType } from '../serialization/instruction_serialization. import { Addressing } from './addressing_mode.js'; import { Instruction } from './instruction.js'; -export class ToRadixLE extends Instruction { +export class ToRadixBE extends Instruction { static type: string = 'TORADIXLE'; - static readonly opcode: Opcode = Opcode.TORADIXLE; + static readonly opcode: Opcode = Opcode.TORADIXBE; // Informs (de)serialization. See Instruction.deserialize. static readonly wireFormat: OperandType[] = [ @@ -44,15 +44,18 @@ export class ToRadixLE extends Instruction { let value: bigint = memory.get(srcOffset).toBigInt(); const radix: bigint = memory.get(radixOffset).toBigInt(); + if (this.numLimbs < 1) { + throw new InstructionExecutionError(`ToRadixBE instruction's numLimbs should be > 0 (was ${this.numLimbs})`); + } if (radix > 256) { - throw new InstructionExecutionError(`ToRadixLE instruction's radix should be <= 256 (was ${radix})`); + throw new InstructionExecutionError(`ToRadixBE instruction's radix should be <= 256 (was ${radix})`); } const radixBN: bigint = BigInt(radix); - const limbArray = []; + const limbArray = new Array(this.numLimbs); - for (let i = 0; i < this.numLimbs; i++) { + for (let i = this.numLimbs - 1; i >= 0; i--) { const limb = value % radixBN; - limbArray.push(limb); + limbArray[i] = limb; value /= radixBN; } diff --git a/yarn-project/simulator/src/avm/serialization/bytecode_serialization.ts b/yarn-project/simulator/src/avm/serialization/bytecode_serialization.ts index b60c1f0fec8..8eabfedac2b 100644 --- a/yarn-project/simulator/src/avm/serialization/bytecode_serialization.ts +++ b/yarn-project/simulator/src/avm/serialization/bytecode_serialization.ts @@ -41,7 +41,7 @@ import { Shr, StaticCall, Sub, - ToRadixLE, + ToRadixBE, Xor, } from '../opcodes/index.js'; import { MultiScalarMul } from '../opcodes/multi_scalar_mul.js'; @@ -141,7 +141,7 @@ const INSTRUCTION_SET = () => [Sha256Compression.opcode, Instruction.deserialize.bind(Sha256Compression)], [MultiScalarMul.opcode, Instruction.deserialize.bind(MultiScalarMul)], // Conversions - [ToRadixLE.opcode, Instruction.deserialize.bind(ToRadixLE)], + [ToRadixBE.opcode, Instruction.deserialize.bind(ToRadixBE)], // Future Gadgets -- pending changes in noir // SHA256COMPRESSION, [KeccakF1600.opcode, Instruction.deserialize.bind(KeccakF1600)], diff --git a/yarn-project/simulator/src/avm/serialization/instruction_serialization.ts b/yarn-project/simulator/src/avm/serialization/instruction_serialization.ts index c679b8939a0..10edd3794a1 100644 --- a/yarn-project/simulator/src/avm/serialization/instruction_serialization.ts +++ b/yarn-project/simulator/src/avm/serialization/instruction_serialization.ts @@ -81,7 +81,7 @@ export enum Opcode { ECADD, MSM, // Conversion - TORADIXLE, + TORADIXBE, } // Possible types for an instruction's operand in its wire format. (Keep in sync with CPP code.