Releases: Consensys/gnark
Releases · Consensys/gnark
v0.6.3
[v0.6.3] - 2022-02-13
Feat
- MiMC changes: api doesn't take a "seed" parameter. MiMC impl matches Ethereum one.
Fix
- fixes #255 variable visibility inheritance regression
- counter was set with PLONK backend ID in R1CS
- R1CS Solver was incorrectly calling a "MulByCoeff" instead of "DivByCoeff" (no impact, coeff was always 1 or -1)
- SparseR1CS cbor unmarshal failed #247 for compiled.Term
Pull Requests
v0.6.2
[v0.6.2] - 2022-01-28
Build
- go version dependency bumped from 1.16 to 1.17
Feat
- added witness.MarshalJSON and witness.MarshalBinary
- added
ccs.GetSchema()
- the schema of a circuit is required for witness json (de)serialization - added
ccs.GetConstraints()
- returns a list of human-readable constraints - added
ccs.IsSolved()
- moved from groth16 / plonk to the CompiledConstraintSystem interface - added
witness.Public()
to return Public part of the witness - addition of
Cmp
in the circuit API
Refactor
- compiled.Visbility -> schema.Visibiility
- witness.WriteSequence -> schema.WriteSequence
- killed
ReadAndProve
andReadAndVerify
(plonk) - killed
ReadAndProve
andReadAndVerify
(groth16) - remove embbed struct tag for frontend.Variable fields
Docs
- backend: unify documentation for options
- frontend: unify docs for options
- test: unify documentation for options
Pull Requests
- Merge pull request #244 from ConsenSys/plonk-human-readable
- Merge pull request #237 from ConsenSys/ccs-get-constraints
- Merge pull request #233 from ConsenSys/feat/api_cmp
- Merge pull request #235 from ConsenSys/witness-public-api
- Merge pull request #232 from ConsenSys/cleanup-231-group-options
- Merge pull request #230 from ConsenSys/ccs-schema
- Merge pull request #229 from ConsenSys/ccs-issolved-api
- Merge pull request #228 from ConsenSys/witness-json
- Merge pull request #226 from ConsenSys/feat-circuit-schema
- Merge pull request #227 from ConsenSys/build-update-go1.17
- Merge pull request #222 from ConsenSys/perf/std-sw-glv
v0.6.0
[v0.6.0] - 2022-01-03
Important: next release (v0.7.0) will be compatible with Go1.18+ only
Breaking changes
circuit.Define(curveID, api)
->circuit.Define(api)
; addedapi.Curve()
to retrieve curve infoapi.Constant(...)
was removed. Can now directy assign values with=
operator in the circuit definition and the witness assignment.frontend.Variable
is now an alias forinterface{}
- assert helper is now under
gnark/test
. Instead of taking aCompiledConstraintSystem
it takes aCircuit
as input, enabling easier tests accross curves and proving schemes through the use oftest/TestingOption
(WithBackends(backend.GROTH16)
,WithCurves(ecc.BN254)
, ...) api.NewHint
handles multiple outputs and custom solverHint
definition has changed
Feat
- added explicit warning when parser encounters unadressable struct field #169
FromInterface
supports uintXX and intXX types closes #197- lighter stack trace by default for circuits, more verbose when
-tags=debug
provided - added
api.Tag
andapi.AddCounter
to measure number of constraints in portion of circuit api.DivUnchecked
does not handle zero divisor.api.Div
does.- added
frontend.IsConstant
andConstantValue
apis - add support for bw6-633 curve
- added
api.Lookup2
method (2-bit lookup) - frontend: plonk frontend directly implements the
frontend.API
interface instead of building on top of theR1CS
builder - std: fields and pairing over BLS24-315 in BW6-633 circuit
- test: add
Run
for running circuit test configurations as subtests - test: add
Log
method for logging in subtests - test: assert helper cross check constraint system solver results with
big.Int
test execution engine
Perf
- std: verifying a Pairing (bls12-377, Groth16) inside a circuit went from ~40k constraints to less than <12k constraints
Fix
- fixes #169 ensure frontend.Circuit methods are defined on pointer receiver
- fixes #178 by adding cbor.MaxMapPairs options when reading R1CS
- fixed
AssertIsBoolean
in plonk (mul by constant failed) - fixes #168 adds context to a non-deterministic compilation error in the Assert object
- frontend: reduce constant by modulus
- frontend: plonk compiler now outputs a reasonable number of constraints #186
Build
- updated to gnark-crypto v0.6.0
Pull Requests
- Merge pull request #192 from ConsenSys/multi-hint
- Merge pull request #220 from ConsenSys/feat-from-interface
- Merge pull request #217 from ConsenSys/fix-internal-compiled
- Merge pull request #191 from ConsenSys/assert-subtests
- Merge pull request #200 from ConsenSys/refactor/frontend
- Merge pull request #205 from ConsenSys/fix/constant-mod-reduction
- Merge pull request #186 from ConsenSys/fix/plonk_constraints
- Merge pull request #185 from ConsenSys/feat/bw6-633
- Merge pull request #189 from ConsenSys/lookup2
- Merge pull request #183 from ivokub/hint-registry
- Merge pull request #182 from ConsenSys/std/pairing
- Merge pull request #176 from ConsenSys/feat-constraint-counter
- Merge pull request #180 from ConsenSys/refactor-variable-interface
- Merge pull request #173 from ConsenSys/feat-debug-tag
v0.5.2
[v0.5.2] - 2021-11-03
Breaking changes
- circuit
Define(... cs *frontend.ConstraintSystem)
now takes an interfaceDefine( ... api frontend.API)
- assert helper is now under
backend/
(instead ofbackend/groth16
andbackend/plonk
)
Build
- updated to gnark-crypto v0.5.3
Feat
- added
api.DivUnchecked
andapi.Div
.DivUnchecked
will accept 0 / 0 == 0 as valid. api.Sub
takes a variadic list of input (same asapi.Add
)- plonk: kzg test srs is cached up to a certain size for faster tests
- removed hardcoded bit size in ToBinary, which now depends by default on
fr.Element
bit size - api.ToBinary: constraint unsatisfied now has debugInfo
- unset variables: error message comes with a stack trace
- added bandersnatch circuit component under
std/
frontend.Compile
now check that all secret and public inputs are constrained. Check can be ignore through compile option (frontend.IgnoreUnconstrainedInputs
)- added UnsafeReadFrom for groth16 Proving and Verifying keys, which doesn't perform subgroup checks on the decoded points
Fix
- incorrect formula in api.Select when parameters are constant
- plonk: reduce duplicate constraint when splitting r1c in the frontend
- plonk: build permutation index out of bounds
Tests
- added a
test/
package with a test execution engine cross checking constraint system withbig.Int
arithmetic - bases for
Fuzzing
witness and cross checking constraint system output with test execution engine
Perf
api.AssertIsLessOrEqual
: reduced redundant constraints in range check- std/groth16: ml with short addition chain (13245cs -> 12297, marginal gain)
Refactor
- all circuits use frontend.API in place of *frontend.ConstraintSystem
- use ecc.Info() where possible to get modulus or field size
Pull Requests
- Merge pull request #159 from ConsenSys/std/bandersnatch
- Merge pull request #164 from ConsenSys/perf-scs-compile
- Merge pull request #161 from ConsenSys/test-engine-with-hints
- Merge pull request #162 from ConsenSys/std/pairing
- Merge pull request #160 from ConsenSys/perf-unsafe-decoding
- Merge pull request #156 from ConsenSys/std/twistedEdwards
- Merge pull request #151 from ConsenSys/testable-circuits
- Merge pull request #153 from ConsenSys/fix/plonk_constraints_blowup
- Merge pull request #146 from ConsenSys/feat/ml-snark-pairing
- Merge pull request #148 from ConsenSys/perf-range-check
v0.5.1
[v0.5.1] - 2021-09-20
Build
- updated to gnark-crypto@v0.5.1
Feat
- adds solver hints
cs.NewHint
#139 - adds
cs.AssertIsDifferent
#131 - consistent support of
cs.Println
anddebugInfo
#142 - adds sanity check in
frontend.Compile
to ensure constraint validity - adds
witness.WriteSequence
to export expected witness sequence - adds sanity checks in R1CS and SparseR1CS solvers
- adds ToHTML on SparseR1CS and R1CS
- add witness reconstruction methods. closes #135
Perf
- IsZero is now implemented with 3 constraints #134
- Groth16 maximize number of infinity points in G2 part of the ProvingKey #130
Fix
- can constraint linear expressions to be boolean fixes #136
- eddsa: addition of isOnCurve check
- eddsa: S not splitted (s<r) + 2,3 Double instead of [cofactor]G
Refactor
groth16.Prove
andplonk.Prove
takesbackend.ProverOption
as parameter- factorized structs between
compiled.SparseR1CS
andcompiled.R1CS
- assertions -> constraints in
R1CS
andSparseR1CS
- removed
r1c.SolvingMethod
in favor ofcs.NewHint
cs.IsZero
doesn't need curveID anymore
Test
- ensure
frontend.Compile
is deterministic - added non regression for
cs.Println
anddebugInfo
traces - added circuit statistic non regression tests
- added plonk path to
integration_test.go
- added test from #136