Merge pull request #1 from worldcoin/dcbuild3r/log-point-error

fix: integer overflow error

deserialize/deserializer_test.go

@@ -10,7 +10,6 @@ import (
 	"github.com/consensys/gnark/frontend/cs/r1cs"
 
 	"github.com/stretchr/testify/require"
-	"github.com/worldcoin/semaphore-mtb-setup/phase2"
 )
 
 type TestCircuit struct {
@@ -123,20 +122,6 @@ func TestDeserializePtauConvertPhase1(t *testing.T) {
 	}
 }
 
-func TestInitializePhase2(t *testing.T) {
-	assert := require.New(t)
-
-	ph1FilePath := "08.ph1"
-	phase2FilePath := "08.ph2"
-
-	err := phase2.Initialize(ph1FilePath, r1csFilePath, phase2FilePath)
-
-	if err != nil {
-		assert.NoError(err)
-	}
-
-}
-
 ///////////////////////////////////////////////////////////////////
 ///                             ZKEY                            ///
 ///////////////////////////////////////////////////////////////////

deserialize/phase1.go

@@ -30,6 +30,7 @@ func ConvertPtauToPhase1(ptau Ptau) (phase1 Phase1, err error) {
 		// fmt.Printf("Y: %v \n", g1Affine.Y.String())
 		// fmt.Printf("g1Affine: %v \n", g1Affine)
 		if !g1Affine.IsOnCurve() {
+			fmt.Printf("tauG1: \n index: %v g1Affine.X: %v \n g1Affine.Y: %v \n", i, g1Affine.X.String(), g1Affine.Y.String())
 			panic("g1Affine is not on curve")
 		}
 		tauG1[i] = g1Affine
@@ -43,6 +44,7 @@ func ConvertPtauToPhase1(ptau Ptau) (phase1 Phase1, err error) {
 		y := bytesToElement(g1[1].Bytes())
 		g1Affine.Y = y
 		if !g1Affine.IsOnCurve() {
+			fmt.Printf("alphaTauG1: \n index: %v g1Affine.X: %v \n g1Affine.Y: %v \n", i, g1Affine.X.String(), g1Affine.Y.String())
 			panic("g1Affine is not on curve")
 		}
 		alphaTauG1[i] = g1Affine
@@ -58,6 +60,7 @@ func ConvertPtauToPhase1(ptau Ptau) (phase1 Phase1, err error) {
 		y := bytesToElement(g1[1].Bytes())
 		g1Affine.Y = y
 		if !g1Affine.IsOnCurve() {
+			fmt.Printf("betaTauG1: \n index: %v, g1Affine.X: %v \n g1Affine.Y: %v \n", i, g1Affine.X.String(), g1Affine.Y.String())
 			panic("g1Affine is not on curve")
 		}
 		betaTauG1[i] = g1Affine
@@ -82,6 +85,7 @@ func ConvertPtauToPhase1(ptau Ptau) (phase1 Phase1, err error) {
 		// fmt.Printf("Y: %v \n", g2Affine.Y.String())
 		// fmt.Printf("g2Affine %v: %v \n", i, g2Affine)
 		if !g2Affine.IsOnCurve() {
+			fmt.Printf("tauG2: \n index: %v, g2Affine.X.A0: %v \n g2Affine.X.A1: %v \n g2Affine.Y.A0: %v \n g2Affine.Y.A1 %v \n", i, g2Affine.X.A0.String(), g2Affine.X.A1.String(), g2Affine.Y.A0.String(), g2Affine.Y.A1.String())
 			panic("g2Affine is not on curve")
 		}
 		tauG2[i] = g2Affine
@@ -103,6 +107,7 @@ func ConvertPtauToPhase1(ptau Ptau) (phase1 Phase1, err error) {
 		betaG2.Y.A1 = y1
 
 		if !betaG2.IsOnCurve() {
+			fmt.Printf("g2Affine.X.A0: %v \n g2Affine.X.A1: %v \n g2Affine.Y.A0: %v \n g2Affine.Y.A1 %v \n", betaG2.X.A0.String(), betaG2.X.String(), betaG2.Y.A0.String(), betaG2.Y.A1.String())
 			panic("g2Affine is not on curve")
 		}
 	}
@@ -112,6 +117,85 @@ func ConvertPtauToPhase1(ptau Ptau) (phase1 Phase1, err error) {
 	return Phase1{tauG1: tauG1, tauG2: tauG2, alphaTauG1: alphaTauG1, betaTauG1: betaTauG1, betaG2: betaG2}, nil
 }
 
+func WritePhase1FromPtauFile(ptauFile *PtauFile, outputPath string) error {
+	outputFile, err := os.Create(outputPath)
+	if err != nil {
+		return err
+	}
+	defer outputFile.Close()
+
+	var header Header
+
+	writer := bufio.NewWriter(outputFile)
+	defer writer.Flush()
+
+	N := ptauFile.DomainSize()
+
+	fmt.Printf("Power %d supports up to %d constraints\n", ptauFile.Header.Power, N)
+
+	header.Power = byte(ptauFile.Header.Power)
+
+	// can be extracted from ptau.Contributions (7) but hardcoding for now
+	// ptau link: https://github.com/iden3/snarkjs/tree/master#7-prepare-phase-2
+	header.Contributions = 54
+
+	// Write the header
+	err = header.writeTo(outputFile)
+	if err != nil {
+		return err
+	}
+
+	// BN254 encoder using compressed representation of points to save storage space
+	enc := bn254.NewEncoder(writer)
+	fmt.Println("1. Writing TauG1")
+	tauG1 := make(chan curve.G1Affine, 10000)
+	go ptauFile.ReadTauG1(tauG1)
+	for point := range tauG1 {
+		if err := enc.Encode(&point); err != nil {
+			return err
+		}
+	}
+
+	// Write α[τ⁰]₁, α[τ¹]₁, α[τ²]₁, …, α[τᴺ⁻¹]₁
+	fmt.Println("2. Writing AlphaTauG1")
+	alphaTauG1 := make(chan curve.G1Affine, 10000)
+	go ptauFile.ReadAlphaTauG1(alphaTauG1)
+	for point := range alphaTauG1 {
+		if err := enc.Encode(&point); err != nil {
+			return err
+		}
+	}
+
+	// Write β[τ⁰]₁, β[τ¹]₁, β[τ²]₁, …, β[τᴺ⁻¹]₁
+	fmt.Println("3. Writing BetaTauG1")
+	betaTauG1 := make(chan curve.G1Affine, 10000)
+	go ptauFile.ReadBetaTauG1(betaTauG1)
+	for point := range betaTauG1 {
+		if err := enc.Encode(&point); err != nil {
+			return err
+		}
+	}
+
+	// Write {[τ⁰]₂, [τ¹]₂, [τ²]₂, …, [τᴺ⁻¹]₂}
+	fmt.Println("4. Writing TauG2")
+	tauG2 := make(chan curve.G2Affine, 10000)
+	go ptauFile.ReadTauG2(tauG2)
+	for point := range tauG2 {
+		if err := enc.Encode(&point); err != nil {
+			return err
+		}
+	}
+
+	// Write [β]₂
+	fmt.Println("5. Writing BetaG2")
+	betaG2, err := ptauFile.ReadBetaG2()
+	if err != nil {
+		return err
+	}
+	enc.Encode(&betaG2)
+	return nil
+}
+
 func WritePhase1(phase1 Phase1, power byte, outputPath string) error {
 	// output outputFile
 	outputFile, err := os.Create(outputPath)

deserialize/ptau.go

@@ -5,6 +5,8 @@ import (
 	"io"
 	"math/big"
 	"os"
+
+	"github.com/consensys/gnark-crypto/ecc/bn254"
 )
 
 ///////////////////////////////////////////////////////////////////
@@ -87,6 +89,170 @@ type PtauPubKey struct {
 	BetaG2     G2
 }
 
+type PtauFile struct {
+	Header   PtauHeader
+	Sections [][]SectionSegment
+	Reader   *os.File
+}
+
+func InitPtau(path string) (*PtauFile, error) {
+	reader, err := os.Open(path)
+
+	if err != nil {
+		return nil, err
+	}
+
+	var ptauStr = make([]byte, 4)
+	_, err = reader.Read(ptauStr)
+
+	fmt.Printf("zkeyStr: %s \n", string(ptauStr))
+
+	// version
+	_, err = readULE32(reader)
+
+	// number of sections
+	_, err = readULE32(reader)
+
+	numSections := uint32(7)
+	fmt.Printf("num sections: %v \n", numSections)
+
+	// in practice, all sections have only one segment, but who knows...
+	// 1-based indexing, so we need to allocate one more than the number of sections
+	sections := make([][]SectionSegment, numSections+1)
+	for i := uint32(0); i < numSections; i++ {
+		ht, _ := readULE32(reader)
+		hl, _ := readULE64(reader)
+		fmt.Printf("ht: %v \n", ht)
+		fmt.Printf("hl: %v \n", hl)
+		if sections[ht] == nil {
+			sections[ht] = make([]SectionSegment, 0)
+		}
+		pos, _ := reader.Seek(0, io.SeekCurrent)
+		sections[ht] = append(sections[ht], SectionSegment{pos: uint64(pos), size: hl})
+		reader.Seek(int64(hl), io.SeekCurrent)
+	}
+
+	fmt.Printf("sections: %v \n", sections)
+
+	// section size
+	_, err = readBigInt(reader, 8)
+
+	// Header (1)
+	seekToUniqueSection(reader, sections, 1)
+
+	// Read header
+	header, err := readPtauHeader(reader)
+
+	if err != nil {
+		return nil, err
+	}
+
+	return &PtauFile{Header: header, Sections: sections, Reader: reader}, nil
+}
+
+func (ptauFile *PtauFile) Close() error {
+	return ptauFile.Reader.Close()
+}
+
+func (ptauFile *PtauFile) DomainSize() int {
+	return 1 << ptauFile.Header.Power
+}
+
+func (ptauFile *PtauFile) readG1s(out chan bn254.G1Affine, count int) error {
+	for i := 0; i < count; i++ {
+		g1, err := readG1(ptauFile.Reader)
+		if err != nil {
+			return err
+		}
+		g1Affine := bn254.G1Affine{}
+		x := bytesToElement(g1[0].Bytes())
+		g1Affine.X = x
+		y := bytesToElement(g1[1].Bytes())
+		g1Affine.Y = y
+		if !g1Affine.IsOnCurve() {
+			fmt.Printf("readG1s: \n index: %v g1Affine.X: %v \n g1Affine.Y: %v \n", i, g1Affine.X.String(), g1Affine.Y.String())
+			panic("g1Affine is not on curve")
+		}
+		out <- g1Affine
+	}
+	return nil
+}
+
+func (ptauFile *PtauFile) readG2() (bn254.G2Affine, error) {
+	g2, err := readG2(ptauFile.Reader)
+	if err != nil {
+		return bn254.G2Affine{}, err
+	}
+	g2Affine := bn254.G2Affine{}
+	x0 := bytesToElement(g2[0].Bytes())
+	x1 := bytesToElement(g2[1].Bytes())
+	g2Affine.X.A0 = x0
+	g2Affine.X.A1 = x1
+	y0 := bytesToElement(g2[2].Bytes())
+	y1 := bytesToElement(g2[3].Bytes())
+	g2Affine.Y.A0 = y0
+	g2Affine.Y.A1 = y1
+	if !g2Affine.IsOnCurve() {
+
+		fmt.Printf("readG2s: \n, g2Affine.X.A0: %v \n g2Affine.X.A1: %v \n g2Affine.Y.A0: %v \n g2Affine.Y.A1 %v \n", g2Affine.X.A0.String(), g2Affine.X.A1.String(), g2Affine.Y.A0.String(), g2Affine.Y.A1.String())
+		panic("g2Affine is not on curve")
+	}
+	return g2Affine, nil
+}
+
+func (ptauFile *PtauFile) readG2s(out chan bn254.G2Affine, count int) error {
+	for i := 0; i < count; i++ {
+		g2Affine, err := ptauFile.readG2()
+		if err != nil {
+			return err
+		}
+		out <- g2Affine
+	}
+	return nil
+}
+
+func (ptauFile *PtauFile) ReadTauG1(out chan bn254.G1Affine) error {
+	defer close(out)
+	seekToUniqueSection(ptauFile.Reader, ptauFile.Sections, 2)
+	numPoints := ptauFile.DomainSize()*2 - 1
+	fmt.Printf("tauG1 numPoints: %v \n", numPoints)
+	ptauFile.readG1s(out, numPoints)
+	return nil
+}
+
+func (ptauFile *PtauFile) ReadTauG2(out chan bn254.G2Affine) error {
+	defer close(out)
+	seekToUniqueSection(ptauFile.Reader, ptauFile.Sections, 3)
+	numPoints := ptauFile.DomainSize()
+	fmt.Printf("tauG2 numPoints: %v \n", numPoints)
+	ptauFile.readG2s(out, numPoints)
+	return nil
+}
+
+func (ptauFile *PtauFile) ReadAlphaTauG1(out chan bn254.G1Affine) error {
+	defer close(out)
+	seekToUniqueSection(ptauFile.Reader, ptauFile.Sections, 4)
+	numPoints := ptauFile.DomainSize()
+	fmt.Printf("alphaTauG1 numPoints: %v \n", numPoints)
+	ptauFile.readG1s(out, numPoints)
+	return nil
+}
+
+func (ptauFile *PtauFile) ReadBetaTauG1(out chan bn254.G1Affine) error {
+	defer close(out)
+	seekToUniqueSection(ptauFile.Reader, ptauFile.Sections, 5)
+	numPoints := ptauFile.DomainSize()
+	fmt.Printf("betaTauG1 numPoints: %v \n", numPoints)
+	ptauFile.readG1s(out, numPoints)
+	return nil
+}
+
+func (ptauFile *PtauFile) ReadBetaG2() (bn254.G2Affine, error) {
+	fmt.Printf("betaG2: \n")
+	seekToUniqueSection(ptauFile.Reader, ptauFile.Sections, 6)
+	return ptauFile.readG2()
+}
+
 func ReadPtau(zkeyPath string) (Ptau, error) {
 	reader, err := os.Open(zkeyPath)
 
@@ -122,7 +288,7 @@ func ReadPtau(zkeyPath string) (Ptau, error) {
 			sections[ht] = make([]SectionSegment, 0)
 		}
 		pos, _ := reader.Seek(0, io.SeekCurrent)
-		sections[ht] = append(sections[ht], SectionSegment{pos: uint32(pos), size: hl})
+		sections[ht] = append(sections[ht], SectionSegment{pos: uint64(pos), size: hl})
 		reader.Seek(int64(hl), io.SeekCurrent)
 	}
 
@@ -147,6 +313,9 @@ func ReadPtau(zkeyPath string) (Ptau, error) {
 	var PtauPubKey PtauPubKey
 
 	twoToPower := uint32(1 << header.Power)
+
+	fmt.Printf("tauG1: \n")
+
 	PtauPubKey.TauG1, err = readG1Array(reader, twoToPower*2-1)
 
 	if err != nil {
@@ -156,6 +325,8 @@ func ReadPtau(zkeyPath string) (Ptau, error) {
 	// TauG2 (3)
 	seekToUniqueSection(reader, sections, 3)
 
+	fmt.Printf("tauG2: \n")
+
 	PtauPubKey.TauG2, err = readG2Array(reader, twoToPower)
 
 	if err != nil {
@@ -165,6 +336,8 @@ func ReadPtau(zkeyPath string) (Ptau, error) {
 	// AlphaTauG1 (4)
 	seekToUniqueSection(reader, sections, 4)
 
+	fmt.Printf("alphaTauG1: \n")
+
 	PtauPubKey.AlphaTauG1, err = readG1Array(reader, twoToPower)
 
 	if err != nil {
@@ -174,6 +347,8 @@ func ReadPtau(zkeyPath string) (Ptau, error) {
 	// BetaTauG1 (5)
 	seekToUniqueSection(reader, sections, 5)
 
+	fmt.Printf("betaTauG1: \n")
+
 	PtauPubKey.BetaTauG1, err = readG1Array(reader, twoToPower)
 
 	if err != nil {
@@ -183,6 +358,8 @@ func ReadPtau(zkeyPath string) (Ptau, error) {
 	// BetaG2 (6)
 	seekToUniqueSection(reader, sections, 6)
 
+	fmt.Printf("betaG2: \n")
+
 	PtauPubKey.BetaG2, err = readG2(reader)
 
 	if err != nil {