Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
duyuefeng0708
GitHub Repository: duyuefeng0708/Cryptography-From-First-Principle
 Path: blob/main/frontier/10-snarks-starks/rust/src/lib.rs
483 views
unlisted
1
//! # Module 10: SNARKs and STARKs — Exercises

2
//!

3
//! ## Progression

4
//! 1. `evaluate_circuit`  — signature + doc

5
//! 2. `circuit_to_r1cs`   — signature + doc

6
//! 3. `check_r1cs_witness` — signature + doc

7
//! 4. `fri_fold`          — signature only

8


9
/// A gate in an arithmetic circuit.

10
#[derive(Debug, Clone)]

11
pub enum Gate {

12
    /// Addition gate: output = left + right

13
    Add(usize, usize),

14
    /// Multiplication gate: output = left * right

15
    Mul(usize, usize),

16
    /// Constant gate: output = value

17
    Const(i64),

18
}

19


20
/// Evaluate an arithmetic circuit on given inputs.

21
///

22
/// `gates` defines the circuit. The first `num_inputs` wires are input wires.

23
/// Each subsequent gate takes wire indices as inputs and produces one output wire.

24
///

25
/// Returns the value of all wires (inputs + intermediate + output).

26
pub fn evaluate_circuit(gates: &[Gate], inputs: &[i64], modulus: i64) -> Vec<i64> {

27
    todo!("Evaluate each gate, building up wire values")

28
}

29


30
/// Convert a circuit to R1CS form: A * witness . B * witness = C * witness.

31
///

32
/// Returns matrices (A, B, C) where each row corresponds to a constraint

33
/// and the witness vector is [1, inputs..., intermediates..., output].

34
///

35
/// Each matrix is Vec<Vec<i64>> (rows × witness_size).

36
#[allow(clippy::type_complexity)]

37
pub fn circuit_to_r1cs(

38
    gates: &[Gate],

39
    num_inputs: usize,

40
) -> (Vec<Vec<i64>>, Vec<Vec<i64>>, Vec<Vec<i64>>) {

41
    todo!("Flatten circuit into R1CS matrices")

42
}

43


44
/// Check whether a witness satisfies an R1CS instance.

45
///

46
/// For each row i: (A[i] · w) * (B[i] · w) == C[i] · w  (mod modulus)

47
pub fn check_r1cs_witness(

48
    a: &[Vec<i64>],

49
    b: &[Vec<i64>],

50
    c: &[Vec<i64>],

51
    witness: &[i64],

52
    modulus: i64,

53
) -> bool {

54
    todo!("Verify (A·w) * (B·w) = (C·w) for each constraint")

55
}

56


57
/// One round of FRI folding: reduce polynomial degree by half.

58
///

59
/// Given evaluations of a polynomial p(x) at points {ω^i},

60
/// fold using challenge α:

61
///   p_new(x²) = (p(x) + p(-x))/2 + α * (p(x) - p(-x))/(2x)

62
///

63
/// Returns the folded evaluations (half the length).

64
pub fn fri_fold(evaluations: &[i64], challenge: i64, modulus: i64) -> Vec<i64> {

65
    todo!("FRI folding step: halve the polynomial degree")

66
}

67


68
#[cfg(test)]

69
mod tests {

70
    use super::*;

71


72
    #[test]

73
    #[ignore]

74
    fn test_evaluate_circuit() {

75
        // Circuit: c = a * b + a

76
        // Wire 0: a (input), Wire 1: b (input)

77
        // Wire 2: a * b, Wire 3: (a*b) + a

78
        let gates = vec![Gate::Mul(0, 1), Gate::Add(2, 0)];

79
        let wires = evaluate_circuit(&gates, &[3, 5], 97);

80
        assert_eq!(wires[2], 15); // 3 * 5

81
        assert_eq!(wires[3], 18); // 15 + 3

82
    }

83


84
    #[test]

85
    #[ignore]

86
    fn test_check_r1cs_witness() {

87
        // Simple constraint: a * b = c

88
        let a = vec![vec![0, 1, 0, 0]]; // selects wire 1

89
        let b = vec![vec![0, 0, 1, 0]]; // selects wire 2

90
        let c = vec![vec![0, 0, 0, 1]]; // selects wire 3

91
        let witness = vec![1, 3, 5, 15]; // [1, a, b, c]

92
        assert!(check_r1cs_witness(&a, &b, &c, &witness, 97));

93
    }

94
}

95


96