Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Circuit monad] Proper soundness using env function #31

Merged
merged 14 commits into from
Dec 17, 2024
Merged

[Circuit monad] Proper soundness using env function #31

merged 14 commits into from
Dec 17, 2024

Conversation

mitschabaude
Copy link
Collaborator

@mitschabaude mitschabaude commented Dec 16, 2024
edited
Loading

  • remove the possibility of passing in witness value inputs when running a circuit, and instead use the more general and sound notion that the prover can use any env: Nat -> F to determine assignment of values to variables
  • modify SubCircuit structure to a form which I think will stand the test of time
  • prove a larger part of the underlying justification for replacing subcircuits with their specs
    • reduce the theorem that allows us to use a FormalCircuit as a SubCircuit to the equivalence of flattened and nested constraints
  • remove lots of (now) obsolete code

@mitschabaude mitschabaude marked this pull request as ready for review December 17, 2024 07:05
mitschabaude
mitschabaude commented Dec 17, 2024
View reviewed changes
Clean/Circuit/Circuit.lean Outdated
Comment on lines 629 to 630
-- we use a trick to get Lean to display the actual parts of `h_holds` for us!
have h_holds: _ ∧ _ ∧ _ := h_holds
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is the trick I was missing before this PR

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually, just using

dsimp [Adversarial.constraints_hold] at h_holds

simplifies things nicely and works as intended

@mitschabaude mitschabaude changed the base branch from feature/subcircuit-witgen to main December 17, 2024 10:41
mitschabaude
mitschabaude commented Dec 17, 2024
View reviewed changes
Clean/Circuit/Circuit.lean Outdated
Comment on lines 725 to 728
-- simplify constraints hypothesis
-- we know it must be just the `subcircuit_soundness` of `Add8Full.circuit`
-- so it has an implication form
have h_holds : _ → _ := h_holds
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

another example of the same trick

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing, just doing

dsimp [Adversarial.constraints_hold] at h_holds

works 🙂

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wait what, am I crazy

@mitschabaude
Copy link
Collaborator Author

thanks @gio54321 :D I pushed an update

gio54321
gio54321 approved these changes Dec 17, 2024
View reviewed changes
Copy link
Collaborator

@gio54321 gio54321 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm, nice!

I wonder if with the new env we can remove the Provable.eval_env env b_var = b assumption. We could quantify only over all possible beta.var and then introduce in the proofs the values that are the evaluation of those vars, since the env maps every var to a field element. Something like this (not really deeply tested)

  soundness:
    -- for all environments that determine witness generation
    ∀ env: ℕ → F,
    -- for all inputs that satisfy the assumptions
    ∀ b_var : β.var,
    let b := Provable.eval_env env b_var
    assumptions b →
    -- if the constraints hold
    Adversarial.constraints_hold env (main b_var) →
    -- the spec holds on the input and output
    let a := Provable.eval_env env (output (main b_var))
    spec b a

@mitschabaude
Copy link
Collaborator Author

I wonder if with the new env we can remove the Provable.eval_env env b_var = b assumption

I thought it's a good idea and tried it. So far it made the introduction of variables a bit more complicated though, because I still need the same equality assumption and need to introduce it manually (see screenshot). Maybe you can come up with a better way to handle this later

image

@mitschabaude mitschabaude merged commit fbb270e into main Dec 17, 2024
1 check passed
@mitschabaude mitschabaude deleted the eval-env-soundness branch December 17, 2024 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gio54321 gio54321 gio54321 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mitschabaude @gio54321