From f27b4933bb082286ccb2f20cefbdf29a1596b828 Mon Sep 17 00:00:00 2001 From: Yuwen Zhang Date: Thu, 7 Nov 2024 16:06:29 -0800 Subject: [PATCH 1/6] docker error message and docs --- .github/workflows/main.yml | 30 +++++++++++++++++-- .github/workflows/pr.yml | 26 ++++++++++++++++ book/generating-proofs/basics.md | 3 +- book/getting-started/hardware-requirements.md | 4 ++- book/verification/onchain/getting-started.md | 3 +- crates/recursion/gnark-ffi/src/ffi/docker.rs | 6 ++-- 6 files changed, 64 insertions(+), 8 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 251c44d529..f88f27c75d 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -46,8 +46,8 @@ jobs: RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native RUST_BACKTRACE: 1 - plonk-docker: - name: Plonk Docker + plonk-docker-linux: + name: Plonk Docker Linux runs-on: [ runs-on, @@ -78,6 +78,32 @@ jobs: RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native RUST_BACKTRACE: 1 + plonk-docker-mac: + name: Plonk Docker Mac + runs-on: + [ + runs-on, + macos-latest, + spot=false, + "run-id=${{ github.run_id }}", + ] + env: + CARGO_NET_GIT_FETCH_WITH_CLI: "true" + steps: + - name: Checkout sources + uses: actions/checkout@v4 + - name: Setup CI + uses: ./.github/actions/setup + - name: Run cargo test + uses: actions-rs/cargo@v1 + with: + command: test + toolchain: 1.81.0 + args: --release -p sp1-sdk -- test_e2e_prove_plonk --nocapture + env: + RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native + RUST_BACKTRACE: 1 + check-branch: name: Check branch runs-on: [ubuntu-latest, "run-id=${{ github.run_id }}"] diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 81958dba2c..d70853beb7 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -450,3 +450,29 @@ jobs: run: | cd examples cargo build --all --all-targets + + plonk-docker-mac: + name: Plonk Docker Mac + runs-on: + [ + runs-on, + macos-latest, + spot=false, + "run-id=${{ github.run_id }}", + ] + env: + CARGO_NET_GIT_FETCH_WITH_CLI: "true" + steps: + - name: Checkout sources + uses: actions/checkout@v4 + - name: Setup CI + uses: ./.github/actions/setup + - name: Run cargo test + uses: actions-rs/cargo@v1 + with: + command: test + toolchain: 1.81.0 + args: --release -p sp1-sdk -- test_e2e_prove_plonk --nocapture + env: + RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native + RUST_BACKTRACE: 1 diff --git a/book/generating-proofs/basics.md b/book/generating-proofs/basics.md index 85273d96ba..7bde99bbc1 100644 --- a/book/generating-proofs/basics.md +++ b/book/generating-proofs/basics.md @@ -13,7 +13,8 @@ To make this more concrete, let's walk through a simple example of generating a You can run the above script in the `script` directory with `RUST_LOG=info cargo run --release`. Note that running the above script will generate a proof locally.
-WARNING: Local proving often is much slower than the prover network and for certain proof types (e.g. Groth16, PLONK) require a significant amount of RAM and will likely not work on a laptop. +WARNING: Local proving often is much slower than the prover network and for certain proof types (e.g. Groth16, PLONK) require a +significant amount of RAM. You might only be able to generate proofs for small inputs locally.
We recommend using the [prover network](./prover-network.md) to generate proofs. Read more about the [recommended workflow](./recommended-workflow.md) for developing with SP1. diff --git a/book/getting-started/hardware-requirements.md b/book/getting-started/hardware-requirements.md index 828ea96080..3877d22e84 100644 --- a/book/getting-started/hardware-requirements.md +++ b/book/getting-started/hardware-requirements.md @@ -31,7 +31,9 @@ which can be parallelized with multiple cores. Our prover requires keeping large matrices (i.e., traces) in memory to generate the proofs. Certain steps of the prover have a minimum memory requirement, meaning that if you have less than this amount of memory, the process will OOM. -This effect is most noticeable when using the Groth16 or PLONK provers. +This effect is most noticeable when using the Groth16 or PLONK provers. If you're running the Groth16 or Plonk provers locally +on Mac or Windows using docker, you might need to increase the memory limit for +[docker desktop](https://docs.docker.com/desktop/settings-and-maintenance/settings/#resources). ### Disk diff --git a/book/verification/onchain/getting-started.md b/book/verification/onchain/getting-started.md index 834a23dc18..56f686ce70 100644 --- a/book/verification/onchain/getting-started.md +++ b/book/verification/onchain/getting-started.md @@ -14,7 +14,8 @@ By default, the proofs generated by SP1 are not verifiable onchain, as they are > WARNING: The Groth16 and PLONK provers are only guaranteed to work on official releases of SP1. To > use Groth16 or PLONK proving & verification locally, ensure that you have Docker installed and have -> at least 128GB of RAM. +> at least 32GB of RAM. Note that you might need to increase the memory limit for +> [docker desktop](https://docs.docker.com/desktop/settings-and-maintenance/settings/#resources) if you're running on Mac. ### Example diff --git a/crates/recursion/gnark-ffi/src/ffi/docker.rs b/crates/recursion/gnark-ffi/src/ffi/docker.rs index 119253d492..12a2d6eb73 100644 --- a/crates/recursion/gnark-ffi/src/ffi/docker.rs +++ b/crates/recursion/gnark-ffi/src/ffi/docker.rs @@ -45,10 +45,10 @@ fn call_docker(args: &[&str], mounts: &[(&str, &str)]) -> Result<()> { for (src, dest) in mounts { cmd.arg("-v").arg(format!("{}:{}", src, dest)); } - cmd.arg(get_docker_image()); - cmd.args(args); - if !cmd.status()?.success() { + let result = cmd.status()?; + if !result.success() { log::error!("Failed to run `docker run`: {:?}", cmd); + log::error!("Execution result: {:?}", result); return Err(anyhow!("docker command failed")); } Ok(()) From 2a401d9ebeb3e6e4edbcc0ba6306072537d2e540 Mon Sep 17 00:00:00 2001 From: Yuwen Zhang Date: Thu, 7 Nov 2024 16:13:53 -0800 Subject: [PATCH 2/6] merge dev + spellcheck --- audits/rkm0959.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/audits/rkm0959.md b/audits/rkm0959.md index 3fb90318af..2c09f508d5 100644 --- a/audits/rkm0959.md +++ b/audits/rkm0959.md @@ -393,7 +393,7 @@ this passes each core verification, and since the RecursionPublicValue of proof - shard 1, 2's committed_value_digest = `0` - shard 3, 4's committed_value_digest = `x` -this passes each core verification, as proof #2 thinks shard 3 is its "first" shard - so it actually thinks that the `committed_value_digest` didn't change. This means that the whole "no cpu chip means `commited_value_digest` equal" thing actually just passes. Then, in the compress verification, we'll just see the committed_value_digest go from `0` to `x`, which is also completely fine. However, the committed_value_digest will go `0, 0, x, x`, where the change occurs on a shard without cpu chip - which isn't supposed to happen. +this passes each core verification, as proof #2 thinks shard 3 is its "first" shard - so it actually thinks that the `committed_value_digest` didn't change. This means that the whole "no cpu chip means `committed_value_digest` equal" thing actually just passes. Then, in the compress verification, we'll just see the committed_value_digest go from `0` to `x`, which is also completely fine. However, the committed_value_digest will go `0, 0, x, x`, where the change occurs on a shard without cpu chip - which isn't supposed to happen. While this is a slight incompatibility, the main invariant (if nonzero, public digest can only be one non-zero value) is preserved. Therefore, we did not fix this observation. From 82e0087e156043a1c6581da3d38f6fd8b23746b7 Mon Sep 17 00:00:00 2001 From: Yuwen Zhang Date: Thu, 7 Nov 2024 17:41:44 -0800 Subject: [PATCH 3/6] runs-on diff --- .github/workflows/main.yml | 8 +------- .github/workflows/pr.yml | 8 +------- 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index f88f27c75d..6c12b52cca 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -80,13 +80,7 @@ jobs: plonk-docker-mac: name: Plonk Docker Mac - runs-on: - [ - runs-on, - macos-latest, - spot=false, - "run-id=${{ github.run_id }}", - ] + runs-on: macos-latest env: CARGO_NET_GIT_FETCH_WITH_CLI: "true" steps: diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index d70853beb7..77233a2b76 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -453,13 +453,7 @@ jobs: plonk-docker-mac: name: Plonk Docker Mac - runs-on: - [ - runs-on, - macos-latest, - spot=false, - "run-id=${{ github.run_id }}", - ] + runs-on: macos-latest env: CARGO_NET_GIT_FETCH_WITH_CLI: "true" steps: From 7da956ae99c716d7ac663bfc224d5ffc01a6c40c Mon Sep 17 00:00:00 2001 From: Yuwen Zhang Date: Thu, 7 Nov 2024 18:13:55 -0800 Subject: [PATCH 4/6] libssl for mac --- .github/actions/setup/action.yml | 21 +++++++++++++++------ .github/workflows/pr.yml | 3 +-- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index d12a1d16aa..c059fd20ad 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -92,12 +92,21 @@ runs: - name: Install pkg-config and openssl shell: bash run: | - if ! dpkg -s pkg-config libssl-dev &> /dev/null; then - echo "pkg-config and/or libssl-dev not found. Installing..." - sudo apt-get update - sudo apt-get install -y pkg-config libssl-dev - else - echo "pkg-config and libssl-dev are already installed." + if [[ "$RUNNER_OS" == "Linux" ]]; then + if ! dpkg -s pkg-config libssl-dev &> /dev/null; then + echo "pkg-config and/or libssl-dev not found. Installing..." + sudo apt-get update + sudo apt-get install -y pkg-config libssl-dev + else + echo "pkg-config and libssl-dev are already installed." + fi + elif [[ "$RUNNER_OS" == "macOS" ]]; then + if ! brew list | grep -E "pkg-config|openssl@3" &> /dev/null; then + echo "pkg-config and/or openssl not found. Installing..." + brew install pkg-config openssl@3 + else + echo "pkg-config and openssl are already installed." + fi fi - name: Set up Docker diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 77233a2b76..6a39f71165 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -459,8 +459,7 @@ jobs: steps: - name: Checkout sources uses: actions/checkout@v4 - - name: Setup CI - uses: ./.github/actions/setup + - name: Run cargo test uses: actions-rs/cargo@v1 with: From 3c9f656479a142c11cdf9388061699c1df79b6f6 Mon Sep 17 00:00:00 2001 From: Yuwen Zhang Date: Thu, 7 Nov 2024 19:27:34 -0800 Subject: [PATCH 5/6] add back setup action --- .github/workflows/pr.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 6a39f71165..49f98c14c4 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -460,6 +460,9 @@ jobs: - name: Checkout sources uses: actions/checkout@v4 + - name: Setup CI + uses: ./.github/actions/setup + - name: Run cargo test uses: actions-rs/cargo@v1 with: From 13c34153dd7f785bf2efca6461746d7993e8ee44 Mon Sep 17 00:00:00 2001 From: Yuwen Zhang Date: Tue, 12 Nov 2024 14:08:21 -0800 Subject: [PATCH 6/6] no more mac ci --- .github/actions/setup/action.yml | 23 +++++++------------ .github/workflows/main.yml | 24 ++------------------ .github/workflows/pr.yml | 22 ------------------ crates/recursion/gnark-ffi/src/ffi/docker.rs | 2 ++ 4 files changed, 12 insertions(+), 59 deletions(-) diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml index c059fd20ad..d928b91df6 100644 --- a/.github/actions/setup/action.yml +++ b/.github/actions/setup/action.yml @@ -1,3 +1,5 @@ +# Note: this is only compatible with Linux runners. + name: Test setup inputs: pull_token: @@ -92,21 +94,12 @@ runs: - name: Install pkg-config and openssl shell: bash run: | - if [[ "$RUNNER_OS" == "Linux" ]]; then - if ! dpkg -s pkg-config libssl-dev &> /dev/null; then - echo "pkg-config and/or libssl-dev not found. Installing..." - sudo apt-get update - sudo apt-get install -y pkg-config libssl-dev - else - echo "pkg-config and libssl-dev are already installed." - fi - elif [[ "$RUNNER_OS" == "macOS" ]]; then - if ! brew list | grep -E "pkg-config|openssl@3" &> /dev/null; then - echo "pkg-config and/or openssl not found. Installing..." - brew install pkg-config openssl@3 - else - echo "pkg-config and openssl are already installed." - fi + if ! dpkg -s pkg-config libssl-dev &> /dev/null; then + echo "pkg-config and/or libssl-dev not found. Installing..." + sudo apt-get update + sudo apt-get install -y pkg-config libssl-dev + else + echo "pkg-config and libssl-dev are already installed." fi - name: Set up Docker diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 6c12b52cca..251c44d529 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -46,8 +46,8 @@ jobs: RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native RUST_BACKTRACE: 1 - plonk-docker-linux: - name: Plonk Docker Linux + plonk-docker: + name: Plonk Docker runs-on: [ runs-on, @@ -78,26 +78,6 @@ jobs: RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native RUST_BACKTRACE: 1 - plonk-docker-mac: - name: Plonk Docker Mac - runs-on: macos-latest - env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - name: Setup CI - uses: ./.github/actions/setup - - name: Run cargo test - uses: actions-rs/cargo@v1 - with: - command: test - toolchain: 1.81.0 - args: --release -p sp1-sdk -- test_e2e_prove_plonk --nocapture - env: - RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native - RUST_BACKTRACE: 1 - check-branch: name: Check branch runs-on: [ubuntu-latest, "run-id=${{ github.run_id }}"] diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 49f98c14c4..81958dba2c 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -450,25 +450,3 @@ jobs: run: | cd examples cargo build --all --all-targets - - plonk-docker-mac: - name: Plonk Docker Mac - runs-on: macos-latest - env: - CARGO_NET_GIT_FETCH_WITH_CLI: "true" - steps: - - name: Checkout sources - uses: actions/checkout@v4 - - - name: Setup CI - uses: ./.github/actions/setup - - - name: Run cargo test - uses: actions-rs/cargo@v1 - with: - command: test - toolchain: 1.81.0 - args: --release -p sp1-sdk -- test_e2e_prove_plonk --nocapture - env: - RUSTFLAGS: -Copt-level=3 -Cdebug-assertions -Coverflow-checks=y -Cdebuginfo=0 -C target-cpu=native - RUST_BACKTRACE: 1 diff --git a/crates/recursion/gnark-ffi/src/ffi/docker.rs b/crates/recursion/gnark-ffi/src/ffi/docker.rs index 12a2d6eb73..bf0f2865bd 100644 --- a/crates/recursion/gnark-ffi/src/ffi/docker.rs +++ b/crates/recursion/gnark-ffi/src/ffi/docker.rs @@ -45,6 +45,8 @@ fn call_docker(args: &[&str], mounts: &[(&str, &str)]) -> Result<()> { for (src, dest) in mounts { cmd.arg("-v").arg(format!("{}:{}", src, dest)); } + cmd.arg(get_docker_image()); + cmd.args(args); let result = cmd.status()?; if !result.success() { log::error!("Failed to run `docker run`: {:?}", cmd);