feat: vm2

AztecProtocol · Jan 23, 2025 · 8c6e5a8 · 8c6e5a8
1 parent b229a04
commit 8c6e5a8
Show file tree

Hide file tree

Showing 24 changed files with 2,676 additions and 130 deletions.
diff --git a/barretenberg/cpp/.clangd b/barretenberg/cpp/.clangd
@@ -80,3 +80,12 @@ Diagnostics:
     Remove:
       - cppcoreguidelines-avoid-non-const-global-variables
       - cppcoreguidelines-special-member-functions
+
+--- # this divider is necessary
+# Suppressing some noisy AVM warnings
+If:
+  PathMatch: [src/barretenberg/vm.*\.cpp]
+Diagnostics:
+  Suppress:
+    - -Wmissing-designated-field-initializers
+
diff --git a/barretenberg/cpp/pil/avm/gadgets/sha256.pil b/barretenberg/cpp/pil/avm/gadgets/sha256.pil
@@ -154,16 +154,16 @@ namespace sha256(256);
     perform_round * (w_15_rshift_3 - lhs_w_3) = 0;
     // s0 := (w[i-15] `rotr` 7) `xor` (w[i-15] `rotr` 18) `xor` (w[i-15] `rightshift`  3)
     pol commit w_15_rotr_7_xor_w_15_rotr_18;
-    #[LOOKUP_W_S_0_XOR_0]
-    dummy_zero {w_15_rotr_7, w_15_rotr_18, w_15_rotr_7_xor_w_15_rotr_18, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_W_S_0_XOR_0]
+    // dummy_zero {w_15_rotr_7, w_15_rotr_18, w_15_rotr_7_xor_w_15_rotr_18, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit w_s_0;
-    #[LOOKUP_W_S_0_XOR_1]
-    dummy_zero {w_15_rotr_7_xor_w_15_rotr_18, w_15_rshift_3, w_s_0, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_W_S_0_XOR_1]
+    // dummy_zero {w_15_rotr_7_xor_w_15_rotr_18, w_15_rshift_3, w_s_0, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     // ========== Compute w_s1 ===================
     // w[i-2] `rotr` 17
@@ -186,16 +186,16 @@ namespace sha256(256);
     perform_round * (w_2_rshift_10 - lhs_w_10) = 0;
     // s1 := (w[i-2] `rotr` 17) `xor` (w[i-2] `rotr` 19) `xor` (w[i-2] `rightshift` 10)
     pol commit w_2_rotr_17_xor_w_2_rotr_19;
-    #[LOOKUP_W_S_1_XOR_0]
-    dummy_zero {w_2_rotr_17, w_2_rotr_19, w_2_rotr_17_xor_w_2_rotr_19, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_W_S_1_XOR_0]
+    // dummy_zero {w_2_rotr_17, w_2_rotr_19, w_2_rotr_17_xor_w_2_rotr_19, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit w_s_1;
-    #[LOOKUP_W_S_1_XOR_1]
-    dummy_zero {w_2_rotr_17_xor_w_2_rotr_19, w_2_rshift_10, w_s_1, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_W_S_1_XOR_1]
+    // dummy_zero {w_2_rotr_17_xor_w_2_rotr_19, w_2_rshift_10, w_s_1, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     // ========== START OF COMPRESSION BLOCK ==================
 
@@ -219,51 +219,48 @@ namespace sha256(256);
     perform_round * (e - (lhs_e_25 * 2**25 + rhs_e_25)) = 0;
     perform_round * (e_rotr_25 - (rhs_e_25 * 2**7 + lhs_e_25)) = 0;
 
-    // pol S_1 = (E_0 `rotr` 6) `xor` (E_0 `rotr` 11) `xor` (E_0 `rotr` 25);
-
     pol commit e_rotr_6_xor_e_rotr_11;
-    #[LOOKUP_S_1_XOR_0]
-    dummy_zero {e_rotr_6, e_rotr_11, e_rotr_6_xor_e_rotr_11, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_S_1_XOR_0]
+    // dummy_zero {e_rotr_6, e_rotr_11, e_rotr_6_xor_e_rotr_11, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit s_1;
-    #[LOOKUP_S_1_XOR_1]
-    dummy_zero {e_rotr_6_xor_e_rotr_11, e_rotr_25, s_1, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_S_1_XOR_1]
+    // dummy_zero {e_rotr_6_xor_e_rotr_11, e_rotr_25, s_1, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     // ==== COMPUTING CH ===========
     // pol CH_0 = (E_0 `and` F_0) `xor` ((`not` E_0) `and` G_0);
     pol commit e_and_f;
-
-    #[LOOKUP_CH_AND_0]
-    dummy_zero {e, f, e_and_f, and_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_CH_AND_0]
+    // dummy_zero {e, f, e_and_f, and_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit not_e;
     perform_round * (e + not_e - (2**32 - 1)) = 0;
 
     pol commit not_e_and_g;
-    #[LOOKUP_CH_AND_1]
-    dummy_zero {not_e, g, not_e_and_g, and_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_CH_AND_1]
+    // dummy_zero {not_e, g, not_e_and_g, and_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit ch;
-    #[LOOKUP_CH_XOR]
-    dummy_zero {e_and_f, not_e_and_g, ch, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_CH_XOR]
+    // dummy_zero {e_and_f, not_e_and_g, ch, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     // ===== COMPUTING TMP 1 ===========
     // Lookup round constants
     pol commit round_constant;
-    #[LOOKUP_ROUND_CONSTANT]
-    dummy_zero {round_count, round_constant}
-    in
-    binary.start {sha256_params_lookup.table_round_index, sha256_params_lookup.table_round_constant};
+    // #[LOOKUP_ROUND_CONSTANT]
+    // dummy_zero {round_count, round_constant}
+    // in
+    // binary.start {sha256_params_lookup.table_round_index, sha256_params_lookup.table_round_constant};
 
     pol TMP_1 = h + s_1 + ch + round_constant + w;
 
@@ -289,48 +286,48 @@ namespace sha256(256);
     perform_round * (a_rotr_22 - (rhs_a_22 * 2**10 + lhs_a_22)) = 0;
     // (A_0 `rotr` 2) `xor` (A_0 `rotr` 13) 
     pol commit a_rotr_2_xor_a_rotr_13;
-    #[LOOKUP_S_0_XOR_0]
-    dummy_zero {a_rotr_2, a_rotr_13, a_rotr_2_xor_a_rotr_13, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_S_0_XOR_0]
+    // dummy_zero {a_rotr_2, a_rotr_13, a_rotr_2_xor_a_rotr_13, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit s_0;
-    #[LOOKUP_S_0_XOR_1]
-    dummy_zero {a_rotr_2_xor_a_rotr_13, a_rotr_22, s_0, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_S_0_XOR_1]
+    // dummy_zero {a_rotr_2_xor_a_rotr_13, a_rotr_22, s_0, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     // ====== Computing Maj =========
     // pol MAJ_0 = (A_0 `and` B_0) `xor` (A_0 `and` C_0) `xor` (B_0 `and` C_0);
     pol commit a_and_b;
-    #[LOOKUP_MAJ_AND_0]
-    dummy_zero {a, b, a_and_b, and_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_MAJ_AND_0]
+    // dummy_zero {a, b, a_and_b, and_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit a_and_c;
-    #[LOOKUP_MAJ_AND_1]
-    dummy_zero {a, c, a_and_c, and_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_MAJ_AND_1]
+    // dummy_zero {a, c, a_and_c, and_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit b_and_c;
-    #[LOOKUP_MAJ_AND_2]
-    dummy_zero {b, c, b_and_c, and_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_MAJ_AND_2]
+    // dummy_zero {b, c, b_and_c, and_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit a_and_b_xor_a_and_c;
-    #[LOOKUP_MAJ_XOR_0]
-    dummy_zero {a_and_b, a_and_c, a_and_b_xor_a_and_c, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_MAJ_XOR_0]
+    // dummy_zero {a_and_b, a_and_c, a_and_b_xor_a_and_c, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     pol commit maj;
-    #[LOOKUP_MAJ_XOR_1]
-    dummy_zero {a_and_b_xor_a_and_c, b_and_c, maj, xor_sel}
-    in
-    binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
+    // #[LOOKUP_MAJ_XOR_1]
+    // dummy_zero {a_and_b_xor_a_and_c, b_and_c, maj, xor_sel}
+    // in
+    // binary.start {binary.acc_ia, binary.acc_ib, binary.acc_ic, binary.op_id};
 
     // ==== Compute TMP 2 ====
     pol NEXT_A = s_0 + maj + TMP_1;

diff --git a/barretenberg/cpp/pil/vm2/execution.pil b/barretenberg/cpp/pil/vm2/execution.pil
@@ -1,6 +1,7 @@
 include "alu.pil";
 include "addressing.pil";
 include "precomputed.pil";
+include "sha256.pil";
 
 namespace execution;
 
@@ -53,4 +54,4 @@ precomputed.sel_bitwise {precomputed.bitwise_op_id, precomputed.bitwise_input_a,
 #[LOOKUP_DUMMY_DYNAMIC]  // Just a self-lookup for now, for testing.
 sel {op1, op2, op3, op4} in sel {op1, op2, op3, op4};
 #[PERM_DUMMY_DYNAMIC]  // Just a self-permutation for now, for testing.
-sel {op1, op2, op3, op4} is sel {op1, op2, op3, op4};
+sel {op1, op2, op3, op4} is sel {op1, op2, op3, op4};
diff --git a/barretenberg/cpp/pil/vm2/precomputed.pil b/barretenberg/cpp/pil/vm2/precomputed.pil
@@ -14,4 +14,12 @@ pol constant sel_bitwise; // 1 in the first 3 * 256 rows.
 pol constant bitwise_op_id; // identifies if operation is AND/OR/XOR.
 pol constant bitwise_input_a; // column of all 8-bit numbers.
 pol constant bitwise_input_b; // column of all 8-bit numbers.
-pol constant bitwise_output; // output = a AND/OR/XOR b.
+pol constant bitwise_output; // output = a AND/OR/XOR b.
+
+// SHA256 Round Params Lookup
+pol constant sel_sha256_compression;
+pol constant sha256_compression_round_constant;
+
+
+
+