Builtin to binary

circuit-std-rs/src/sha256/m31_utils.rs

@@ -1,13 +1,9 @@
-use arith::Field;
 use expander_compiler::frontend::{
-    declare_circuit, Config, Define, Error, M31Config, RootAPI, Variable, M31,
+    declare_circuit, Config, Define, M31Config, RootAPI, Variable, M31,
 };
 
 #[cfg(test)]
-use expander_compiler::{
-    frontend::{compile, CompileOptions},
-    hints::registry::HintRegistry,
-};
+use expander_compiler::frontend::{compile, CompileOptions, EmptyHintCaller};
 
 use num_bigint::BigInt;
 use num_traits::cast::ToPrimitive;
@@ -219,13 +215,7 @@ pub fn to_binary<C: Config, B: RootAPI<C>>(
     x: Variable,
     n_bits: usize,
 ) -> Vec<Variable> {
-    let bits = api.new_hint("myhint.tobinary", &[x], n_bits);
-    for bit in bits.iter() {
-        api.assert_is_bool(*bit);
-    }
-    let sum = from_binary(api, bits.to_vec());
-    api.assert_is_equal(sum, x);
-    bits
+    api.to_binary(x, n_bits)
 }
 pub fn from_binary<C: Config, B: RootAPI<C>>(api: &mut B, bits: Vec<Variable>) -> Variable {
     let mut res = api.constant(0);
@@ -237,14 +227,6 @@ pub fn from_binary<C: Config, B: RootAPI<C>>(api: &mut B, bits: Vec<Variable>) -
     res
 }
 
-pub fn to_binary_hint(x: &[M31], y: &mut [M31]) -> Result<(), Error> {
-    let t = x[0].to_u256();
-    for (i, k) in y.iter_mut().enumerate() {
-        *k = M31::from_u256(t >> i as u32 & 1);
-    }
-    Ok(())
-}
-
 pub fn big_is_zero<C: Config, B: RootAPI<C>>(api: &mut B, k: usize, in_: &[Variable]) -> Variable {
     let mut total = api.constant(k as u32);
     for val in in_.iter().take(k) {
@@ -355,9 +337,6 @@ impl Define<M31Config> for IDIVMODBITCircuit<Variable> {
 }
 #[test]
 fn test_idiv_mod_bit() {
-    //register hints
-    let mut hint_registry = HintRegistry::<M31>::new();
-    hint_registry.register("myhint.tobinary", to_binary_hint);
     //compile and test
     let compile_result = compile(&IDIVMODBITCircuit::default(), CompileOptions::default()).unwrap();
     let assignment = IDIVMODBITCircuit::<M31> {
@@ -367,7 +346,7 @@ fn test_idiv_mod_bit() {
     };
     let witness = compile_result
         .witness_solver
-        .solve_witness_with_hints(&assignment, &mut hint_registry)
+        .solve_witness_with_hints(&assignment, &mut EmptyHintCaller)
         .unwrap();
     let output = compile_result.layered_circuit.run(&witness);
     assert_eq!(output, vec![true]);
@@ -396,9 +375,6 @@ impl Define<M31Config> for BITCONVERTCircuit<Variable> {
 }
 #[test]
 fn test_bit_convert() {
-    //register hints
-    let mut hint_registry = HintRegistry::<M31>::new();
-    hint_registry.register("myhint.tobinary", to_binary_hint);
     //compile and test
     let compile_result = compile(&BITCONVERTCircuit::default(), CompileOptions::default()).unwrap();
     let assignment = BITCONVERTCircuit::<M31> {
@@ -418,7 +394,7 @@ fn test_bit_convert() {
     };
     let witness = compile_result
         .witness_solver
-        .solve_witness_with_hints(&assignment, &mut hint_registry)
+        .solve_witness_with_hints(&assignment, &mut EmptyHintCaller)
         .unwrap();
     let output = compile_result.layered_circuit.run(&witness);
     assert_eq!(output, vec![true]);

circuit-std-rs/src/utils.rs

@@ -8,7 +8,6 @@ use crate::{
         inverse_e12_hint, inverse_e2_hint, inverse_e6_hint, mul_hint, simple_rangecheck_hint,
     },
     logup::{query_count_by_key_hint, query_count_hint, rangeproof_hint},
-    sha256::m31_utils::to_binary_hint,
 };
 
 pub fn simple_select<C: Config, B: RootAPI<C>>(
@@ -41,7 +40,6 @@ pub fn simple_lookup2<C: Config, B: RootAPI<C>>(
 }
 
 pub fn register_hint(hint_registry: &mut HintRegistry<M31>) {
-    hint_registry.register("myhint.tobinary", to_binary_hint);
     hint_registry.register("myhint.mulhint", mul_hint);
     hint_registry.register("myhint.simple_rangecheck_hint", simple_rangecheck_hint);
     hint_registry.register("myhint.querycounthint", query_count_hint);

circuit-std-rs/tests/sha256_m31.rs

@@ -1,4 +1,4 @@
-use circuit_std_rs::{sha256::m31::sha256_37bytes, sha256::m31_utils::to_binary_hint};
+use circuit_std_rs::sha256::m31::sha256_37bytes;
 use expander_compiler::frontend::*;
 use extra::*;
 use sha2::{Digest, Sha256};
@@ -32,8 +32,6 @@ impl Define<M31Config> for SHA25637BYTESCircuit<Variable> {
 
 #[test]
 fn test_sha256_37bytes() {
-    let mut hint_registry = HintRegistry::<M31>::new();
-    hint_registry.register("myhint.tobinary", to_binary_hint);
     let compile_result =
         compile(&SHA25637BYTESCircuit::default(), CompileOptions::default()).unwrap();
     for i in 0..1 {
@@ -50,7 +48,7 @@ fn test_sha256_37bytes() {
         }
         let witness = compile_result
             .witness_solver
-            .solve_witness_with_hints(&assignment, &mut hint_registry)
+            .solve_witness_with_hints(&assignment, &mut EmptyHintCaller)
             .unwrap();
         let output = compile_result.layered_circuit.run(&witness);
         assert_eq!(output, vec![true]);
@@ -59,8 +57,6 @@ fn test_sha256_37bytes() {
 
 #[test]
 fn debug_sha256_37bytes() {
-    let mut hint_registry = HintRegistry::<M31>::new();
-    hint_registry.register("myhint.tobinary", to_binary_hint);
     let data = [255; 37];
     let mut hash = Sha256::new();
     hash.update(data);
@@ -72,5 +68,9 @@ fn debug_sha256_37bytes() {
     for i in 0..32 {
         assignment.output[i] = M31::from(output[i] as u32);
     }
-    debug_eval(&SHA25637BYTESCircuit::default(), &assignment, hint_registry);
+    debug_eval(
+        &SHA25637BYTESCircuit::default(),
+        &assignment,
+        EmptyHintCaller,
+    );
 }

circuit-std-rs/tests/sha2_m31.rs

@@ -1,4 +1,4 @@
-use circuit_std_rs::{sha256::m31::sha256_37bytes, sha256::m31_utils::to_binary_hint};
+use circuit_std_rs::sha256::m31::sha256_37bytes;
 use expander_compiler::frontend::*;
 use extra::*;
 use sha2::{Digest, Sha256};
@@ -32,8 +32,6 @@ impl Define<M31Config> for SHA25637BYTESCircuit<Variable> {
 
 #[test]
 fn test_sha256_37bytes() {
-    let mut hint_registry = HintRegistry::<M31>::new();
-    hint_registry.register("myhint.tobinary", to_binary_hint);
     let compile_result =
         compile(&SHA25637BYTESCircuit::default(), CompileOptions::default()).unwrap();
     for i in 0..1 {
@@ -50,7 +48,7 @@ fn test_sha256_37bytes() {
         }
         let witness = compile_result
             .witness_solver
-            .solve_witness_with_hints(&assignment, &mut hint_registry)
+            .solve_witness_with_hints(&assignment, &mut EmptyHintCaller)
             .unwrap();
         let output = compile_result.layered_circuit.run(&witness);
         assert_eq!(output, vec![true]);
@@ -59,8 +57,6 @@ fn test_sha256_37bytes() {
 
 #[test]
 fn debug_sha256_37bytes() {
-    let mut hint_registry = HintRegistry::<M31>::new();
-    hint_registry.register("myhint.tobinary", to_binary_hint);
     let data = [255; 37];
     let mut hash = Sha256::new();
     hash.update(data);
@@ -72,5 +68,9 @@ fn debug_sha256_37bytes() {
     for i in 0..32 {
         assignment.output[i] = M31::from(output[i] as u32);
     }
-    debug_eval(&SHA25637BYTESCircuit::default(), &assignment, hint_registry);
+    debug_eval(
+        &SHA25637BYTESCircuit::default(),
+        &assignment,
+        EmptyHintCaller,
+    );
 }

expander_compiler/src/builder/basic.rs

@@ -101,6 +101,12 @@ impl PartialOrd for LinMeta {
     }
 }
 
+pub enum InsnTransformResult<C: Config, IrcOut: IrConfig<Config = C>> {
+    Insn(IrcOut::Instruction),
+    Vars(Vec<usize>),
+    Err(Error),
+}
+
 pub trait InsnTransformAndExecute<
     'a,
     C: Config,
@@ -111,7 +117,7 @@ pub trait InsnTransformAndExecute<
     fn transform_in_to_out(
         &mut self,
         in_insn: &IrcIn::Instruction,
-    ) -> Result<IrcOut::Instruction, Error>;
+    ) -> InsnTransformResult<C, IrcOut>;
     fn execute_out<'b>(
         &mut self,
         out_insn: &IrcOut::Instruction,
@@ -325,6 +331,16 @@ where
     pub fn push_insn(&mut self, out_insn: IrcOut::Instruction) -> Option<usize> {
         self.push_insn_with_root(out_insn, None)
     }
+    pub fn push_insn_multi_out(&mut self, out_insn: IrcOut::Instruction) -> Vec<usize> {
+        let num_out = out_insn.num_outputs();
+        self.out_insns.push(out_insn.clone());
+        self.execute_out(&out_insn, None);
+        let mut out_var_ids = Vec::new();
+        for i in 0..num_out {
+            out_var_ids.push(self.out_var_exprs.len() - num_out + i);
+        }
+        out_var_ids
+    }
 
     fn process_insn<'b>(
         &mut self,
@@ -335,12 +351,20 @@ where
         'a: 'b,
     {
         let in_mapped = in_insn.replace_vars(|x| self.in_to_out[x]);
-        let out_insn = self.transform_in_to_out(&in_mapped)?;
-        assert_eq!(out_insn.num_outputs(), in_insn.num_outputs());
-        let start_id = self.out_var_exprs.len();
-        self.push_insn_with_root(out_insn, Some(root));
-        for i in 0..in_insn.num_outputs() {
-            self.in_to_out.push(start_id + i);
+        match self.transform_in_to_out(&in_mapped) {
+            InsnTransformResult::Insn(out_insn) => {
+                assert_eq!(out_insn.num_outputs(), in_insn.num_outputs());
+                let start_id = self.out_var_exprs.len();
+                self.push_insn_with_root(out_insn, Some(root));
+                for i in 0..in_insn.num_outputs() {
+                    self.in_to_out.push(start_id + i);
+                }
+            }
+            InsnTransformResult::Vars(vars) => {
+                assert_eq!(vars.len(), in_insn.num_outputs());
+                self.in_to_out.extend(vars);
+            }
+            InsnTransformResult::Err(err) => return Err(err),
         }
         Ok(())
     }

expander_compiler/src/builder/final_build.rs

@@ -10,7 +10,7 @@ use crate::utils::error::Error;
 
 use super::basic::{
     process_circuit, to_really_single, try_get_really_single_id, ConstraintStatus,
-    InsnTransformAndExecute, RootBuilder,
+    InsnTransformAndExecute, InsnTransformResult, RootBuilder,
 };
 
 type IrcIn<C> = ir::hint_less::Irc<C>;
@@ -20,8 +20,8 @@ type InsnOut<C> = ir::hint_less::Instruction<C>;
 type Builder<'a, C> = super::basic::Builder<'a, C, IrcIn<C>, IrcOut<C>>;
 
 impl<'a, C: Config> InsnTransformAndExecute<'a, C, IrcIn<C>, IrcOut<C>> for Builder<'a, C> {
-    fn transform_in_to_out(&mut self, in_insn: &InsnIn<C>) -> Result<InsnOut<C>, Error> {
-        Ok(in_insn.clone())
+    fn transform_in_to_out(&mut self, in_insn: &InsnIn<C>) -> InsnTransformResult<C, IrcOut<C>> {
+        InsnTransformResult::Insn(in_insn.clone())
     }
 
     fn transform_in_con_to_out(&mut self, in_con: &RawConstraint) -> Result<RawConstraint, Error> {