arkworks-rs · Pratyush · Sep 12, 2020 · Sep 9, 2020
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -98,6 +98,13 @@ jobs:
           target: thumbv6m-none-eabi
           override: true
 
+      - name: Install Rust ARM64 (${{ matrix.rust }})
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          target: aarch64-unknown-none
+          override: true
+
       - uses: actions/cache@v2
         with:
           path: |
@@ -130,8 +137,8 @@ jobs:
       - name: r1cs-std
         run: |
           cd r1cs-std
-          cargo build -p r1cs-std --no-default-features --target thumbv6m-none-eabi
-          cargo check --examples -p r1cs-std --no-default-features --target thumbv6m-none-eabi
+          cargo build -p r1cs-std --no-default-features --target aarch64-unknown-none
+          cargo check --examples -p r1cs-std --no-default-features --target aarch64-unknown-none
           cd ..
 
       - name: ff-fft
@@ -158,6 +165,6 @@ jobs:
       - name: crypto-primitives
         run: |
           cd crypto-primitives
-          cargo build -p crypto-primitives --no-default-features --target thumbv6m-none-eabi
-          cargo check --examples -p crypto-primitives --no-default-features --target thumbv6m-none-eabi
+          cargo build -p crypto-primitives --no-default-features --target aarch64-unknown-none
+          cargo check --examples -p crypto-primitives --no-default-features --target aarch64-unknown-none
           cd ..
diff --git a/crypto-primitives/Cargo.toml b/crypto-primitives/Cargo.toml
@@ -38,6 +38,7 @@ r1cs-std = { path = "../r1cs-std", optional = true, default-features = false }
 rand = { version = "0.7", default-features = false }
 rayon = { version = "1.0", optional = true }
 derivative = { version = "2.0", features = ["use_core"] }
+tracing = { version = "0.1", default-features = false, features = [ "attributes" ] }
 
 [features]
 default = ["std", "r1cs"]

diff --git a/crypto-primitives/src/commitment/blake2s/constraints.rs b/crypto-primitives/src/commitment/blake2s/constraints.rs
@@ -24,6 +24,7 @@ impl<F: PrimeField> CommitmentGadget<blake2s::Commitment, F> for CommGadget {
     type ParametersVar = ParametersVar;
     type RandomnessVar = RandomnessVar<F>;
 
+    #[tracing::instrument(target = "r1cs", skip(input, r))]
     fn commit(
         _: &Self::ParametersVar,
         input: &[UInt8<F>],
@@ -43,6 +44,7 @@ impl<F: PrimeField> CommitmentGadget<blake2s::Commitment, F> for CommGadget {
 }
 
 impl<ConstraintF: Field> AllocVar<(), ConstraintF> for ParametersVar {
+    #[tracing::instrument(target = "r1cs", skip(_cs, _f))]
     fn new_variable<T: Borrow<()>>(
         _cs: impl Into<Namespace<ConstraintF>>,
         _f: impl FnOnce() -> Result<T, SynthesisError>,
@@ -53,6 +55,7 @@ impl<ConstraintF: Field> AllocVar<(), ConstraintF> for ParametersVar {
 }
 
 impl<ConstraintF: PrimeField> AllocVar<[u8; 32], ConstraintF> for RandomnessVar<ConstraintF> {
+    #[tracing::instrument(target = "r1cs", skip(cs, f))]
     fn new_variable<T: Borrow<[u8; 32]>>(
         cs: impl Into<Namespace<ConstraintF>>,
         f: impl FnOnce() -> Result<T, SynthesisError>,
@@ -111,7 +114,7 @@ mod test {
 
         let parameters_var =
             <TestCOMMGadget as CommitmentGadget<TestCOMM, Fr>>::ParametersVar::new_witness(
-                cs.ns("gadget_parameters"),
+                r1cs_core::ns!(cs, "gadget_parameters"),
                 || Ok(&parameters),
             )
             .unwrap();

diff --git a/crypto-primitives/src/commitment/pedersen/constraints.rs b/crypto-primitives/src/commitment/pedersen/constraints.rs
@@ -53,6 +53,7 @@ where
     type ParametersVar = ParametersVar<C, GG>;
     type RandomnessVar = RandomnessVar<ConstraintF<C>>;
 
+    #[tracing::instrument(target = "r1cs", skip(parameters, r))]
     fn commit(
         parameters: &Self::ParametersVar,
         input: &[UInt8<ConstraintF<C>>],
@@ -183,13 +184,13 @@ mod test {
 
         let randomness_var =
             <TestCOMMGadget as CommitmentGadget<TestCOMM, Fq>>::RandomnessVar::new_witness(
-                cs.ns("gadget_randomness"),
+                r1cs_core::ns!(cs, "gadget_randomness"),
                 || Ok(&randomness),
             )
             .unwrap();
         let parameters_var =
             <TestCOMMGadget as CommitmentGadget<TestCOMM, Fq>>::ParametersVar::new_witness(
-                cs.ns("gadget_parameters"),
+                r1cs_core::ns!(cs, "gadget_parameters"),
                 || Ok(&parameters),
             )
             .unwrap();

diff --git a/crypto-primitives/src/crh/bowe_hopwood/constraints.rs b/crypto-primitives/src/crh/bowe_hopwood/constraints.rs
@@ -51,6 +51,7 @@ where
     type OutputVar = AffineVar<P, F>;
     type ParametersVar = ParametersVar<P, W>;
 
+    #[tracing::instrument(target = "r1cs", skip(parameters, input))]
     fn evaluate(
         parameters: &Self::ParametersVar,
         input: &[UInt8<ConstraintF<P>>],
@@ -91,6 +92,7 @@ where
     P: TEModelParameters,
     W: Window,
 {
+    #[tracing::instrument(target = "r1cs", skip(_cs, f))]
     fn new_variable<T: Borrow<Parameters<P>>>(
         _cs: impl Into<Namespace<ConstraintF<P>>>,
         f: impl FnOnce() -> Result<T, SynthesisError>,
@@ -158,7 +160,7 @@ mod test {
 
         let parameters_var =
             <TestCRHGadget as FixedLengthCRHGadget<TestCRH, Fr>>::ParametersVar::new_witness(
-                cs.ns("parameters_var"),
+                r1cs_core::ns!(cs, "parameters_var"),
                 || Ok(&parameters),
             )
             .unwrap();

diff --git a/crypto-primitives/src/crh/injective_map/constraints.rs b/crypto-primitives/src/crh/injective_map/constraints.rs
@@ -87,6 +87,7 @@ where
     type OutputVar = IG::OutputVar;
     type ParametersVar = ped_constraints::CRHParametersVar<C, GG>;
 
+    #[tracing::instrument(target = "r1cs", skip(parameters, input))]
     fn evaluate(
         parameters: &Self::ParametersVar,
         input: &[UInt8<ConstraintF<C>>],

diff --git a/crypto-primitives/src/crh/pedersen/constraints.rs b/crypto-primitives/src/crh/pedersen/constraints.rs
@@ -45,6 +45,7 @@ where
     type OutputVar = GG;
     type ParametersVar = CRHParametersVar<C, GG>;
 
+    #[tracing::instrument(target = "r1cs", skip(parameters, input))]
     fn evaluate(
         parameters: &Self::ParametersVar,
         input: &[UInt8<ConstraintF<C>>],
@@ -78,6 +79,7 @@ where
     GG: CurveVar<C, ConstraintF<C>>,
     for<'a> &'a GG: GroupOpsBounds<'a, C, GG>,
 {
+    #[tracing::instrument(target = "r1cs", skip(_cs, f))]
     fn new_variable<T: Borrow<Parameters<C>>>(
         _cs: impl Into<Namespace<ConstraintF<C>>>,
         f: impl FnOnce() -> Result<T, SynthesisError>,
@@ -138,7 +140,8 @@ mod test {
         let primitive_result = TestCRH::evaluate(&parameters, &input).unwrap();
 
         let parameters_var =
-            CRHParametersVar::new_constant(cs.ns("CRH Parameters"), &parameters).unwrap();
+            CRHParametersVar::new_constant(r1cs_core::ns!(cs, "CRH Parameters"), &parameters)
+                .unwrap();
 
         let result_var = TestCRHGadget::evaluate(&parameters_var, &input_var).unwrap();
 

diff --git a/crypto-primitives/src/merkle_tree/constraints.rs b/crypto-primitives/src/merkle_tree/constraints.rs
@@ -25,6 +25,7 @@ where
     CRHGadget: FixedLengthCRHGadget<P::H, ConstraintF>,
     <CRHGadget::OutputVar as R1CSVar<ConstraintF>>::Value: PartialEq,
 {
+    #[tracing::instrument(target = "r1cs", skip(self, parameters, root, leaf))]
     pub fn check_membership(
         &self,
         parameters: &CRHGadget::ParametersVar,
@@ -39,7 +40,7 @@ where
         let cs = leaf_hash.cs().or(root.cs()).unwrap();
 
         // Check if leaf is one of the bottom-most siblings.
-        let leaf_is_left = Boolean::new_witness(cs.ns("leaf_is_left"), || {
+        let leaf_is_left = Boolean::new_witness(r1cs_core::ns!(cs, "leaf_is_left"), || {
             Ok(leaf_hash.value()?.eq(&self.path[0].0.value()?))
         })?;
 
@@ -48,24 +49,20 @@ where
 
         // Check levels between leaf level and root.
         let mut previous_hash = leaf_hash;
-        let mut i = 0;
         for &(ref left_hash, ref right_hash) in &self.path {
             // Check if the previous_hash matches the correct current hash.
-            let previous_is_left = Boolean::new_witness(cs.ns("previous_is_left"), || {
-                Ok(previous_hash.value()?.eq(&left_hash.value()?))
-            })?;
-
-            let ns = cs.ns(format!(
-                "enforcing that inner hash is correct at i-th level{}",
-                i
-            ));
+            let previous_is_left =
+                Boolean::new_witness(r1cs_core::ns!(cs, "previous_is_left"), || {
+                    Ok(previous_hash.value()?.eq(&left_hash.value()?))
+                })?;
+
+            let ns = r1cs_core::ns!(cs, "enforcing that inner hash is correct");
             let equality_cmp = previous_is_left.select(left_hash, right_hash)?;
             result = result.and(&previous_hash.is_eq(&equality_cmp)?)?;
             drop(ns);
 
             previous_hash =
                 hash_inner_node::<P::H, CRHGadget, ConstraintF>(parameters, left_hash, right_hash)?;
-            i += 1;
         }
 
         result.and(&root.is_eq(&previous_hash)?)
@@ -106,8 +103,16 @@ where
         f().and_then(|val| {
             let mut path = Vec::new();
             for &(ref l, ref r) in val.borrow().path.iter() {
-                let l_hash = HGadget::OutputVar::new_variable(cs.ns("l_child"), || Ok(l), mode)?;
-                let r_hash = HGadget::OutputVar::new_variable(cs.ns("r_child"), || Ok(r), mode)?;
+                let l_hash = HGadget::OutputVar::new_variable(
+                    r1cs_core::ns!(cs, "l_child"),
+                    || Ok(l),
+                    mode,
+                )?;
+                let r_hash = HGadget::OutputVar::new_variable(
+                    r1cs_core::ns!(cs, "r_child"),
+                    || Ok(r),
+                    mode,
+                )?;
                 path.push((l_hash, r_hash));
             }
             Ok(PathVar { path })
@@ -157,15 +162,14 @@ mod test {
         let crh_parameters = H::setup(&mut rng).unwrap();
         let tree = JubJubMerkleTree::new(crh_parameters.clone(), leaves).unwrap();
         let root = tree.root();
-        let mut satisfied = true;
+        let cs = ConstraintSystem::<Fq>::new_ref();
         for (i, leaf) in leaves.iter().enumerate() {
-            let cs = ConstraintSystem::<Fq>::new_ref();
             let proof = tree.generate_proof(i, &leaf).unwrap();
             assert!(proof.verify(&crh_parameters, &root, &leaf).unwrap());
 
             // Allocate Merkle Tree Root
             let root = <HG as FixedLengthCRHGadget<H, _>>::OutputVar::new_witness(
-                cs.ns("new_digest"),
+                r1cs_core::ns!(cs, "new_digest"),
                 || {
                     if use_bad_root {
                         Ok(<H as FixedLengthCRH>::Output::default())
@@ -181,7 +185,7 @@ mod test {
 
             // Allocate Parameters for CRH
             let crh_parameters = <HG as FixedLengthCRHGadget<H, Fq>>::ParametersVar::new_constant(
-                cs.ns("new_parameter"),
+                r1cs_core::ns!(cs, "new_parameter"),
                 &crh_parameters,
             )
             .unwrap();
@@ -200,7 +204,9 @@ mod test {
             println!("constraints from leaf: {}", constraints_from_leaf);
 
             // Allocate Merkle Tree Path
-            let cw = PathVar::<_, HG, _>::new_witness(cs.ns("new_witness"), || Ok(&proof)).unwrap();
+            let cw =
+                PathVar::<_, HG, _>::new_witness(r1cs_core::ns!(cs, "new_witness"), || Ok(&proof))
+                    .unwrap();
             for (i, (l, r)) in cw.path.iter().enumerate() {
                 assert_eq!(l.value().unwrap(), proof.path[i].0);
                 assert_eq!(r.value().unwrap(), proof.path[i].1);
@@ -216,13 +222,6 @@ mod test {
                 .unwrap()
                 .enforce_equal(&Boolean::TRUE)
                 .unwrap();
-            if !cs.is_satisfied().unwrap() {
-                satisfied = false;
-                println!(
-                    "Unsatisfied constraint: {}",
-                    cs.which_is_unsatisfied().unwrap()
-                );
-            }
             let setup_constraints = constraints_from_leaf
                 + constraints_from_digest
                 + constraints_from_parameters
@@ -233,7 +232,7 @@ mod test {
             );
         }
 
-        assert!(satisfied);
+        assert!(cs.is_satisfied().unwrap());
     }
 
     #[test]

diff --git a/crypto-primitives/src/nizk/constraints.rs b/crypto-primitives/src/nizk/constraints.rs
@@ -15,6 +15,7 @@ pub trait NIZKVerifierGadget<N: NIZK, ConstraintF: Field> {
     /// subgroup checks.
     ///
     /// The default implementation doesn't omit these checks.
+    #[tracing::instrument(target = "r1cs", skip(cs, f))]
     fn new_proof_unchecked<T: Borrow<N::Proof>>(
         cs: impl Into<Namespace<ConstraintF>>,
         f: impl FnOnce() -> Result<T, SynthesisError>,
@@ -27,6 +28,7 @@ pub trait NIZKVerifierGadget<N: NIZK, ConstraintF: Field> {
     /// without performing subgroup checks.
     ///
     /// The default implementation doesn't omit these checks.
+    #[tracing::instrument(target = "r1cs", skip(cs, f))]
     fn new_verification_key_unchecked<T: Borrow<N::VerificationParameters>>(
         cs: impl Into<Namespace<ConstraintF>>,
         f: impl FnOnce() -> Result<T, SynthesisError>,