Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
formal_proofs.cpp
Go to the documentation of this file.
1#include "acir_loader.hpp"
2#include "barretenberg/smt_verification/circuit/ultra_circuit.hpp"
3#include "barretenberg/smt_verification/solver/solver.hpp"
4#include "barretenberg/smt_verification/terms/term.hpp"
5#include "barretenberg/smt_verification/util/smt_util.hpp"
6#include "helpers.hpp"
7
8void debug_solution(smt_solver::Solver* solver, std::unordered_map<std::string, cvc5::Term> terms)
9{
10 solver->print_assertions();
11 std::unordered_map<std::string, std::string> vals = solver->model(terms);
12 for (auto const& i : vals) {
13 info(i.first, " = ", i.second);
14 }
15}
16
17bool verify_add(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
18{
19 auto a = circuit["a"];
20 auto b = circuit["b"];
21 auto c = circuit["c"];
22 auto cr = a + b;
23 c != cr;
24 bool res = solver->check();
25 if (res) {
26 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
27 debug_solution(solver, terms);
28 }
29 return res;
30}
31
32bool verify_add_signed(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
33{
34 auto a = circuit["a"];
35 auto b = circuit["b"];
36 auto c = circuit["c"];
37 auto cr = add_signed(a, b, bit_size);
38 c != cr;
39 bool res = solver->check();
40 if (res) {
41 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
42 debug_solution(solver, terms);
43 }
44 return res;
45}
46
47bool verify_sub(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
48{
49 auto a = circuit["a"];
50 auto b = circuit["b"];
51 auto c = circuit["c"];
52 auto cr = a - b;
53 c != cr;
54 bool res = solver->check();
55 if (res) {
56 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
57 debug_solution(solver, terms);
58 }
59 return res;
60}
61
62bool verify_sub_signed(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
63{
64 auto a = circuit["a"];
65 auto b = circuit["b"];
66 auto c = circuit["c"];
67 auto cr = sub_signed(a, b, bit_size);
68 c != cr;
69 bool res = solver->check();
70 if (res) {
71 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
72 debug_solution(solver, terms);
73 }
74 return res;
75}
76
77bool verify_mul(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
78{
79 auto a = circuit["a"];
80 auto b = circuit["b"];
81 auto c = circuit["c"];
82 auto cr = a * b;
83 c != cr;
84 bool res = solver->check();
85 if (res) {
86 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
87 debug_solution(solver, terms);
88 }
89 return res;
90}
91
92bool verify_mul_signed(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
93{
94 auto a = circuit["a"];
95 auto b = circuit["b"];
96 auto c = circuit["c"];
97 auto cr = mul_signed(a, b, bit_size);
98 c != cr;
99 bool res = solver->check();
100 if (res) {
101 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
102 debug_solution(solver, terms);
103 }
104 return res;
105}
106
107bool verify_div(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
108{
109 auto a = circuit["a"];
110 auto b = circuit["b"];
111 auto c = circuit["c"];
112 auto cr = a / b;
113 c != cr;
114 bool res = solver->check();
115 if (res) {
116 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
117 debug_solution(solver, terms);
118 }
119 return res;
120}
121
122bool verify_div_field(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
123{
124 auto a = circuit["a"];
125 auto b = circuit["b"];
126 auto c = circuit["c"];
127 // c = a / b
128 // c * b = a
129 auto cr = c * b;
130 a != cr;
131 bool res = solver->check();
132 if (res) {
133 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
134 debug_solution(solver, terms);
135 }
136 return res;
137}
138
139bool verify_mod(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
140{
141 auto a = circuit["a"];
142 auto b = circuit["b"];
143 auto c = circuit["c"];
144 smt_circuit::STerm c1 = a % b;
145 c != c1;
146 bool res = solver->check();
147 if (res) {
148 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "c1", c1 } });
149 debug_solution(solver, terms);
150 }
151 return res;
152}
153
154bool verify_or(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
155{
156 auto a = circuit["a"];
157 auto b = circuit["b"];
158 auto c = circuit["c"];
159 auto cr = a | b;
160 c != cr;
161 bool res = solver->check();
162 if (res) {
163 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
164 debug_solution(solver, terms);
165 }
166 return res;
167}
168
169bool verify_and(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
170{
171 auto a = circuit["a"];
172 auto b = circuit["b"];
173 auto c = circuit["c"];
174 auto cr = a & b;
175 c != cr;
176 bool res = solver->check();
177 if (res) {
178 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
179 debug_solution(solver, terms);
180 }
181 return res;
182}
183
184bool verify_xor(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
185{
186 auto a = circuit["a"];
187 auto b = circuit["b"];
188 auto c = circuit["c"];
189 auto cr = a ^ b;
190 c != cr;
191 bool res = solver->check();
192 if (res) {
193 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
194 debug_solution(solver, terms);
195 }
196 return res;
197}
198
199bool verify_not_64(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
200{
201 auto a = circuit["a"];
202 auto b = circuit["b"];
203 // 2^64 - 1
204 auto mask = smt_terms::BVConst("18446744073709551615", solver, 10);
205 auto br = a ^ mask;
206 b != br;
207 bool res = solver->check();
208 if (res) {
209 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "br", br } });
210 debug_solution(solver, terms);
211 }
212 return res;
213}
214
215// takes 0.346 seconds on SMTBOX
216bool verify_not_128(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
217{
218 auto a = circuit["a"];
219 auto b = circuit["b"];
220 // 2**128 - 1
221 auto mask = smt_terms::BVConst("340282366920938463463374607431768211455", solver, 10);
222 auto br = a ^ mask;
223 b != br;
224 bool res = solver->check();
225 if (res) {
226 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "br", br } });
227 debug_solution(solver, terms);
228 }
229 return res;
230}
231
232bool verify_shl32(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
233{
234 auto a = circuit["a"];
235 auto b = circuit["b"];
236 auto c = circuit["c"];
237 auto cr = shl32(a, b, solver);
238 c != cr;
239 bool res = solver->check();
240 if (res) {
241 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
242 debug_solution(solver, terms);
243 }
244 return res;
245}
246
247bool verify_shl64(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
248{
249 auto a = circuit["a"];
250 auto b = circuit["b"];
251 auto c = circuit["c"];
252 auto cr = shl64(a, b, solver);
253 c != cr;
254 bool res = solver->check();
255 if (res) {
256 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
257 debug_solution(solver, terms);
258 }
259 return res;
260}
261
262bool verify_shl8(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
263{
264 auto a = circuit["a"];
265 auto b = circuit["b"];
266 auto c = circuit["c"];
267 auto cr = shl8(a, b, solver);
268 c != cr;
269 bool res = solver->check();
270 if (res) {
271 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
272 debug_solution(solver, terms);
273 }
274 return res;
275}
276
277bool verify_shr(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
278{
279 auto a = circuit["a"];
280 auto b = circuit["b"];
281 auto c = circuit["c"];
282 auto cr = shr(a, b, solver);
283 c != cr;
284 bool res = solver->check();
285 if (res) {
286 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
287 debug_solution(solver, terms);
288 }
289 return res;
290}
291
292bool verify_eq_on_equlaity(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
293{
294 auto a = circuit["a"];
295 auto b = circuit["b"];
296 auto c = circuit["c"];
297 a == b;
298 c != 1;
299 bool res = solver->check();
300 if (res) {
301 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c } });
302 debug_solution(solver, terms);
303 }
304 return res;
305}
306
307bool verify_eq_on_inequlaity(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
308{
309 auto a = circuit["a"];
310 auto b = circuit["b"];
311 auto c = circuit["c"];
312 a != b;
313 c != 0;
314 bool res = solver->check();
315 if (res) {
316 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c } });
317 debug_solution(solver, terms);
318 }
319 return res;
320}
321
322bool verify_lt(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
323{
324 auto a = circuit["a"];
325 auto b = circuit["b"];
326 auto c = circuit["c"];
327 a < b;
328 c != 1;
329 bool res = solver->check();
330 if (res) {
331 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c } });
332 debug_solution(solver, terms);
333 }
334 return res;
335}
336
337bool verify_gt(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit)
338{
339 auto a = circuit["a"];
340 auto b = circuit["b"];
341 auto c = circuit["c"];
342 a > b;
343 c != 0;
344 bool res = solver->check();
345 if (res) {
346 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c } });
347 debug_solution(solver, terms);
348 }
349 return res;
350}
351
352bool verify_idiv(smt_solver::Solver* solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
353{
354 auto a = circuit["a"];
355 auto b = circuit["b"];
356 auto c = circuit["c"];
357 auto cr = idiv(a, b, bit_size, solver);
358 c != cr;
359 bool res = solver->check();
360 if (res) {
361 std::unordered_map<std::string, cvc5::Term> terms({ { "a", a }, { "b", b }, { "c", c }, { "cr", cr } });
362 debug_solution(solver, terms);
363 }
364 return res;
365}
366
367bool verify_non_uniqueness_for_casts(smt_solver::Solver* solver, AcirToSmtLoader* loader, smt_circuit::TermType type)
368{
369 auto schema = loader->get_circuit_schema();
370 auto cirs = smt_circuit::UltraCircuit::unique_witness_ext(schema,
371 solver,
372 type,
373 /*equal_vars=*/{ "a" },
374 /*distinct_vars=*/{ "b" },
375 /*equal_at_the_same_time=*/{},
376 /*not_equal_at_the_same_time=*/{},
377 /*enable_optimizations=*/true);
378 bool res = solver->check();
379
380 if (res) {
381 debug_solution(solver, {});
382 }
383 return res;
384}
acir_loader.hpp
AcirToSmtLoader
Class for loading ACIR (Arithmetic Circuit Intermediate Representation) programs and converting them ...
Definition acir_loader.hpp:21
AcirToSmtLoader::get_circuit_schema
smt_circuit::CircuitSchema get_circuit_schema()
Gets the circuit schema from the loaded ACIR program.
Definition acir_loader.cpp:54
smt_circuit::UltraCircuit
Symbolic Circuit class for Standard Circuit Builder.
Definition ultra_circuit.hpp:53
smt_circuit::UltraCircuit::unique_witness_ext
static std::pair< UltraCircuit, UltraCircuit > unique_witness_ext(CircuitSchema &circuit_info, Solver *s, TermType type, const std::vector< std::string > &equal={}, const std::vector< std::string > &not_equal={}, const std::vector< std::string > &equal_at_the_same_time={}, const std::vector< std::string > &not_equal_at_the_same_time={}, bool enable_optimizations=false)
Check your circuit for witness uniqueness.
Definition ultra_circuit.cpp:752
smt_solver::Solver
Class for the solver.
Definition solver.hpp:80
smt_solver::Solver::print_assertions
void print_assertions()
Definition solver.cpp:421
smt_solver::Solver::model
std::unordered_map< std::string, std::string > model(std::unordered_map< std::string, cvc5::Term > &terms) const
Definition solver.cpp:80
smt_solver::Solver::check
bool check()
Definition solver.cpp:11
smt_terms::STerm
Symbolic term element class.
Definition term.hpp:114
info
void info(Args... args)
Definition log.hpp:75
a
FF a
Definition field_gt.test.cpp:52
b
FF b
Definition field_gt.test.cpp:53
verify_shl32
bool verify_shl32(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify 32-bit left shift operation: c = a << b.
Definition formal_proofs.cpp:232
verify_idiv
bool verify_idiv(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
Definition formal_proofs.cpp:352
verify_xor
bool verify_xor(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify bitwise XOR operation: c = a ^ b.
Definition formal_proofs.cpp:184
verify_sub_signed
bool verify_sub_signed(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
Verify subtraction operation: c = a - b + truncate to bit_size bits.
Definition formal_proofs.cpp:62
verify_mod
bool verify_mod(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify modulo operation: c = a mod b.
Definition formal_proofs.cpp:139
debug_solution
void debug_solution(smt_solver::Solver *solver, std::unordered_map< std::string, cvc5::Term > terms)
Debug helper to print solver assertions and model values.
Definition formal_proofs.cpp:8
verify_not_128
bool verify_not_128(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify NOT operation on 128 bits: b = ~a.
Definition formal_proofs.cpp:216
verify_not_64
bool verify_not_64(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify NOT operation on 64 bits: b = ~a.
Definition formal_proofs.cpp:199
verify_add_signed
bool verify_add_signed(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
Verify addition operation: c = a + b + truncate to bit_size bits.
Definition formal_proofs.cpp:32
verify_lt
bool verify_lt(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify less than comparison: a < b.
Definition formal_proofs.cpp:322
verify_div_field
bool verify_div_field(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify field division operation: c = a / b (in field)
Definition formal_proofs.cpp:122
verify_div
bool verify_div(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify integer division operation: c = a / b.
Definition formal_proofs.cpp:107
verify_mul
bool verify_mul(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify multiplication operation: c = a * b.
Definition formal_proofs.cpp:77
verify_add
bool verify_add(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify addition operation: c = a + b.
Definition formal_proofs.cpp:17
verify_eq_on_inequlaity
bool verify_eq_on_inequlaity(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify equality comparison when values are not equal.
Definition formal_proofs.cpp:307
verify_sub
bool verify_sub(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify subtraction operation: c = a - b.
Definition formal_proofs.cpp:47
verify_shl64
bool verify_shl64(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify 64-bit left shift operation: c = a << b.
Definition formal_proofs.cpp:247
verify_non_uniqueness_for_casts
bool verify_non_uniqueness_for_casts(smt_solver::Solver *solver, AcirToSmtLoader *loader, smt_circuit::TermType type)
Verify non-uniqueness for casts.
Definition formal_proofs.cpp:367
verify_shl8
bool verify_shl8(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify 8-bit left shift operation: c = a << b.
Definition formal_proofs.cpp:262
verify_and
bool verify_and(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify bitwise AND operation: c = a & b.
Definition formal_proofs.cpp:169
verify_shr
bool verify_shr(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify right shift operation: c = a >> b.
Definition formal_proofs.cpp:277
verify_eq_on_equlaity
bool verify_eq_on_equlaity(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify equality comparison when values are equal.
Definition formal_proofs.cpp:292
verify_or
bool verify_or(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify bitwise OR operation: c = a | b.
Definition formal_proofs.cpp:154
verify_mul_signed
bool verify_mul_signed(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit, uint32_t bit_size)
Verify multiplication operation: c = a * b with signed operands and truncate to bit_size bits.
Definition formal_proofs.cpp:92
verify_gt
bool verify_gt(smt_solver::Solver *solver, smt_circuit::UltraCircuit circuit)
Verify greater than comparison: a > b.
Definition formal_proofs.cpp:337
shl8
smt_circuit::STerm shl8(smt_circuit::STerm v0, smt_circuit::STerm v1, smt_solver::Solver *solver)
Left shift operation with 8-bit truncation.
Definition helpers.cpp:61
sub_signed
smt_circuit::STerm sub_signed(smt_circuit::STerm v0, smt_circuit::STerm v1, uint32_t bit_size)
Signed subtraction operation: c = a - b + truncate to bit_size bits.
Definition helpers.cpp:74
shr
smt_circuit::STerm shr(smt_circuit::STerm v0, smt_circuit::STerm v1, smt_solver::Solver *solver)
Right shift operation.
Definition helpers.cpp:40
idiv
smt_circuit::STerm idiv(smt_circuit::STerm v0, smt_circuit::STerm v1, uint32_t bit_size, smt_solver::Solver *solver)
Signed division in noir-style.
Definition helpers.cpp:88
add_signed
smt_circuit::STerm add_signed(smt_circuit::STerm v0, smt_circuit::STerm v1, uint32_t bit_size)
Definition helpers.cpp:68
mul_signed
smt_circuit::STerm mul_signed(smt_circuit::STerm v0, smt_circuit::STerm v1, uint32_t bit_size)
Signed multiplication operation: c = a * b + truncate to bit_size bits.
Definition helpers.cpp:81
shl32
smt_circuit::STerm shl32(smt_circuit::STerm v0, smt_circuit::STerm v1, smt_solver::Solver *solver)
Left shift operation with 32-bit truncation.
Definition helpers.cpp:54
shl64
smt_circuit::STerm shl64(smt_circuit::STerm v0, smt_circuit::STerm v1, smt_solver::Solver *solver)
Left shift operation with 64-bit truncation.
Definition helpers.cpp:47
smt_terms::BVConst
STerm BVConst(const std::string &val, Solver *slv, uint32_t base)
Definition term.cpp:620
smt_terms::TermType
TermType
Allows to define three types of symbolic terms STerm - Symbolic Variables acting like a Finte Field e...
Definition term.hpp:15
std::get
constexpr decltype(auto) get(::tuplet::tuple< T... > &&t) noexcept
Definition tuple.hpp:13
smt_util.hpp
ultra_circuit.hpp