Skip to content

feat: add share-encryption circuit gen [skip-line-limit] #1267

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cedoor merged 5 commits into from
Feb 5, 2026
Merged

feat: add share-encryption circuit gen [skip-line-limit] #1267

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
84c2ced
add share-encryption circuit gen
0xjei Feb 5, 2026
85f9d30
Merge branch 'main' into port/dkg-c3
0xjei Feb 5, 2026
74dba12
default to insecure preset for testing
0xjei Feb 5, 2026
631a619
avoid repetitive configs
0xjei Feb 5, 2026
11d1f50
fix test
0xjei Feb 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions circuits/bin/dkg/e_sm_share_encryption/src/main.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ use lib::configs::default::dkg::{
L, N, SHARE_ENCRYPTION_BIT_CT, SHARE_ENCRYPTION_BIT_E0, SHARE_ENCRYPTION_BIT_E1,
SHARE_ENCRYPTION_BIT_MSG, SHARE_ENCRYPTION_BIT_P1, SHARE_ENCRYPTION_BIT_P2,
SHARE_ENCRYPTION_BIT_PK, SHARE_ENCRYPTION_BIT_R1, SHARE_ENCRYPTION_BIT_R2,
SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_CONFIGS_E_SM,
SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_CONFIGS,
};
use lib::core::dkg::share_encryption::ShareEncryption;
use lib::math::polynomial::Polynomial;
Expand All @@ -32,7 +32,7 @@ fn main(
p2is: [Polynomial<N - 1>; L],
) {
let share_encryption: ShareEncryption<N, L, SHARE_ENCRYPTION_BIT_PK, SHARE_ENCRYPTION_BIT_CT, SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_BIT_E0, SHARE_ENCRYPTION_BIT_E1, SHARE_ENCRYPTION_BIT_MSG, SHARE_ENCRYPTION_BIT_R1, SHARE_ENCRYPTION_BIT_R2, SHARE_ENCRYPTION_BIT_P1, SHARE_ENCRYPTION_BIT_P2> = ShareEncryption::new(
SHARE_ENCRYPTION_CONFIGS_E_SM,
SHARE_ENCRYPTION_CONFIGS,
expected_pk_commitment,
expected_message_commitment,
pk0is,
Expand Down
4 changes: 2 additions & 2 deletions circuits/bin/dkg/sk_share_encryption/src/main.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ use lib::configs::default::dkg::{
L, N, SHARE_ENCRYPTION_BIT_CT, SHARE_ENCRYPTION_BIT_E0, SHARE_ENCRYPTION_BIT_E1,
SHARE_ENCRYPTION_BIT_MSG, SHARE_ENCRYPTION_BIT_P1, SHARE_ENCRYPTION_BIT_P2,
SHARE_ENCRYPTION_BIT_PK, SHARE_ENCRYPTION_BIT_R1, SHARE_ENCRYPTION_BIT_R2,
SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_CONFIGS_SK,
SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_CONFIGS,
};
use lib::core::dkg::share_encryption::ShareEncryption;
use lib::math::polynomial::Polynomial;
Expand All @@ -32,7 +32,7 @@ fn main(
p2is: [Polynomial<N - 1>; L],
) {
let share_encryption: ShareEncryption<N, L, SHARE_ENCRYPTION_BIT_PK, SHARE_ENCRYPTION_BIT_CT, SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_BIT_E0, SHARE_ENCRYPTION_BIT_E1, SHARE_ENCRYPTION_BIT_MSG, SHARE_ENCRYPTION_BIT_R1, SHARE_ENCRYPTION_BIT_R2, SHARE_ENCRYPTION_BIT_P1, SHARE_ENCRYPTION_BIT_P2> = ShareEncryption::new(
SHARE_ENCRYPTION_CONFIGS_SK,
SHARE_ENCRYPTION_CONFIGS,
expected_pk_commitment,
expected_message_commitment,
pk0is,
Expand Down
35 changes: 13 additions & 22 deletions circuits/lib/src/configs/insecure/dkg.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,22 +71,21 @@ pub global SHARE_COMPUTATION_E_SM_CONFIGS: ShareComputationConfigs<L_THRESHOLD>
/************************************
-------------------------------------
share_encryption_sk (CIRCUIT 3a)
share_encryption_e_sm (CIRCUIT 3b)
-------------------------------------
************************************/

// share_encryption_sk - bit parameters
pub global SHARE_ENCRYPTION_BIT_PK: u32 = 51;
pub global SHARE_ENCRYPTION_BIT_CT: u32 = 51;
pub global SHARE_ENCRYPTION_BIT_U: u32 = 2;
pub global SHARE_ENCRYPTION_BIT_E0: u32 = 4;
pub global SHARE_ENCRYPTION_BIT_E1: u32 = 4;
pub global SHARE_ENCRYPTION_BIT_MSG: u32 = 37;
pub global SHARE_ENCRYPTION_BIT_R1: u32 = 36;
pub global SHARE_ENCRYPTION_BIT_R2: u32 = 51;
pub global SHARE_ENCRYPTION_BIT_P1: u32 = 10;
pub global SHARE_ENCRYPTION_BIT_P2: u32 = 51;

// share_encryption_sk - bounds
pub global SHARE_ENCRYPTION_BIT_PK: u32 = 50;
pub global SHARE_ENCRYPTION_BIT_CT: u32 = 50;
pub global SHARE_ENCRYPTION_BIT_U: u32 = 1;
pub global SHARE_ENCRYPTION_BIT_E0: u32 = 3;
pub global SHARE_ENCRYPTION_BIT_E1: u32 = 3;
pub global SHARE_ENCRYPTION_BIT_MSG: u32 = 36;
pub global SHARE_ENCRYPTION_BIT_R1: u32 = 35;
pub global SHARE_ENCRYPTION_BIT_R2: u32 = 50;
pub global SHARE_ENCRYPTION_BIT_P1: u32 = 9;
pub global SHARE_ENCRYPTION_BIT_P2: u32 = 50;

pub global SHARE_ENCRYPTION_T: Field = 68719403009;
pub global SHARE_ENCRYPTION_Q_MOD_T: Field = 2415755265;
pub global SHARE_ENCRYPTION_K0IS: [Field; L] = [1284838520228573];
Expand All @@ -101,7 +100,6 @@ pub global SHARE_ENCRYPTION_P1_BOUNDS: [Field; L] = [256];
pub global SHARE_ENCRYPTION_P2_BOUNDS: [Field; L] = [1125899906777088];
pub global SHARE_ENCRYPTION_MSG_BOUND: Field = 68719403008;

// share_encryption_sk - configs
pub global SHARE_ENCRYPTION_CONFIGS_SK: ShareEncryptionConfigs<L> = ShareEncryptionConfigs::new(
SHARE_ENCRYPTION_T,
SHARE_ENCRYPTION_Q_MOD_T,
Expand All @@ -119,14 +117,7 @@ pub global SHARE_ENCRYPTION_CONFIGS_SK: ShareEncryptionConfigs<L> = ShareEncrypt
SHARE_ENCRYPTION_MSG_BOUND,
);

/************************************
-------------------------------------
share_encryption_e_sm (CIRCUIT 3b)
-------------------------------------
************************************/

// share_encryption_e_sm uses the same bit parameters and bounds as share_encryption_sk
pub global SHARE_ENCRYPTION_CONFIGS_E_SM: ShareEncryptionConfigs<L> = ShareEncryptionConfigs::new(
pub global SHARE_ENCRYPTION_CONFIGS: ShareEncryptionConfigs<L> = ShareEncryptionConfigs::new(
SHARE_ENCRYPTION_T,
SHARE_ENCRYPTION_Q_MOD_T,
QIS,
Expand Down
53 changes: 14 additions & 39 deletions circuits/lib/src/configs/secure/dkg.nr
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,22 +83,21 @@ pub global SHARE_COMPUTATION_E_SM_CONFIGS: ShareComputationConfigs<L_THRESHOLD>
/************************************
-------------------------------------
share_encryption_sk (CIRCUIT 3a)
share_encryption_e_sm (CIRCUIT 3b)
-------------------------------------
************************************/

// share_encryption_sk - bit parameters
pub global SHARE_ENCRYPTION_BIT_PK: u32 = 57;
pub global SHARE_ENCRYPTION_BIT_CT: u32 = 57;
pub global SHARE_ENCRYPTION_BIT_U: u32 = 2;
pub global SHARE_ENCRYPTION_BIT_E0: u32 = 6;
pub global SHARE_ENCRYPTION_BIT_E1: u32 = 6;
pub global SHARE_ENCRYPTION_BIT_MSG: u32 = 55;
pub global SHARE_ENCRYPTION_BIT_R1: u32 = 54;
pub global SHARE_ENCRYPTION_BIT_R2: u32 = 57;
pub global SHARE_ENCRYPTION_BIT_P1: u32 = 14;
pub global SHARE_ENCRYPTION_BIT_P2: u32 = 57;

// share_encryption_sk - bounds
pub global SHARE_ENCRYPTION_BIT_PK: u32 = 56;
pub global SHARE_ENCRYPTION_BIT_CT: u32 = 56;
pub global SHARE_ENCRYPTION_BIT_U: u32 = 1;
pub global SHARE_ENCRYPTION_BIT_E0: u32 = 5;
pub global SHARE_ENCRYPTION_BIT_E1: u32 = 5;
pub global SHARE_ENCRYPTION_BIT_MSG: u32 = 54;
pub global SHARE_ENCRYPTION_BIT_R1: u32 = 53;
pub global SHARE_ENCRYPTION_BIT_R2: u32 = 56;
pub global SHARE_ENCRYPTION_BIT_P1: u32 = 13;
pub global SHARE_ENCRYPTION_BIT_P2: u32 = 56;

pub global SHARE_ENCRYPTION_T: Field = 18014398509481984;
pub global SHARE_ENCRYPTION_Q_MOD_T: Field = 1082658244788225;
pub global SHARE_ENCRYPTION_K0IS: [Field; L] = [70854796903366627, 47439047573780733];
Expand All @@ -113,32 +112,8 @@ pub global SHARE_ENCRYPTION_P1_BOUNDS: [Field; L] = [4096, 4096];
pub global SHARE_ENCRYPTION_P2_BOUNDS: [Field; L] = [36028797041049600, 36028797031219200];
pub global SHARE_ENCRYPTION_MSG_BOUND: Field = 18014398509481983;

// share_encryption_sk - configs
pub global SHARE_ENCRYPTION_CONFIGS_SK: ShareEncryptionConfigs<L> = ShareEncryptionConfigs::new(
SHARE_ENCRYPTION_T,
SHARE_ENCRYPTION_Q_MOD_T,
QIS,
SHARE_ENCRYPTION_K0IS,
SHARE_ENCRYPTION_PK_BOUNDS,
SHARE_ENCRYPTION_E0_BOUND,
SHARE_ENCRYPTION_E1_BOUND,
SHARE_ENCRYPTION_U_BOUND,
SHARE_ENCRYPTION_R1_LOW_BOUNDS,
SHARE_ENCRYPTION_R1_UP_BOUNDS,
SHARE_ENCRYPTION_R2_BOUNDS,
SHARE_ENCRYPTION_P1_BOUNDS,
SHARE_ENCRYPTION_P2_BOUNDS,
SHARE_ENCRYPTION_MSG_BOUND,
);

/************************************
-------------------------------------
share_encryption_e_sm (CIRCUIT 3b)
-------------------------------------
************************************/

// share_encryption_e_sm uses the same bit parameters and bounds as SK
pub global SHARE_ENCRYPTION_CONFIGS_E_SM: ShareEncryptionConfigs<L> = ShareEncryptionConfigs::new(
// share_encryption_e_sm uses the same bit parameters and bounds as share_encryption_sk
pub global SHARE_ENCRYPTION_CONFIGS: ShareEncryptionConfigs<L> = ShareEncryptionConfigs::new(
SHARE_ENCRYPTION_T,
SHARE_ENCRYPTION_Q_MOD_T,
QIS,
Expand Down
33 changes: 32 additions & 1 deletion crates/zk-helpers/src/bin/zk_cli.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,9 @@ use e3_zk_helpers::circuits::dkg::share_computation::circuit::{
};
use e3_zk_helpers::codegen::{write_artifacts, CircuitCodegen};
use e3_zk_helpers::computation::DkgInputType;
use e3_zk_helpers::dkg::share_encryption::{
ShareEncryptionCircuit, ShareEncryptionCircuitInput, ShareEncryptionSample,
};
use e3_zk_helpers::registry::{Circuit, CircuitRegistry};
use e3_zk_helpers::threshold::{
UserDataEncryptionCircuit, UserDataEncryptionCircuitInput, UserDataEncryptionSample,
Expand Down Expand Up @@ -153,6 +156,7 @@ fn main() -> Result<()> {
registry.register(Arc::new(PkCircuit));
registry.register(Arc::new(ShareComputationCircuit));
registry.register(Arc::new(UserDataEncryptionCircuit));
registry.register(Arc::new(ShareEncryptionCircuit));

// Handle list circuits flag.
if args.list_circuits {
Expand Down Expand Up @@ -201,7 +205,8 @@ fn main() -> Result<()> {

let write_prover_toml = args.toml;
// Only share-computation has a witness-type choice (secret-key vs smudging-noise). pk always uses secret key.
let has_witness_type = circuit_meta.name() == ShareComputationCircuit::NAME;
let has_witness_type = circuit_meta.name() == ShareComputationCircuit::NAME
|| circuit_meta.name() == ShareEncryptionCircuit::NAME;

let dkg_input_type = if has_witness_type {
// Share-computation: require --witness when generating Prover.toml; default secret-key for configs-only.
Expand Down Expand Up @@ -273,6 +278,32 @@ fn main() -> Result<()> {
},
)?
}
name if name == <ShareEncryptionCircuit as Circuit>::NAME => {
let sd = preset
.search_defaults()
.ok_or_else(|| anyhow!("missing search_defaults for preset"))?;
let sample = ShareEncryptionSample::generate(
preset,
CiphernodesCommitteeSize::Small,
dkg_input_type,
sd.z,
sd.lambda,
);
let circuit = ShareEncryptionCircuit;

circuit.codegen(
preset,
&ShareEncryptionCircuitInput {
plaintext: sample.plaintext,
ciphertext: sample.ciphertext,
public_key: sample.public_key,
secret_key: sample.secret_key,
u_rns: sample.u_rns,
e0_rns: sample.e0_rns,
e1_rns: sample.e1_rns,
},
)?
}
name if name == <UserDataEncryptionCircuit as Circuit>::NAME => {
let sample = UserDataEncryptionSample::generate(preset);
let circuit = UserDataEncryptionCircuit;
Expand Down
1 change: 1 addition & 0 deletions crates/zk-helpers/src/circuits/dkg/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,4 @@

pub mod pk;
pub mod share_computation;
pub mod share_encryption;
30 changes: 21 additions & 9 deletions crates/zk-helpers/src/circuits/dkg/pk/codegen.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,18 +76,20 @@ mod tests {
use crate::prepare_pk_sample_for_test;
use crate::utils::compute_pk_bit;

use e3_fhe_params::{build_pair_for_preset, DEFAULT_BFV_PRESET};
use e3_fhe_params::{build_pair_for_preset, BfvPreset};
use tempfile::TempDir;

#[test]
fn test_toml_generation_and_structure() {
let (_, dkg_params) = build_pair_for_preset(DEFAULT_BFV_PRESET).unwrap();
let sample =
prepare_pk_sample_for_test(DEFAULT_BFV_PRESET, CiphernodesCommitteeSize::Small);
let (_, dkg_params) = build_pair_for_preset(BfvPreset::InsecureThreshold512).unwrap();
let sample = prepare_pk_sample_for_test(
BfvPreset::InsecureThreshold512,
CiphernodesCommitteeSize::Small,
);

let artifacts = PkCircuit
.codegen(
DEFAULT_BFV_PRESET,
BfvPreset::InsecureThreshold512,
&PkCircuitInput {
public_key: sample.dkg_public_key,
},
Expand Down Expand Up @@ -130,10 +132,20 @@ mod tests {
let configs_content = std::fs::read_to_string(&configs_path).unwrap();
let pk_bit = compute_pk_bit(&dkg_params);

assert!(configs_content
.contains(format!("N: u32 = {}", DEFAULT_BFV_PRESET.metadata().degree).as_str()));
assert!(configs_content
.contains(format!("L: u32 = {}", DEFAULT_BFV_PRESET.metadata().num_moduli).as_str()));
assert!(configs_content.contains(
format!(
"N: u32 = {}",
BfvPreset::InsecureThreshold512.metadata().degree
)
.as_str()
));
assert!(configs_content.contains(
format!(
"L: u32 = {}",
BfvPreset::InsecureThreshold512.metadata().num_moduli
)
.as_str()
));
assert!(configs_content.contains(
format!(
"{}_BIT_PK: u32 = {}",
Expand Down
10 changes: 5 additions & 5 deletions crates/zk-helpers/src/circuits/dkg/pk/computation.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,14 +188,14 @@ impl Computation for Witness {
mod tests {
use super::*;

use e3_fhe_params::DEFAULT_BFV_PRESET;
use e3_fhe_params::BfvPreset;

#[test]
fn test_bound_and_bits_computation_consistency() {
let (_, dkg_params) = build_pair_for_preset(DEFAULT_BFV_PRESET).unwrap();
let (_, dkg_params) = build_pair_for_preset(BfvPreset::InsecureThreshold512).unwrap();

let bounds = Bounds::compute(DEFAULT_BFV_PRESET, &()).unwrap();
let bits = Bits::compute(DEFAULT_BFV_PRESET, &()).unwrap();
let bounds = Bounds::compute(BfvPreset::InsecureThreshold512, &()).unwrap();
let bits = Bits::compute(BfvPreset::InsecureThreshold512, &()).unwrap();
let expected_bits = compute_pk_bit(&dkg_params);

assert_eq!(bounds.pk_bound, BigUint::from(1125899906777088u128));
Expand All @@ -204,7 +204,7 @@ mod tests {

#[test]
fn test_constants_json_roundtrip() {
let constants = Configs::compute(DEFAULT_BFV_PRESET, &()).unwrap();
let constants = Configs::compute(BfvPreset::InsecureThreshold512, &()).unwrap();

let json = constants.to_json().unwrap();
let decoded: Configs = serde_json::from_value(json).unwrap();
Expand Down
16 changes: 10 additions & 6 deletions crates/zk-helpers/src/circuits/dkg/share_computation/codegen.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,7 +197,6 @@ mod tests {
use crate::Circuit;
use crate::{prepare_share_computation_sample_for_test, ShareComputationSample};
use e3_fhe_params::BfvPreset;
use e3_fhe_params::DEFAULT_BFV_PRESET;
use tempfile::TempDir;

fn share_computation_input_from_sample(
Expand Down Expand Up @@ -225,7 +224,7 @@ mod tests {
let input = share_computation_input_from_sample(&sample, DkgInputType::SecretKey);

let artifacts = ShareComputationCircuit
.codegen(DEFAULT_BFV_PRESET, &input)
.codegen(BfvPreset::InsecureThreshold512, &input)
.unwrap();

let parsed: toml::Value = artifacts.toml.parse().unwrap();
Expand Down Expand Up @@ -258,12 +257,17 @@ mod tests {
assert!(configs_path.exists());

let configs_content = std::fs::read_to_string(&configs_path).unwrap();
let bounds = Bounds::compute(DEFAULT_BFV_PRESET, &input).unwrap();
let bits = Bits::compute(DEFAULT_BFV_PRESET, &bounds).unwrap();
let bounds = Bounds::compute(BfvPreset::InsecureThreshold512, &input).unwrap();
let bits = Bits::compute(BfvPreset::InsecureThreshold512, &bounds).unwrap();
let prefix = <ShareComputationCircuit as Circuit>::PREFIX;

assert!(configs_content
.contains(format!("N: u32 = {}", DEFAULT_BFV_PRESET.metadata().degree).as_str()));
assert!(configs_content.contains(
format!(
"N: u32 = {}",
BfvPreset::InsecureThreshold512.metadata().degree
)
.as_str()
));
assert!(configs_content
.contains(format!("{}_BIT_SHARE: u32 = {}", prefix, bits.bit_share).as_str()));
assert!(configs_content
Expand Down
9 changes: 4 additions & 5 deletions crates/zk-helpers/src/circuits/dkg/share_computation/computation.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -269,7 +269,6 @@ mod tests {
use crate::dkg::share_computation::ShareComputationCircuitInput;
use crate::{prepare_share_computation_sample_for_test, ShareComputationSample};
use e3_fhe_params::BfvPreset;
use e3_fhe_params::DEFAULT_BFV_PRESET;

fn share_computation_input_from_sample(
sample: &ShareComputationSample,
Expand All @@ -294,8 +293,8 @@ mod tests {
);

let input = share_computation_input_from_sample(&sample, DkgInputType::SecretKey);
let bounds = Bounds::compute(DEFAULT_BFV_PRESET, &input).unwrap();
let bits = Bits::compute(DEFAULT_BFV_PRESET, &bounds).unwrap();
let bounds = Bounds::compute(BfvPreset::InsecureThreshold512, &input).unwrap();
let bits = Bits::compute(BfvPreset::InsecureThreshold512, &bounds).unwrap();
let expected_sk_bits = calculate_bit_width(BigInt::from(bounds.sk_bound.clone()));

assert_eq!(bits.bit_sk_secret, expected_sk_bits);
Expand All @@ -310,7 +309,7 @@ mod tests {
);

let input = share_computation_input_from_sample(&sample, DkgInputType::SmudgingNoise);
let witness = Witness::compute(DEFAULT_BFV_PRESET, &input).unwrap();
let witness = Witness::compute(BfvPreset::InsecureThreshold512, &input).unwrap();
let degree = witness.secret_crt.limb(0).coefficients().len();
let num_moduli = witness.secret_crt.limbs.len();
for coeff_idx in 0..degree {
Expand All @@ -335,7 +334,7 @@ mod tests {
);

let input = share_computation_input_from_sample(&sample, DkgInputType::SecretKey);
let constants = Configs::compute(DEFAULT_BFV_PRESET, &input).unwrap();
let constants = Configs::compute(BfvPreset::InsecureThreshold512, &input).unwrap();

let json = constants.to_json().unwrap();
let decoded: Configs = serde_json::from_value(json).unwrap();
Expand Down
Loading