From c24c923af3acb64ceaafa322ce97d8af4b052405 Mon Sep 17 00:00:00 2001 From: 0xjei Date: Tue, 10 Feb 2026 14:55:36 +0100 Subject: [PATCH 1/6] update circuits dkg and tr configs --- circuits/lib/src/configs/insecure/dkg.nr | 100 +++++++----------- .../lib/src/configs/insecure/threshold.nr | 35 +++--- circuits/lib/src/configs/secure/dkg.nr | 88 +++++++-------- circuits/lib/src/configs/secure/threshold.nr | 68 ++++++------ .../zk-helpers/src/circuits/dkg/pk/codegen.rs | 7 +- .../decrypted_shares_aggregation/codegen.rs | 10 +- .../threshold/pk_aggregation/codegen.rs | 2 +- .../threshold/share_decryption/codegen.rs | 2 +- 8 files changed, 138 insertions(+), 174 deletions(-) diff --git a/circuits/lib/src/configs/insecure/dkg.nr b/circuits/lib/src/configs/insecure/dkg.nr index 5f7440a104..a3aec22e08 100644 --- a/circuits/lib/src/configs/insecure/dkg.nr +++ b/circuits/lib/src/configs/insecure/dkg.nr @@ -12,10 +12,7 @@ use crate::core::dkg::share_encryption::Configs as ShareEncryptionConfigs; // Global configs for DKG insecure preset pub global N: u32 = 512; pub global L: u32 = 1; -pub global PLAINTEXT_MODULUS: Field = 68719403009; pub global QIS: [Field; L] = [2251799813554177]; -pub global Q_MOD_T: Field = 1082658244788225; -pub global Q_INVERSE_MOD_T: Field = 39210117854; /************************************ ------------------------------------- @@ -26,8 +23,6 @@ pk (CIRCUIT 0) // pk - bit parameters pub global PK_BIT_PK: u32 = 50; -/// Parity check matrix for each modulus. -/// PARITY_MATRIX[modulus_idx][row][col] where size is [L][N_PARTIES-T][N_PARTIES+1] pub global PARITY_MATRIX: [[[Field; N_PARTIES + 1]; N_PARTIES - T]; L_THRESHOLD] = [ [ [68719403008, 3, 68719403006, 1, 0, 0], @@ -75,63 +70,46 @@ share_encryption_e_sm (CIRCUIT 3b) ------------------------------------- ************************************/ -pub global SHARE_ENCRYPTION_BIT_PK: u32 = 50; -pub global SHARE_ENCRYPTION_BIT_CT: u32 = 50; -pub global SHARE_ENCRYPTION_BIT_U: u32 = 1; -pub global SHARE_ENCRYPTION_BIT_E0: u32 = 3; -pub global SHARE_ENCRYPTION_BIT_E1: u32 = 3; -pub global SHARE_ENCRYPTION_BIT_MSG: u32 = 36; -pub global SHARE_ENCRYPTION_BIT_R1: u32 = 35; -pub global SHARE_ENCRYPTION_BIT_R2: u32 = 50; -pub global SHARE_ENCRYPTION_BIT_P1: u32 = 9; -pub global SHARE_ENCRYPTION_BIT_P2: u32 = 50; - -pub global SHARE_ENCRYPTION_T: Field = 68719403009; -pub global SHARE_ENCRYPTION_Q_MOD_T: Field = 2415755265; -pub global SHARE_ENCRYPTION_K0IS: [Field; L] = [1284838520228573]; -pub global SHARE_ENCRYPTION_PK_BOUNDS: [Field; L] = [1125899906777088]; -pub global SHARE_ENCRYPTION_E0_BOUND: Field = 6; -pub global SHARE_ENCRYPTION_E1_BOUND: Field = 6; -pub global SHARE_ENCRYPTION_U_BOUND: Field = 1; -pub global SHARE_ENCRYPTION_R1_LOW_BOUNDS: [Field; L] = [19605059183]; -pub global SHARE_ENCRYPTION_R1_UP_BOUNDS: [Field; L] = [19605059183]; -pub global SHARE_ENCRYPTION_R2_BOUNDS: [Field; L] = [1125899906777088]; -pub global SHARE_ENCRYPTION_P1_BOUNDS: [Field; L] = [256]; -pub global SHARE_ENCRYPTION_P2_BOUNDS: [Field; L] = [1125899906777088]; -pub global SHARE_ENCRYPTION_MSG_BOUND: Field = 68719403008; - -pub global SHARE_ENCRYPTION_CONFIGS_SK: ShareEncryptionConfigs = ShareEncryptionConfigs::new( - SHARE_ENCRYPTION_T, - SHARE_ENCRYPTION_Q_MOD_T, +pub global DKG_SHARE_ENCRYPTION_BIT_PK: u32 = 50; +pub global DKG_SHARE_ENCRYPTION_BIT_CT: u32 = 50; +pub global DKG_SHARE_ENCRYPTION_BIT_U: u32 = 1; +pub global DKG_SHARE_ENCRYPTION_BIT_E0: u32 = 3; +pub global DKG_SHARE_ENCRYPTION_BIT_E1: u32 = 3; +pub global DKG_SHARE_ENCRYPTION_BIT_MSG: u32 = 36; +pub global DKG_SHARE_ENCRYPTION_BIT_R1: u32 = 35; +pub global DKG_SHARE_ENCRYPTION_BIT_R2: u32 = 50; +pub global DKG_SHARE_ENCRYPTION_BIT_P1: u32 = 9; +pub global DKG_SHARE_ENCRYPTION_BIT_P2: u32 = 50; + +pub global DKG_SHARE_ENCRYPTION_T: Field = 68719403009; +pub global DKG_SHARE_ENCRYPTION_Q_MOD_T: Field = 2415755265; +pub global DKG_SHARE_ENCRYPTION_K0IS: [Field; L] = [1284838520228573]; +pub global DKG_SHARE_ENCRYPTION_PK_BOUNDS: [Field; L] = [1125899906777088]; +pub global DKG_SHARE_ENCRYPTION_E0_BOUND: Field = 6; +pub global DKG_SHARE_ENCRYPTION_E1_BOUND: Field = 6; +pub global DKG_SHARE_ENCRYPTION_U_BOUND: Field = 1; +pub global DKG_SHARE_ENCRYPTION_R1_LOW_BOUNDS: [Field; L] = [19605059183]; +pub global DKG_SHARE_ENCRYPTION_R1_UP_BOUNDS: [Field; L] = [19605059183]; +pub global DKG_SHARE_ENCRYPTION_R2_BOUNDS: [Field; L] = [1125899906777088]; +pub global DKG_SHARE_ENCRYPTION_P1_BOUNDS: [Field; L] = [256]; +pub global DKG_SHARE_ENCRYPTION_P2_BOUNDS: [Field; L] = [1125899906777088]; +pub global DKG_SHARE_ENCRYPTION_MSG_BOUND: Field = 68719403008; + +pub global DKG_SHARE_ENCRYPTION_CONFIGS: ShareEncryptionConfigs = ShareEncryptionConfigs::new( + DKG_SHARE_ENCRYPTION_T, + DKG_SHARE_ENCRYPTION_Q_MOD_T, QIS, - SHARE_ENCRYPTION_K0IS, - SHARE_ENCRYPTION_PK_BOUNDS, - SHARE_ENCRYPTION_E0_BOUND, - SHARE_ENCRYPTION_E1_BOUND, - SHARE_ENCRYPTION_U_BOUND, - SHARE_ENCRYPTION_R1_LOW_BOUNDS, - SHARE_ENCRYPTION_R1_UP_BOUNDS, - SHARE_ENCRYPTION_R2_BOUNDS, - SHARE_ENCRYPTION_P1_BOUNDS, - SHARE_ENCRYPTION_P2_BOUNDS, - SHARE_ENCRYPTION_MSG_BOUND, -); - -pub global SHARE_ENCRYPTION_CONFIGS: ShareEncryptionConfigs = ShareEncryptionConfigs::new( - SHARE_ENCRYPTION_T, - SHARE_ENCRYPTION_Q_MOD_T, - QIS, - SHARE_ENCRYPTION_K0IS, - SHARE_ENCRYPTION_PK_BOUNDS, - SHARE_ENCRYPTION_E0_BOUND, - SHARE_ENCRYPTION_E1_BOUND, - SHARE_ENCRYPTION_U_BOUND, - SHARE_ENCRYPTION_R1_LOW_BOUNDS, - SHARE_ENCRYPTION_R1_UP_BOUNDS, - SHARE_ENCRYPTION_R2_BOUNDS, - SHARE_ENCRYPTION_P1_BOUNDS, - SHARE_ENCRYPTION_P2_BOUNDS, - SHARE_ENCRYPTION_MSG_BOUND, + DKG_SHARE_ENCRYPTION_K0IS, + DKG_SHARE_ENCRYPTION_PK_BOUNDS, + DKG_SHARE_ENCRYPTION_E0_BOUND, + DKG_SHARE_ENCRYPTION_E1_BOUND, + DKG_SHARE_ENCRYPTION_U_BOUND, + DKG_SHARE_ENCRYPTION_R1_LOW_BOUNDS, + DKG_SHARE_ENCRYPTION_R1_UP_BOUNDS, + DKG_SHARE_ENCRYPTION_R2_BOUNDS, + DKG_SHARE_ENCRYPTION_P1_BOUNDS, + DKG_SHARE_ENCRYPTION_P2_BOUNDS, + DKG_SHARE_ENCRYPTION_MSG_BOUND, ); /************************************ diff --git a/circuits/lib/src/configs/insecure/threshold.nr b/circuits/lib/src/configs/insecure/threshold.nr index 32994a4b16..5f77691d70 100644 --- a/circuits/lib/src/configs/insecure/threshold.nr +++ b/circuits/lib/src/configs/insecure/threshold.nr @@ -13,15 +13,13 @@ use crate::core::threshold::user_data_encryption::Configs as UserDataEncryptionC // Global configs for threshold insecure preset pub global N: u32 = 512; pub global L: u32 = 2; +pub global QIS: [Field; L] = [68719403009, 68719230977]; pub global PLAINTEXT_MODULUS: Field = 100; pub global Q_INVERSE_MOD_T: Field = 57; -pub global QIS: [Field; L] = [68719403009, 68719230977]; -pub global Q_MOD_T: Field = 3; -pub global T_INV_MOD_Q: Field = 1416703358393105942938; /************************************ ------------------------------------- -pk_generation (CIRCUIT 1) +pk_generation (CIRCUIT 1 - PUBLIC KEY THRESHOLD BFV) ------------------------------------- ************************************/ @@ -59,7 +57,7 @@ pub global PK_AGGREGATION_CONFIGS: PkAggregationConfigs = PkAggregationConfig /************************************ ------------------------------------- -user_data_encryption (CIRCUIT 6) +user_data_encryption (USED FOR DATA ENCRYPTION) ------------------------------------- ************************************/ @@ -108,22 +106,25 @@ pub global USER_DATA_ENCRYPTION_CONFIGS: UserDataEncryptionConfigs = UserD /************************************ ------------------------------------- -share_decryption +share_decryption (CIRCUIT 6 - THRESHOLD BFV SHARE DECRYPTION) ------------------------------------- ************************************/ -pub global SHARE_DECRYPTION_BIT_CT: u32 = 35; -pub global SHARE_DECRYPTION_BIT_SK: u32 = 35; -pub global SHARE_DECRYPTION_BIT_E_SM: u32 = 35; -pub global SHARE_DECRYPTION_BIT_R1: u32 = 43; -pub global SHARE_DECRYPTION_BIT_R2: u32 = 35; -pub global SHARE_DECRYPTION_BIT_D: u32 = 35; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_CT: u32 = 35; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_SK: u32 = 35; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_E_SM: u32 = 35; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_R1: u32 = 43; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_R2: u32 = 35; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_D: u32 = 35; -pub global SHARE_DECRYPTION_R1_BOUNDS: [Field; L] = [8796083584897, 8796061564801]; -pub global SHARE_DECRYPTION_R2_BOUNDS: [Field; L] = [34359701504, 34359615488]; +pub global THRESHOLD_SHARE_DECRYPTION_R1_BOUNDS: [Field; L] = [8796083584897, 8796061564801]; +pub global THRESHOLD_SHARE_DECRYPTION_R2_BOUNDS: [Field; L] = [34359701504, 34359615488]; -pub global SHARE_DECRYPTION_CONFIGS: ShareDecryptionConfigs = - ShareDecryptionConfigs::new(QIS, SHARE_DECRYPTION_R1_BOUNDS, SHARE_DECRYPTION_R2_BOUNDS); +pub global THRESHOLD_SHARE_DECRYPTION_CONFIGS: ShareDecryptionConfigs = ShareDecryptionConfigs::new( + QIS, + THRESHOLD_SHARE_DECRYPTION_R1_BOUNDS, + THRESHOLD_SHARE_DECRYPTION_R2_BOUNDS, +); /************************************ ------------------------------------- @@ -131,9 +132,7 @@ decrypted_shares_aggregation (CIRCUIT 7) ------------------------------------- ************************************/ -// decrypted_shares_aggregation - bit parameters pub global DECRYPTED_SHARES_AGGREGATION_BIT_NOISE: u32 = 65; -// decrypted_shares_aggregation - configs pub global DECRYPTED_SHARES_AGGREGATION_CONFIGS: DecryptedSharesAggregationConfigs = DecryptedSharesAggregationConfigs::new(QIS, PLAINTEXT_MODULUS, Q_INVERSE_MOD_T); diff --git a/circuits/lib/src/configs/secure/dkg.nr b/circuits/lib/src/configs/secure/dkg.nr index 3cb36ed46a..e2edcd8421 100644 --- a/circuits/lib/src/configs/secure/dkg.nr +++ b/circuits/lib/src/configs/secure/dkg.nr @@ -12,11 +12,7 @@ use crate::core::dkg::share_encryption::Configs as ShareEncryptionConfigs; // Global configs for DKG secure preset pub global N: u32 = 8192; pub global L: u32 = 2; -pub global PLAINTEXT_MODULUS: Field = 18014398509481984; pub global QIS: [Field; L] = [72057594082099201, 72057594062438401]; -pub global Q_MOD_T: Field = 1082658244788225; -pub global Q_INVERSE_MOD_T: Field = 3634521516277761; -pub global T_INVERSE_MOD_Q: Field = 4144717358717138174408418870545186; /************************************ ------------------------------------- @@ -26,10 +22,8 @@ pk (CIRCUIT 0) // pk - bit parameters -pub global PK_BIT_PK: u32 = 58; +pub global PK_BIT_PK: u32 = 56; -/// Parity check matrix for each modulus. -/// PARITY_MATRIX[modulus_idx][row][col] where size is [L][N_PARTIES-T][N_PARTIES+1] pub global PARITY_MATRIX: [[[Field; N_PARTIES + 1]; N_PARTIES - T]; L_THRESHOLD] = [ [ [2251799822204928, 3, 2251799822204926, 1, 0, 0], @@ -52,7 +46,6 @@ pub global PARITY_MATRIX: [[[Field; N_PARTIES + 1]; N_PARTIES - T]; L_THRESHOLD] [4503599634579451, 15, 4503599634579447, 0, 0, 1], ], ]; - /************************************ ------------------------------------- share_computation_sk (CIRCUIT 2a) @@ -87,47 +80,46 @@ share_encryption_e_sm (CIRCUIT 3b) ------------------------------------- ************************************/ -pub global SHARE_ENCRYPTION_BIT_PK: u32 = 56; -pub global SHARE_ENCRYPTION_BIT_CT: u32 = 56; -pub global SHARE_ENCRYPTION_BIT_U: u32 = 1; -pub global SHARE_ENCRYPTION_BIT_E0: u32 = 5; -pub global SHARE_ENCRYPTION_BIT_E1: u32 = 5; -pub global SHARE_ENCRYPTION_BIT_MSG: u32 = 54; -pub global SHARE_ENCRYPTION_BIT_R1: u32 = 53; -pub global SHARE_ENCRYPTION_BIT_R2: u32 = 56; -pub global SHARE_ENCRYPTION_BIT_P1: u32 = 13; -pub global SHARE_ENCRYPTION_BIT_P2: u32 = 56; - -pub global SHARE_ENCRYPTION_T: Field = 18014398509481984; -pub global SHARE_ENCRYPTION_Q_MOD_T: Field = 1082658244788225; -pub global SHARE_ENCRYPTION_K0IS: [Field; L] = [70854796903366627, 47439047573780733]; -pub global SHARE_ENCRYPTION_PK_BOUNDS: [Field; L] = [36028797041049600, 36028797031219200]; -pub global SHARE_ENCRYPTION_E0_BOUND: Field = 20; -pub global SHARE_ENCRYPTION_E1_BOUND: Field = 20; -pub global SHARE_ENCRYPTION_U_BOUND: Field = 1; -pub global SHARE_ENCRYPTION_R1_LOW_BOUNDS: [Field; L] = [8856849607495681, 5929880944709633]; -pub global SHARE_ENCRYPTION_R1_UP_BOUNDS: [Field; L] = [8856849607495680, 5929880944709632]; -pub global SHARE_ENCRYPTION_R2_BOUNDS: [Field; L] = [36028797041049600, 36028797031219200]; -pub global SHARE_ENCRYPTION_P1_BOUNDS: [Field; L] = [4096, 4096]; -pub global SHARE_ENCRYPTION_P2_BOUNDS: [Field; L] = [36028797041049600, 36028797031219200]; -pub global SHARE_ENCRYPTION_MSG_BOUND: Field = 18014398509481983; - -// share_encryption_e_sm uses the same bit parameters and bounds as share_encryption_sk -pub global SHARE_ENCRYPTION_CONFIGS: ShareEncryptionConfigs = ShareEncryptionConfigs::new( - SHARE_ENCRYPTION_T, - SHARE_ENCRYPTION_Q_MOD_T, +pub global DKG_SHARE_ENCRYPTION_BIT_PK: u32 = 56; +pub global DKG_SHARE_ENCRYPTION_BIT_CT: u32 = 56; +pub global DKG_SHARE_ENCRYPTION_BIT_U: u32 = 1; +pub global DKG_SHARE_ENCRYPTION_BIT_E0: u32 = 5; +pub global DKG_SHARE_ENCRYPTION_BIT_E1: u32 = 5; +pub global DKG_SHARE_ENCRYPTION_BIT_MSG: u32 = 54; +pub global DKG_SHARE_ENCRYPTION_BIT_R1: u32 = 53; +pub global DKG_SHARE_ENCRYPTION_BIT_R2: u32 = 56; +pub global DKG_SHARE_ENCRYPTION_BIT_P1: u32 = 13; +pub global DKG_SHARE_ENCRYPTION_BIT_P2: u32 = 56; + +pub global DKG_SHARE_ENCRYPTION_T: Field = 18014398509481984; +pub global DKG_SHARE_ENCRYPTION_Q_MOD_T: Field = 1082658244788225; +pub global DKG_SHARE_ENCRYPTION_K0IS: [Field; L] = [70854796903366627, 47439047573780733]; +pub global DKG_SHARE_ENCRYPTION_PK_BOUNDS: [Field; L] = [36028797041049600, 36028797031219200]; +pub global DKG_SHARE_ENCRYPTION_E0_BOUND: Field = 20; +pub global DKG_SHARE_ENCRYPTION_E1_BOUND: Field = 20; +pub global DKG_SHARE_ENCRYPTION_U_BOUND: Field = 1; +pub global DKG_SHARE_ENCRYPTION_R1_LOW_BOUNDS: [Field; L] = [8856849607495681, 5929880944709633]; +pub global DKG_SHARE_ENCRYPTION_R1_UP_BOUNDS: [Field; L] = [8856849607495680, 5929880944709632]; +pub global DKG_SHARE_ENCRYPTION_R2_BOUNDS: [Field; L] = [36028797041049600, 36028797031219200]; +pub global DKG_SHARE_ENCRYPTION_P1_BOUNDS: [Field; L] = [4096, 4096]; +pub global DKG_SHARE_ENCRYPTION_P2_BOUNDS: [Field; L] = [36028797041049600, 36028797031219200]; +pub global DKG_SHARE_ENCRYPTION_MSG_BOUND: Field = 18014398509481983; + +pub global DKG_SHARE_ENCRYPTION_CONFIGS: ShareEncryptionConfigs = ShareEncryptionConfigs::new( + DKG_SHARE_ENCRYPTION_T, + DKG_SHARE_ENCRYPTION_Q_MOD_T, QIS, - SHARE_ENCRYPTION_K0IS, - SHARE_ENCRYPTION_PK_BOUNDS, - SHARE_ENCRYPTION_E0_BOUND, - SHARE_ENCRYPTION_E1_BOUND, - SHARE_ENCRYPTION_U_BOUND, - SHARE_ENCRYPTION_R1_LOW_BOUNDS, - SHARE_ENCRYPTION_R1_UP_BOUNDS, - SHARE_ENCRYPTION_R2_BOUNDS, - SHARE_ENCRYPTION_P1_BOUNDS, - SHARE_ENCRYPTION_P2_BOUNDS, - SHARE_ENCRYPTION_MSG_BOUND, + DKG_SHARE_ENCRYPTION_K0IS, + DKG_SHARE_ENCRYPTION_PK_BOUNDS, + DKG_SHARE_ENCRYPTION_E0_BOUND, + DKG_SHARE_ENCRYPTION_E1_BOUND, + DKG_SHARE_ENCRYPTION_U_BOUND, + DKG_SHARE_ENCRYPTION_R1_LOW_BOUNDS, + DKG_SHARE_ENCRYPTION_R1_UP_BOUNDS, + DKG_SHARE_ENCRYPTION_R2_BOUNDS, + DKG_SHARE_ENCRYPTION_P1_BOUNDS, + DKG_SHARE_ENCRYPTION_P2_BOUNDS, + DKG_SHARE_ENCRYPTION_MSG_BOUND, ); /************************************ diff --git a/circuits/lib/src/configs/secure/threshold.nr b/circuits/lib/src/configs/secure/threshold.nr index b0bc41df5d..dc02e7728d 100644 --- a/circuits/lib/src/configs/secure/threshold.nr +++ b/circuits/lib/src/configs/secure/threshold.nr @@ -13,18 +13,14 @@ use crate::core::threshold::user_data_encryption::Configs as UserDataEncryptionC // Global configs for threshold secure preset pub global N: u32 = 8192; pub global L: u32 = 4; -pub global PLAINTEXT_MODULUS: Field = 100; pub global QIS: [Field; L] = [2251799822204929, 4503599627763713, 4503599631433729, 4503599634579457]; -pub global Q_MOD_T_MOD_P: Field = - 21888242871839275222246405745257275088548364400416034343698204186575808495598; -pub global Q_MOD_T: Field = 81; +pub global PLAINTEXT_MODULUS: Field = 100; pub global Q_INVERSE_MOD_T: Field = 21; -pub global T_INV_MOD_Q: Field = 162493576071160894262400971579825215135378801169890023914222388; /************************************ ------------------------------------- -pk_generation (CIRCUIT 1) +pk_generation (CIRCUIT 1 - PUBLIC KEY THRESHOLD BFV) ------------------------------------- ************************************/ @@ -64,43 +60,42 @@ pub global PK_AGGREGATION_CONFIGS: PkAggregationConfigs = PkAggregationConfig /************************************ ------------------------------------- -user_data_encryption (GRECO) +user_data_encryption (USED FOR DATA ENCRYPTION) ------------------------------------- ************************************/ -// user_data_encryption - bit parameters pub global USER_DATA_ENCRYPTION_BIT_PK: u32 = 52; pub global USER_DATA_ENCRYPTION_BIT_CT: u32 = 52; -pub global USER_DATA_ENCRYPTION_BIT_U: u32 = 2; -pub global USER_DATA_ENCRYPTION_BIT_E0: u32 = 107; -pub global USER_DATA_ENCRYPTION_BIT_E1: u32 = 6; -pub global USER_DATA_ENCRYPTION_BIT_K: u32 = 7; -pub global USER_DATA_ENCRYPTION_BIT_R1: u32 = 14; -pub global USER_DATA_ENCRYPTION_BIT_R2: u32 = 53; -pub global USER_DATA_ENCRYPTION_BIT_P1: u32 = 14; -pub global USER_DATA_ENCRYPTION_BIT_P2: u32 = 53; - -// user_data_encryption - bounds +pub global USER_DATA_ENCRYPTION_BIT_U: u32 = 1; +pub global USER_DATA_ENCRYPTION_BIT_E0: u32 = 105; +pub global USER_DATA_ENCRYPTION_BIT_E1: u32 = 5; +pub global USER_DATA_ENCRYPTION_BIT_K: u32 = 6; +pub global USER_DATA_ENCRYPTION_BIT_R1: u32 = 13; +pub global USER_DATA_ENCRYPTION_BIT_R2: u32 = 52; +pub global USER_DATA_ENCRYPTION_BIT_P1: u32 = 13; +pub global USER_DATA_ENCRYPTION_BIT_P2: u32 = 52; + +pub global USER_DATA_ENCRYPTION_Q_MOD_T_MOD_P: Field = + 21888242871839275222246405745257275088548364400416034343698204186575808495598; pub global USER_DATA_ENCRYPTION_K0IS: [Field; L] = [1553741877321401, 3467771713378059, 3107483745689273, 4188347660158895]; pub global USER_DATA_ENCRYPTION_PK_BOUNDS: [Field; L] = [1125899911102464, 2251799813881856, 2251799815716864, 2251799817289728]; -pub global USER_DATA_ENCRYPTION_E0_BOUND: Field = 54890881146011919040994244755389; +pub global USER_DATA_ENCRYPTION_E0_BOUND: Field = 39614081257132168796771975168000; pub global USER_DATA_ENCRYPTION_E1_BOUND: Field = 20; pub global USER_DATA_ENCRYPTION_U_BOUND: Field = 1; pub global USER_DATA_ENCRYPTION_K1_LOW_BOUND: Field = 50; pub global USER_DATA_ENCRYPTION_K1_UP_BOUND: Field = 49; -pub global USER_DATA_ENCRYPTION_R1_LOW_BOUNDS: [Field; L] = [4132, 4136, 4131, 4143]; -pub global USER_DATA_ENCRYPTION_R1_UP_BOUNDS: [Field; L] = [4131, 4135, 4131, 4142]; +pub global USER_DATA_ENCRYPTION_R1_LOW_BOUNDS: [Field; L] = [4131, 4135, 4131, 4143]; +pub global USER_DATA_ENCRYPTION_R1_UP_BOUNDS: [Field; L] = [4131, 4134, 4130, 4142]; pub global USER_DATA_ENCRYPTION_R2_BOUNDS: [Field; L] = [1125899911102464, 2251799813881856, 2251799815716864, 2251799817289728]; pub global USER_DATA_ENCRYPTION_P1_BOUNDS: [Field; L] = [4096, 4096, 4096, 4096]; pub global USER_DATA_ENCRYPTION_P2_BOUNDS: [Field; L] = [1125899911102464, 2251799813881856, 2251799815716864, 2251799817289728]; -// greco - configs pub global USER_DATA_ENCRYPTION_CONFIGS: UserDataEncryptionConfigs = UserDataEncryptionConfigs::new( - Q_MOD_T_MOD_P, + USER_DATA_ENCRYPTION_Q_MOD_T_MOD_P, QIS, USER_DATA_ENCRYPTION_K0IS, USER_DATA_ENCRYPTION_PK_BOUNDS, @@ -118,24 +113,27 @@ pub global USER_DATA_ENCRYPTION_CONFIGS: UserDataEncryptionConfigs = UserD /************************************ ------------------------------------- -share_decryption +share_decryption (CIRCUIT 6 - THRESHOLD BFV SHARE DECRYPTION) ------------------------------------- ************************************/ -pub global SHARE_DECRYPTION_BIT_CT: u32 = 52; -pub global SHARE_DECRYPTION_BIT_SK: u32 = 52; -pub global SHARE_DECRYPTION_BIT_E_SM: u32 = 52; -pub global SHARE_DECRYPTION_BIT_R1: u32 = 64; -pub global SHARE_DECRYPTION_BIT_R2: u32 = 52; -pub global SHARE_DECRYPTION_BIT_D: u32 = 52; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_CT: u32 = 52; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_SK: u32 = 52; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_E_SM: u32 = 52; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_R1: u32 = 64; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_R2: u32 = 52; +pub global THRESHOLD_SHARE_DECRYPTION_BIT_D: u32 = 52; -pub global SHARE_DECRYPTION_R1_BOUNDS: [Field; L] = +pub global THRESHOLD_SHARE_DECRYPTION_R1_BOUNDS: [Field; L] = [4611686035875690497, 9223372037660080129, 9223372045176272897, 9223372051618723841]; -pub global SHARE_DECRYPTION_R2_BOUNDS: [Field; L] = +pub global THRESHOLD_SHARE_DECRYPTION_R2_BOUNDS: [Field; L] = [1125899911102464, 2251799813881856, 2251799815716864, 2251799817289728]; -pub global SHARE_DECRYPTION_CONFIGS: ShareDecryptionConfigs = - ShareDecryptionConfigs::new(QIS, SHARE_DECRYPTION_R1_BOUNDS, SHARE_DECRYPTION_R2_BOUNDS); +pub global THRESHOLD_SHARE_DECRYPTION_CONFIGS: ShareDecryptionConfigs = ShareDecryptionConfigs::new( + QIS, + THRESHOLD_SHARE_DECRYPTION_R1_BOUNDS, + THRESHOLD_SHARE_DECRYPTION_R2_BOUNDS, +); /************************************ ------------------------------------- @@ -143,9 +141,7 @@ decrypted_shares_aggregation (CIRCUIT 7) ------------------------------------- ************************************/ -// decrypted_shares_aggregation - bit parameters pub global DECRYPTED_SHARES_AGGREGATION_BIT_NOISE: u32 = 200; -// decrypted_shares_aggregation - configs pub global DECRYPTED_SHARES_AGGREGATION_CONFIGS: DecryptedSharesAggregationConfigs = DecryptedSharesAggregationConfigs::new(QIS, PLAINTEXT_MODULUS, Q_INVERSE_MOD_T); diff --git a/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs b/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs index e5bc47ffd2..bf2bf5bc37 100644 --- a/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs +++ b/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs @@ -48,8 +48,7 @@ pub fn generate_toml(witness: Witness) -> Result { /// Builds the configs.nr string (N, L, bit parameters) for the Noir prover. pub fn generate_configs(preset: BfvPreset, bits: &Bits) -> CodegenConfigs { format!( - r#" -pub global N: u32 = {}; + r#"pub global N: u32 = {}; pub global L: u32 = {}; /************************************ @@ -61,8 +60,8 @@ pk (CIRCUIT 0 - DKG BFV PUBLIC KEY) // pk - bit parameters pub global {}_BIT_PK: u32 = {}; "#, - preset.metadata().degree, - preset.metadata().num_moduli, + preset.dkg_counterpart().unwrap().metadata().degree, + preset.dkg_counterpart().unwrap().metadata().num_moduli, ::PREFIX, bits.pk_bit, ) diff --git a/crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/codegen.rs b/crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/codegen.rs index f20ad2379a..5d7e74043b 100644 --- a/crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/codegen.rs +++ b/crates/zk-helpers/src/circuits/threshold/decrypted_shares_aggregation/codegen.rs @@ -58,17 +58,17 @@ pub fn generate_configs(_preset: BfvPreset, configs: &Configs) -> CodegenConfigs format!( r#"use crate::core::threshold::decrypted_shares_aggregation::Configs as DecryptedSharesAggregationConfigs; +pub global L: u32 = {}; +pub global QIS: [Field; L] = [{}]; +pub global PLAINTEXT_MODULUS: Field = {}; +pub global Q_INVERSE_MOD_T: Field = {}; + /************************************ ------------------------------------- decrypted_shares_aggregation (CIRCUIT 7) ------------------------------------- ************************************/ -pub global L: u32 = {}; -pub global QIS: [Field; L] = [{}]; -pub global PLAINTEXT_MODULUS: Field = {}; -pub global Q_INVERSE_MOD_T: Field = {}; - pub global {}_BIT_NOISE: u32 = {}; pub global {}_CONFIGS: DecryptedSharesAggregationConfigs = diff --git a/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs b/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs index 1cc56023af..23ab1c48e4 100644 --- a/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs +++ b/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs @@ -64,7 +64,7 @@ pk_aggregation (CIRCUIT 5) pub global {}_BIT_PK: u32 = {}; -pub global {}_CONFIGS: PkAggregationConfigs = PkAggregationConfigs::new(QIS,); +pub global {}_CONFIGS: PkAggregationConfigs = PkAggregationConfigs::new(QIS); "#, configs.n, // N configs.l, // L diff --git a/crates/zk-helpers/src/circuits/threshold/share_decryption/codegen.rs b/crates/zk-helpers/src/circuits/threshold/share_decryption/codegen.rs index 723f24bbf3..280ff7f033 100644 --- a/crates/zk-helpers/src/circuits/threshold/share_decryption/codegen.rs +++ b/crates/zk-helpers/src/circuits/threshold/share_decryption/codegen.rs @@ -61,7 +61,7 @@ pub global QIS: [Field; L] = [{}]; /************************************ ------------------------------------- -share_decryption +share_decryption (CIRCUIT 6 - THRESHOLD BFV SHARE DECRYPTION) ------------------------------------- ************************************/ From 039f1eaff4deb51af614d04356faa36d785968a9 Mon Sep 17 00:00:00 2001 From: 0xjei Date: Tue, 10 Feb 2026 14:57:46 +0100 Subject: [PATCH 2/6] update apis for share enc --- circuits/bin/dkg/e_sm_share_encryption/src/main.nr | 12 ++++++------ circuits/bin/dkg/sk_share_encryption/src/main.nr | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/circuits/bin/dkg/e_sm_share_encryption/src/main.nr b/circuits/bin/dkg/e_sm_share_encryption/src/main.nr index ad96bbb1f2..8885a32668 100644 --- a/circuits/bin/dkg/e_sm_share_encryption/src/main.nr +++ b/circuits/bin/dkg/e_sm_share_encryption/src/main.nr @@ -5,10 +5,10 @@ // or FITNESS FOR A PARTICULAR PURPOSE. use lib::configs::default::dkg::{ - L, N, SHARE_ENCRYPTION_BIT_CT, SHARE_ENCRYPTION_BIT_E0, SHARE_ENCRYPTION_BIT_E1, - SHARE_ENCRYPTION_BIT_MSG, SHARE_ENCRYPTION_BIT_P1, SHARE_ENCRYPTION_BIT_P2, - SHARE_ENCRYPTION_BIT_PK, SHARE_ENCRYPTION_BIT_R1, SHARE_ENCRYPTION_BIT_R2, - SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_CONFIGS, + DKG_SHARE_ENCRYPTION_BIT_CT, DKG_SHARE_ENCRYPTION_BIT_E0, DKG_SHARE_ENCRYPTION_BIT_E1, + DKG_SHARE_ENCRYPTION_BIT_MSG, DKG_SHARE_ENCRYPTION_BIT_P1, DKG_SHARE_ENCRYPTION_BIT_P2, + DKG_SHARE_ENCRYPTION_BIT_PK, DKG_SHARE_ENCRYPTION_BIT_R1, DKG_SHARE_ENCRYPTION_BIT_R2, + DKG_SHARE_ENCRYPTION_BIT_U, DKG_SHARE_ENCRYPTION_CONFIGS, L, N, }; use lib::core::dkg::share_encryption::ShareEncryption; use lib::math::polynomial::Polynomial; @@ -31,8 +31,8 @@ fn main( p1is: [Polynomial<(2 * N) - 1>; L], p2is: [Polynomial; L], ) { - let share_encryption: ShareEncryption = ShareEncryption::new( - SHARE_ENCRYPTION_CONFIGS, + let share_encryption: ShareEncryption = ShareEncryption::new( + DKG_SHARE_ENCRYPTION_CONFIGS, expected_pk_commitment, expected_message_commitment, pk0is, diff --git a/circuits/bin/dkg/sk_share_encryption/src/main.nr b/circuits/bin/dkg/sk_share_encryption/src/main.nr index ad96bbb1f2..8885a32668 100644 --- a/circuits/bin/dkg/sk_share_encryption/src/main.nr +++ b/circuits/bin/dkg/sk_share_encryption/src/main.nr @@ -5,10 +5,10 @@ // or FITNESS FOR A PARTICULAR PURPOSE. use lib::configs::default::dkg::{ - L, N, SHARE_ENCRYPTION_BIT_CT, SHARE_ENCRYPTION_BIT_E0, SHARE_ENCRYPTION_BIT_E1, - SHARE_ENCRYPTION_BIT_MSG, SHARE_ENCRYPTION_BIT_P1, SHARE_ENCRYPTION_BIT_P2, - SHARE_ENCRYPTION_BIT_PK, SHARE_ENCRYPTION_BIT_R1, SHARE_ENCRYPTION_BIT_R2, - SHARE_ENCRYPTION_BIT_U, SHARE_ENCRYPTION_CONFIGS, + DKG_SHARE_ENCRYPTION_BIT_CT, DKG_SHARE_ENCRYPTION_BIT_E0, DKG_SHARE_ENCRYPTION_BIT_E1, + DKG_SHARE_ENCRYPTION_BIT_MSG, DKG_SHARE_ENCRYPTION_BIT_P1, DKG_SHARE_ENCRYPTION_BIT_P2, + DKG_SHARE_ENCRYPTION_BIT_PK, DKG_SHARE_ENCRYPTION_BIT_R1, DKG_SHARE_ENCRYPTION_BIT_R2, + DKG_SHARE_ENCRYPTION_BIT_U, DKG_SHARE_ENCRYPTION_CONFIGS, L, N, }; use lib::core::dkg::share_encryption::ShareEncryption; use lib::math::polynomial::Polynomial; @@ -31,8 +31,8 @@ fn main( p1is: [Polynomial<(2 * N) - 1>; L], p2is: [Polynomial; L], ) { - let share_encryption: ShareEncryption = ShareEncryption::new( - SHARE_ENCRYPTION_CONFIGS, + let share_encryption: ShareEncryption = ShareEncryption::new( + DKG_SHARE_ENCRYPTION_CONFIGS, expected_pk_commitment, expected_message_commitment, pk0is, From c8594e34e05b99f40b0e9df17bc181e2e19cd3dc Mon Sep 17 00:00:00 2001 From: 0xjei Date: Tue, 10 Feb 2026 14:58:45 +0100 Subject: [PATCH 3/6] update share dec tr apis --- circuits/bin/threshold/share_decryption/src/main.nr | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/circuits/bin/threshold/share_decryption/src/main.nr b/circuits/bin/threshold/share_decryption/src/main.nr index 32d3ec4e57..e64fc687ae 100644 --- a/circuits/bin/threshold/share_decryption/src/main.nr +++ b/circuits/bin/threshold/share_decryption/src/main.nr @@ -5,9 +5,10 @@ // or FITNESS FOR A PARTICULAR PURPOSE. use lib::configs::default::threshold::{ - L, N, SHARE_DECRYPTION_BIT_CT, SHARE_DECRYPTION_BIT_D, SHARE_DECRYPTION_BIT_E_SM, - SHARE_DECRYPTION_BIT_R1, SHARE_DECRYPTION_BIT_R2, SHARE_DECRYPTION_BIT_SK, - SHARE_DECRYPTION_CONFIGS, + L, N, THRESHOLD_SHARE_DECRYPTION_BIT_CT, THRESHOLD_SHARE_DECRYPTION_BIT_D, + THRESHOLD_SHARE_DECRYPTION_BIT_E_SM, THRESHOLD_SHARE_DECRYPTION_BIT_R1, + THRESHOLD_SHARE_DECRYPTION_BIT_R2, THRESHOLD_SHARE_DECRYPTION_BIT_SK, + THRESHOLD_SHARE_DECRYPTION_CONFIGS, }; use lib::core::threshold::share_decryption::ShareDecryption; use lib::math::polynomial::Polynomial; @@ -23,8 +24,8 @@ fn main( r2: [Polynomial; L], d: [Polynomial; L], ) { - let share_decryption: ShareDecryption = ShareDecryption::new( - SHARE_DECRYPTION_CONFIGS, + let share_decryption: ShareDecryption = ShareDecryption::new( + THRESHOLD_SHARE_DECRYPTION_CONFIGS, expected_sk_commitment, expected_e_sm_commitment, ct0, From 43a3c6eac5fbe4d5495334c6e61757a0c2104970 Mon Sep 17 00:00:00 2001 From: 0xjei Date: Tue, 10 Feb 2026 16:50:04 +0100 Subject: [PATCH 4/6] add benches --- .gitignore | 3 + circuits/benchmarks/config.json | 33 ++ .../benchmarks/results_insecure/report.md | 291 ++++++++++++++ circuits/benchmarks/results_secure/report.md | 291 ++++++++++++++ circuits/benchmarks/run_benchmarks.sh | 5 + .../benchmarks/scripts/benchmark_circuit.sh | 355 ++++++++++++++++++ .../scripts/generate_prover_toml.sh | 108 ++++++ .../benchmarks/scripts/generate_report.sh | 306 +++++++++++++++ circuits/benchmarks/scripts/run_benchmarks.sh | 208 ++++++++++ crates/zk-helpers/README.md | 21 +- crates/zk-helpers/src/bin/zk_cli.rs | 26 +- .../zk-helpers/src/circuits/dkg/pk/codegen.rs | 12 +- .../circuits/dkg/share_decryption/sample.rs | 6 +- crates/zk-helpers/src/circuits/mod.rs | 4 +- .../threshold/pk_aggregation/codegen.rs | 2 +- 15 files changed, 1648 insertions(+), 23 deletions(-) create mode 100644 circuits/benchmarks/config.json create mode 100644 circuits/benchmarks/results_insecure/report.md create mode 100644 circuits/benchmarks/results_secure/report.md create mode 100755 circuits/benchmarks/run_benchmarks.sh create mode 100755 circuits/benchmarks/scripts/benchmark_circuit.sh create mode 100755 circuits/benchmarks/scripts/generate_prover_toml.sh create mode 100755 circuits/benchmarks/scripts/generate_report.sh create mode 100755 circuits/benchmarks/scripts/run_benchmarks.sh diff --git a/.gitignore b/.gitignore index 497c10b426..bebdebe895 100644 --- a/.gitignore +++ b/.gitignore @@ -8,3 +8,6 @@ target *.DS_Store dist + +# circuit benchmarks +circuits/benchmarks/results_*/raw/ \ No newline at end of file diff --git a/circuits/benchmarks/config.json b/circuits/benchmarks/config.json new file mode 100644 index 0000000000..dfd1bb7a4a --- /dev/null +++ b/circuits/benchmarks/config.json @@ -0,0 +1,33 @@ +{ + "circuits": [ + "dkg/pk", + "dkg/sk_share_computation", + "dkg/e_sm_share_computation", + "dkg/sk_share_encryption", + "dkg/e_sm_share_encryption", + "dkg/sk_share_decryption", + "dkg/e_sm_share_decryption", + "threshold/user_data_encryption", + "threshold/pk_generation", + "threshold/pk_aggregation", + "threshold/share_decryption", + "threshold/decrypted_shares_aggregation_bn", + "threshold/decrypted_shares_aggregation_mod" + ], + "oracles": ["default"], + "mode": "insecure", + "bin_dir": "../bin", + "output_dir": "results", + "metrics_to_track": [ + "compilation_time", + "execution_time", + "gate_count", + "vk_generation_time", + "proof_generation_time", + "verification_time", + "circuit_size", + "witness_size", + "vk_size", + "proof_size" + ] +} diff --git a/circuits/benchmarks/results_insecure/report.md b/circuits/benchmarks/results_insecure/report.md new file mode 100644 index 0000000000..43da531c01 --- /dev/null +++ b/circuits/benchmarks/results_insecure/report.md @@ -0,0 +1,291 @@ +# Enclave ZK Circuit Benchmarks + +**Generated:** 2026-02-10 14:31:26 UTC + +**Git Branch:** `circuits/configs-benches` +**Git Commit:** `a59e54c02ae531cb9579c2fae86caab28c7e9efa` + +--- + +## Summary + +### DKG + +#### Timing Metrics + +| Circuit | Compile | Execute | Prove | Verify | +| ---------------------- | ------- | ------- | ------ | ------ | +| e_sm_share_computation | 0.33 s | 0.53 s | 1.62 s | 0.03 s | +| e_sm_share_decryption | 0.26 s | 0.27 s | 0.21 s | 0.02 s | +| e_sm_share_encryption | 0.30 s | 0.45 s | 0.63 s | 0.03 s | +| pk | 0.25 s | 0.27 s | 0.12 s | 0.02 s | +| sk_share_computation | 0.32 s | 0.52 s | 1.69 s | 0.02 s | +| sk_share_decryption | 0.27 s | 0.28 s | 0.21 s | 0.02 s | +| sk_share_encryption | 0.29 s | 0.44 s | 0.62 s | 0.03 s | + +#### Size & Circuit Metrics + +| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | +| ---------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | +| e_sm_share_computation | 90956 | 328.74K | 1.39 MB | 477.88 KB | 3.59 KB | 15.88 KB | +| e_sm_share_decryption | 1949 | 19.05K | 129.17 KB | 95.40 KB | 3.59 KB | 15.88 KB | +| e_sm_share_encryption | 47758 | 127.69K | 797.90 KB | 512.26 KB | 3.59 KB | 15.88 KB | +| pk | 344 | 6.85K | 87.63 KB | 29.09 KB | 3.59 KB | 15.88 KB | +| sk_share_computation | 90827 | 326.14K | 1.38 MB | 463.66 KB | 3.59 KB | 15.88 KB | +| sk_share_decryption | 1949 | 19.05K | 129.17 KB | 95.45 KB | 3.59 KB | 15.88 KB | +| sk_share_encryption | 47758 | 127.69K | 797.90 KB | 512.48 KB | 3.59 KB | 15.88 KB | + +### Threshold + +#### Timing Metrics + +| Circuit | Compile | Execute | Prove | Verify | +| -------------------------------- | ------- | ------- | ------ | ------ | +| decrypted_shares_aggregation_bn | 0.30 s | 0.50 s | 0.52 s | 0.03 s | +| decrypted_shares_aggregation_mod | 0.28 s | 0.33 s | 0.47 s | 0.03 s | +| pk_aggregation | 0.28 s | 0.41 s | 0.86 s | 0.02 s | +| pk_generation | 0.27 s | 0.39 s | 0.50 s | 0.03 s | +| share_decryption | 0.28 s | 0.39 s | 0.56 s | 0.03 s | +| user_data_encryption | 0.29 s | 0.47 s | 0.60 s | 0.02 s | + +#### Size & Circuit Metrics + +| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | +| -------------------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | +| decrypted_shares_aggregation_bn | 40424 | 102.01K | 1.00 MB | 104.64 KB | 3.59 KB | 15.88 KB | +| decrypted_shares_aggregation_mod | 31544 | 80.74K | 509.67 KB | 77.58 KB | 3.59 KB | 15.88 KB | +| pk_aggregation | 46897 | 151.06K | 821.80 KB | 278.60 KB | 3.59 KB | 15.88 KB | +| pk_generation | 30019 | 65.61K | 541.92 KB | 445.47 KB | 3.59 KB | 15.88 KB | +| share_decryption | 30570 | 85.48K | 541.56 KB | 522.85 KB | 3.59 KB | 15.88 KB | +| user_data_encryption | 56601 | 106.72K | 847.43 KB | 691.14 KB | 3.59 KB | 15.88 KB | + +## Circuit Details + +### DKG + +#### e_sm_share_computation + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.33 s | +| **Execution** | 0.53 s | +| **VK Generation** | 0.60 s | +| **Proof Generation** | 1.62 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 90956 | +| **Total Gates** | 328743 | +| **Circuit Size** | 1.39 MB | +| **Witness Size** | 477.88 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### e_sm_share_decryption + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.26 s | +| **Execution** | 0.27 s | +| **VK Generation** | 0.07 s | +| **Proof Generation** | 0.21 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 1949 | +| **Total Gates** | 19049 | +| **Circuit Size** | 129.17 KB | +| **Witness Size** | 95.40 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### e_sm_share_encryption + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.30 s | +| **Execution** | 0.45 s | +| **VK Generation** | 0.27 s | +| **Proof Generation** | 0.63 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 47758 | +| **Total Gates** | 127691 | +| **Circuit Size** | 797.90 KB | +| **Witness Size** | 512.26 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### pk + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 0.25 s | +| **Execution** | 0.27 s | +| **VK Generation** | 0.05 s | +| **Proof Generation** | 0.12 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 344 | +| **Total Gates** | 6846 | +| **Circuit Size** | 87.63 KB | +| **Witness Size** | 29.09 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### sk_share_computation + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.32 s | +| **Execution** | 0.52 s | +| **VK Generation** | 0.62 s | +| **Proof Generation** | 1.69 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 90827 | +| **Total Gates** | 326138 | +| **Circuit Size** | 1.38 MB | +| **Witness Size** | 463.66 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### sk_share_decryption + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.27 s | +| **Execution** | 0.28 s | +| **VK Generation** | 0.07 s | +| **Proof Generation** | 0.21 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 1949 | +| **Total Gates** | 19049 | +| **Circuit Size** | 129.17 KB | +| **Witness Size** | 95.45 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### sk_share_encryption + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.29 s | +| **Execution** | 0.44 s | +| **VK Generation** | 0.26 s | +| **Proof Generation** | 0.62 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 47758 | +| **Total Gates** | 127691 | +| **Circuit Size** | 797.90 KB | +| **Witness Size** | 512.48 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +### Threshold + +#### decrypted_shares_aggregation_bn + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.30 s | +| **Execution** | 0.50 s | +| **VK Generation** | 0.23 s | +| **Proof Generation** | 0.52 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 40424 | +| **Total Gates** | 102014 | +| **Circuit Size** | 1.00 MB | +| **Witness Size** | 104.64 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### decrypted_shares_aggregation_mod + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.28 s | +| **Execution** | 0.33 s | +| **VK Generation** | 0.19 s | +| **Proof Generation** | 0.47 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 31544 | +| **Total Gates** | 80740 | +| **Circuit Size** | 509.67 KB | +| **Witness Size** | 77.58 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### pk_aggregation + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.28 s | +| **Execution** | 0.41 s | +| **VK Generation** | 0.33 s | +| **Proof Generation** | 0.86 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 46897 | +| **Total Gates** | 151056 | +| **Circuit Size** | 821.80 KB | +| **Witness Size** | 278.60 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### pk_generation + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.27 s | +| **Execution** | 0.39 s | +| **VK Generation** | 0.17 s | +| **Proof Generation** | 0.50 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 30019 | +| **Total Gates** | 65606 | +| **Circuit Size** | 541.92 KB | +| **Witness Size** | 445.47 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### share_decryption + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.28 s | +| **Execution** | 0.39 s | +| **VK Generation** | 0.20 s | +| **Proof Generation** | 0.56 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 30570 | +| **Total Gates** | 85478 | +| **Circuit Size** | 541.56 KB | +| **Witness Size** | 522.85 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### user_data_encryption + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.29 s | +| **Execution** | 0.47 s | +| **VK Generation** | 0.23 s | +| **Proof Generation** | 0.60 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 56601 | +| **Total Gates** | 106725 | +| **Circuit Size** | 847.43 KB | +| **Witness Size** | 691.14 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +## System Information + +### Hardware + +- **CPU:** Apple M4 Pro +- **CPU Cores:** 14 +- **RAM:** 48.00 GB +- **OS:** Darwin +- **Architecture:** arm64 + +### Software + +- **Nargo Version:** nargo version = 1.0.0-beta.15 noirc version = + 1.0.0-beta.15+83245db91dcf63420ef4bcbbd85b98f397fee663 (git version hash: + 83245db91dcf63420ef4bcbbd85b98f397fee663, is dirty: false) +- **Barretenberg Version:** 3.0.0-nightly.20251104 diff --git a/circuits/benchmarks/results_secure/report.md b/circuits/benchmarks/results_secure/report.md new file mode 100644 index 0000000000..d477fd7c51 --- /dev/null +++ b/circuits/benchmarks/results_secure/report.md @@ -0,0 +1,291 @@ +# Enclave ZK Circuit Benchmarks + +**Generated:** 2026-02-10 15:46:56 UTC + +**Git Branch:** `circuits/configs-benches` +**Git Commit:** `a59e54c02ae531cb9579c2fae86caab28c7e9efa` + +--- + +## Summary + +### DKG + +#### Timing Metrics + +| Circuit | Compile | Execute | Prove | Verify | +| ---------------------- | -------- | ------- | ------- | ------ | +| e_sm_share_computation | 744.00 s | 10.10 s | 40.60 s | 0.03 s | +| e_sm_share_decryption | 31.68 s | 1.25 s | 3.33 s | 0.02 s | +| e_sm_share_encryption | 473.70 s | 5.09 s | 12.15 s | 0.09 s | +| pk | 10.58 s | 0.48 s | 1.11 s | 0.02 s | +| sk_share_computation | 536.29 s | 9.23 s | 38.13 s | 0.03 s | +| sk_share_decryption | 32.84 s | 1.26 s | 3.32 s | 0.02 s | +| sk_share_encryption | 498.52 s | 5.18 s | 12.07 s | 0.09 s | + +#### Size & Circuit Metrics + +| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | +| ---------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | +| e_sm_share_computation | 2949141 | 11.54M | 39.14 MB | 17.63 MB | 3.59 KB | 15.88 KB | +| e_sm_share_decryption | 51902 | 879.66K | 1.70 MB | 3.55 MB | 3.59 KB | 15.88 KB | +| e_sm_share_encryption | 1151876 | 3.20M | 14.36 MB | 14.19 MB | 3.59 KB | 15.88 KB | +| pk | 10925 | 215.80K | 442.45 KB | 952.21 KB | 3.59 KB | 15.88 KB | +| sk_share_computation | 2905804 | 10.72M | 38.25 MB | 15.36 MB | 3.59 KB | 15.88 KB | +| sk_share_decryption | 51902 | 879.66K | 1.70 MB | 3.55 MB | 3.59 KB | 15.88 KB | +| sk_share_encryption | 1151876 | 3.20M | 14.36 MB | 14.19 MB | 3.59 KB | 15.88 KB | + +### Threshold + +#### Timing Metrics + +| Circuit | Compile | Execute | Prove | Verify | +| -------------------------------- | -------- | ------- | ------- | ------ | +| decrypted_shares_aggregation_bn | 1.15 s | 0.61 s | 0.80 s | 0.03 s | +| decrypted_shares_aggregation_mod | 0.70 s | 0.33 s | 0.00 s | 0.00 s | +| pk_aggregation | 116.13 s | 6.22 s | 20.25 s | 0.02 s | +| pk_generation | 388.08 s | 4.88 s | 12.30 s | 0.09 s | +| share_decryption | 430.14 s | 5.55 s | 12.41 s | 0.16 s | +| user_data_encryption | 409.30 s | 7.78 s | 13.37 s | 0.02 s | + +#### Size & Circuit Metrics + +| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | +| -------------------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | +| decrypted_shares_aggregation_bn | 61568 | 154.96K | 1.29 MB | 193.99 KB | 3.59 KB | 15.88 KB | +| decrypted_shares_aggregation_mod | 0 | 0 | 793.45 KB | 0 B | 0 B | 0 B | +| pk_aggregation | 1529181 | 5.27M | 21.69 MB | 11.06 MB | 3.59 KB | 15.88 KB | +| pk_generation | 948955 | 3.49M | 12.31 MB | 16.86 MB | 3.59 KB | 15.88 KB | +| share_decryption | 1012104 | 3.54M | 12.98 MB | 19.20 MB | 3.59 KB | 15.88 KB | +| user_data_encryption | 1684299 | 4.02M | 20.75 MB | 23.82 MB | 3.59 KB | 15.88 KB | + +## Circuit Details + +### DKG + +#### e_sm_share_computation + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 744.00 s | +| **Execution** | 10.10 s | +| **VK Generation** | 16.53 s | +| **Proof Generation** | 40.60 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 2949141 | +| **Total Gates** | 11539441 | +| **Circuit Size** | 39.14 MB | +| **Witness Size** | 17.63 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### e_sm_share_decryption + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 31.68 s | +| **Execution** | 1.25 s | +| **VK Generation** | 1.25 s | +| **Proof Generation** | 3.33 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 51902 | +| **Total Gates** | 879661 | +| **Circuit Size** | 1.70 MB | +| **Witness Size** | 3.55 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### e_sm_share_encryption + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 473.70 s | +| **Execution** | 5.09 s | +| **VK Generation** | 5.28 s | +| **Proof Generation** | 12.15 s | +| **Verification** | 0.09 s | +| **ACIR Opcodes** | 1151876 | +| **Total Gates** | 3204716 | +| **Circuit Size** | 14.36 MB | +| **Witness Size** | 14.19 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### pk + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 10.58 s | +| **Execution** | 0.48 s | +| **VK Generation** | 0.38 s | +| **Proof Generation** | 1.11 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 10925 | +| **Total Gates** | 215803 | +| **Circuit Size** | 442.45 KB | +| **Witness Size** | 952.21 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### sk_share_computation + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 536.29 s | +| **Execution** | 9.23 s | +| **VK Generation** | 15.57 s | +| **Proof Generation** | 38.13 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 2905804 | +| **Total Gates** | 10718698 | +| **Circuit Size** | 38.25 MB | +| **Witness Size** | 15.36 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### sk_share_decryption + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 32.84 s | +| **Execution** | 1.26 s | +| **VK Generation** | 1.28 s | +| **Proof Generation** | 3.32 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 51902 | +| **Total Gates** | 879661 | +| **Circuit Size** | 1.70 MB | +| **Witness Size** | 3.55 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### sk_share_encryption + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 498.52 s | +| **Execution** | 5.18 s | +| **VK Generation** | 5.46 s | +| **Proof Generation** | 12.07 s | +| **Verification** | 0.09 s | +| **ACIR Opcodes** | 1151876 | +| **Total Gates** | 3204716 | +| **Circuit Size** | 14.36 MB | +| **Witness Size** | 14.19 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +### Threshold + +#### decrypted_shares_aggregation_bn + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 1.15 s | +| **Execution** | 0.61 s | +| **VK Generation** | 0.31 s | +| **Proof Generation** | 0.80 s | +| **Verification** | 0.03 s | +| **ACIR Opcodes** | 61568 | +| **Total Gates** | 154955 | +| **Circuit Size** | 1.29 MB | +| **Witness Size** | 193.99 KB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### decrypted_shares_aggregation_mod + +| Metric | Value | +| -------------------- | --------- | +| **Compilation** | 0.70 s | +| **Execution** | 0.33 s | +| **VK Generation** | 0.00 s | +| **Proof Generation** | 0.00 s | +| **Verification** | 0.00 s | +| **ACIR Opcodes** | 0 | +| **Total Gates** | 0 | +| **Circuit Size** | 793.45 KB | +| **Witness Size** | 0 B | +| **VK Size** | 0 B | +| **Proof Size** | 0 B | + +#### pk_aggregation + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 116.13 s | +| **Execution** | 6.22 s | +| **VK Generation** | 8.28 s | +| **Proof Generation** | 20.25 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 1529181 | +| **Total Gates** | 5267720 | +| **Circuit Size** | 21.69 MB | +| **Witness Size** | 11.06 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### pk_generation + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 388.08 s | +| **Execution** | 4.88 s | +| **VK Generation** | 5.17 s | +| **Proof Generation** | 12.30 s | +| **Verification** | 0.09 s | +| **ACIR Opcodes** | 948955 | +| **Total Gates** | 3485220 | +| **Circuit Size** | 12.31 MB | +| **Witness Size** | 16.86 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### share_decryption + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 430.14 s | +| **Execution** | 5.55 s | +| **VK Generation** | 5.37 s | +| **Proof Generation** | 12.41 s | +| **Verification** | 0.16 s | +| **ACIR Opcodes** | 1012104 | +| **Total Gates** | 3543998 | +| **Circuit Size** | 12.98 MB | +| **Witness Size** | 19.20 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +#### user_data_encryption + +| Metric | Value | +| -------------------- | -------- | +| **Compilation** | 409.30 s | +| **Execution** | 7.78 s | +| **VK Generation** | 6.35 s | +| **Proof Generation** | 13.37 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | 1684299 | +| **Total Gates** | 4021683 | +| **Circuit Size** | 20.75 MB | +| **Witness Size** | 23.82 MB | +| **VK Size** | 3.59 KB | +| **Proof Size** | 15.88 KB | + +## System Information + +### Hardware + +- **CPU:** Apple M4 Pro +- **CPU Cores:** 14 +- **RAM:** 48.00 GB +- **OS:** Darwin +- **Architecture:** arm64 + +### Software + +- **Nargo Version:** nargo version = 1.0.0-beta.15 noirc version = + 1.0.0-beta.15+83245db91dcf63420ef4bcbbd85b98f397fee663 (git version hash: + 83245db91dcf63420ef4bcbbd85b98f397fee663, is dirty: false) +- **Barretenberg Version:** 3.0.0-nightly.20251104 diff --git a/circuits/benchmarks/run_benchmarks.sh b/circuits/benchmarks/run_benchmarks.sh new file mode 100755 index 0000000000..e584fce3dd --- /dev/null +++ b/circuits/benchmarks/run_benchmarks.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +# Convenience wrapper - forwards to scripts/run_benchmarks.sh +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +exec "${SCRIPT_DIR}/scripts/run_benchmarks.sh" "$@" diff --git a/circuits/benchmarks/scripts/benchmark_circuit.sh b/circuits/benchmarks/scripts/benchmark_circuit.sh new file mode 100755 index 0000000000..fb15de9905 --- /dev/null +++ b/circuits/benchmarks/scripts/benchmark_circuit.sh @@ -0,0 +1,355 @@ +#!/bin/bash + +# benchmark_circuit.sh - Benchmarks a single Noir circuit +# Usage: ./benchmark_circuit.sh [mode] [--skip-compile] + +set -e + +CIRCUIT_PATH="$1" +ORACLE_TYPE="$2" # "default" or "keccak" +OUTPUT_JSON="$3" +MODE="insecure" # Default mode +SKIP_COMPILE=false + +if [ -z "$CIRCUIT_PATH" ] || [ -z "$ORACLE_TYPE" ] || [ -z "$OUTPUT_JSON" ]; then + echo "Usage: $0 [mode] [--skip-compile]" + exit 1 +fi + +# Parse optional arguments (mode and flags) +shift 3 # Remove first 3 positional args +while [[ $# -gt 0 ]]; do + case $1 in + --skip-compile|--no-compile) + SKIP_COMPILE=true + shift + ;; + *) + # If it's not a flag, assume it's the mode (for backward compatibility) + if [[ "$1" != --* ]]; then + MODE="$1" + else + echo "Warning: Unknown option '$1', ignoring" + fi + shift + ;; + esac +done + +# Get circuit name from Nargo.toml +CIRCUIT_NAME=$(grep "^name = " "$CIRCUIT_PATH/Nargo.toml" | sed 's/name = "\(.*\)"/\1/') +if [ -z "$CIRCUIT_NAME" ]; then + CIRCUIT_NAME=$(basename "$CIRCUIT_PATH") +fi + +# Clean up circuit path for report (relative from repo: circuits/bin/... or bin/...) +if [[ "$CIRCUIT_PATH" == *"/circuits/bin/"* ]]; then + CIRCUIT_PATH_CLEAN=$(echo "$CIRCUIT_PATH" | sed 's|.*/circuits/\(bin/.*\)|circuits/\1|') +elif [[ "$CIRCUIT_PATH" == *"/bin/"* ]]; then + CIRCUIT_PATH_CLEAN=$(echo "$CIRCUIT_PATH" | sed 's|.*\(bin/.*\)|\1|') +else + CIRCUIT_PATH_CLEAN="circuits/bin/${MODE}/$(basename "$CIRCUIT_PATH")" +fi + +TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + +echo "==================================================" +echo "Benchmarking: $CIRCUIT_NAME" +echo "Mode: $MODE" +echo "Oracle: $ORACLE_TYPE" +echo "Skip Compile: $SKIP_COMPILE" +echo "==================================================" + +cd "$CIRCUIT_PATH" + +# Determine target directory location +# Check if we're in a workspace (target at parent level) or standalone (target in current dir) +TARGET_DIR="target" +WORKSPACE_ROOT="$(pwd)" + +# Check if parent directory has a workspace Nargo.toml +# This handles workspace setups (e.g. circuits/bin/dkg with parent Nargo.toml) +if [ -f "../Nargo.toml" ]; then + if grep -q "^\[workspace\]" "../Nargo.toml" 2>/dev/null; then + # We're in a workspace, target is at workspace root + TARGET_DIR="../target" + WORKSPACE_ROOT="$(cd .. && pwd)" + echo "Detected workspace setup: target directory at ${TARGET_DIR}" + fi +else + # Standalone project, target is in current directory + echo "Detected standalone project: target directory at ${TARGET_DIR}" +fi + +# Ensure target directory exists +mkdir -p "${TARGET_DIR}" + +# Note: We don't clean workspace-level targets to avoid affecting other circuits +# Only clean if it's a local target directory +if [ "$TARGET_DIR" = "target" ]; then + rm -rf target/ + mkdir -p target/ +fi + +# Prepare nargo command with oracle flag +NARGO_COMPILE_CMD="nargo compile" +NARGO_EXECUTE_CMD="nargo execute" +BB_GATES_CMD="bb gates" +BB_WRITE_VK_CMD="bb write_vk" +BB_PROVE_CMD="bb prove" +BB_VERIFY_CMD="bb verify" + +# Initialize results +COMPILE_TIME=0 +COMPILE_SUCCESS="false" +EXECUTE_TIME=0 +EXECUTE_SUCCESS="false" +CIRCUIT_SIZE=0 +WITNESS_SIZE=0 +GATES_OUTPUT="" +TOTAL_GATES=0 +ACIR_OPCODES=0 +VK_GEN_TIME=0 +VK_GEN_SUCCESS="false" +VK_SIZE=0 +PROVE_TIME=0 +PROVE_SUCCESS="false" +PROOF_SIZE=0 +VERIFY_TIME=0 +VERIFY_SUCCESS="false" +ERROR_MSG="" + +# 1. COMPILE +if [ "$SKIP_COMPILE" = true ]; then + echo "" + echo "[1/6] Skipping compilation (using existing artifacts)..." + # Check if compiled circuit exists + if [ -f "${TARGET_DIR}/${CIRCUIT_NAME}.json" ]; then + COMPILE_SUCCESS="true" + COMPILE_TIME=0 + CIRCUIT_SIZE=$(wc -c < "${TARGET_DIR}/${CIRCUIT_NAME}.json" | tr -d ' ') + echo "✓ Found existing compiled circuit (${CIRCUIT_SIZE} bytes)" + else + COMPILE_SUCCESS="false" + COMPILE_TIME=0 + ERROR_MSG="Compilation skipped but circuit JSON not found at ${TARGET_DIR}/${CIRCUIT_NAME}.json" + echo "✗ Compilation skipped but circuit not found" + echo " Expected: ${TARGET_DIR}/${CIRCUIT_NAME}.json" + fi +else + echo "" + echo "[1/6] Compiling circuit..." + START=$(date +%s.%N) + if $NARGO_COMPILE_CMD > /tmp/compile_output.txt 2>&1; then + END=$(date +%s.%N) + COMPILE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + COMPILE_SUCCESS="true" + echo "✓ Compilation successful (${COMPILE_TIME}s)" + + # Get circuit size + if [ -f "${TARGET_DIR}/${CIRCUIT_NAME}.json" ]; then + CIRCUIT_SIZE=$(wc -c < "${TARGET_DIR}/${CIRCUIT_NAME}.json" | tr -d ' ') + fi + else + END=$(date +%s.%N) + COMPILE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + ERROR_MSG="Compilation failed. Check compilation logs." + echo "✗ Compilation failed" + cat /tmp/compile_output.txt + fi +fi + +# 2. EXECUTE +if [ "$COMPILE_SUCCESS" = "true" ]; then + echo "" + echo "[2/6] Executing circuit..." + START=$(date +%s.%N) + if $NARGO_EXECUTE_CMD > /tmp/execute_output.txt 2>&1; then + END=$(date +%s.%N) + EXECUTE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + EXECUTE_SUCCESS="true" + echo "✓ Execution successful (${EXECUTE_TIME}s)" + + # Get witness size + if [ -f "${TARGET_DIR}/${CIRCUIT_NAME}.gz" ]; then + WITNESS_SIZE=$(wc -c < "${TARGET_DIR}/${CIRCUIT_NAME}.gz" | tr -d ' ') + fi + else + END=$(date +%s.%N) + EXECUTE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + ERROR_MSG="Execution failed. Check execution logs." + echo "✗ Execution failed" + cat /tmp/execute_output.txt + fi +fi + +# 3. GATE COUNT +if [ "$EXECUTE_SUCCESS" = "true" ]; then + echo "" + echo "[3/6] Counting gates..." + if GATES_OUTPUT=$($BB_GATES_CMD -b "${TARGET_DIR}/${CIRCUIT_NAME}.json" 2>&1); then + echo "✓ Gate count retrieved" + echo "$GATES_OUTPUT" + # Extract circuit_size and acir_opcodes from JSON output (bb gates returns JSON) + TOTAL_GATES=$(echo "$GATES_OUTPUT" | grep -o '"circuit_size":[[:space:]]*[0-9]*' | grep -o '[0-9]*$' | head -1) + if [ -z "$TOTAL_GATES" ]; then + TOTAL_GATES=0 + fi + ACIR_OPCODES=$(echo "$GATES_OUTPUT" | grep -o '"acir_opcodes":[[:space:]]*[0-9]*' | grep -o '[0-9]*$' | head -1) + if [ -z "$ACIR_OPCODES" ]; then + ACIR_OPCODES=0 + fi + else + echo "✗ Gate count failed" + GATES_OUTPUT="Gate count failed" + TOTAL_GATES=0 + ACIR_OPCODES=0 + fi +fi + +# 4. GENERATE VK +if [ "$EXECUTE_SUCCESS" = "true" ]; then + echo "" + echo "[4/6] Generating verification key..." + START=$(date +%s.%N) + if $BB_WRITE_VK_CMD -b "${TARGET_DIR}/${CIRCUIT_NAME}.json" -o "${TARGET_DIR}" > /tmp/vk_output.txt 2>&1; then + END=$(date +%s.%N) + VK_GEN_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + VK_GEN_SUCCESS="true" + echo "✓ VK generation successful (${VK_GEN_TIME}s)" + + # Get VK size (bb creates vk file directly in target directory) + if [ -f "${TARGET_DIR}/vk" ]; then + VK_SIZE=$(wc -c < "${TARGET_DIR}/vk" | tr -d ' ') + fi + else + END=$(date +%s.%N) + VK_GEN_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + echo "✗ VK generation failed" + cat /tmp/vk_output.txt + fi +fi + +# 5. GENERATE PROOF +if [ "$VK_GEN_SUCCESS" = "true" ]; then + echo "" + echo "[5/6] Generating proof..." + START=$(date +%s.%N) + if $BB_PROVE_CMD -b "${TARGET_DIR}/${CIRCUIT_NAME}.json" -w "${TARGET_DIR}/${CIRCUIT_NAME}.gz" -k "${TARGET_DIR}/vk" -o "${TARGET_DIR}" > /tmp/prove_output.txt 2>&1; then + END=$(date +%s.%N) + PROVE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + PROVE_SUCCESS="true" + echo "✓ Proof generation successful (${PROVE_TIME}s)" + + # Get proof size (bb creates proof file directly in target directory) + if [ -f "${TARGET_DIR}/proof" ]; then + PROOF_SIZE=$(wc -c < "${TARGET_DIR}/proof" | tr -d ' ') + fi + else + END=$(date +%s.%N) + PROVE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + echo "✗ Proof generation failed" + cat /tmp/prove_output.txt + fi +fi + +# 6. VERIFY PROOF +if [ "$PROVE_SUCCESS" = "true" ]; then + echo "" + echo "[6/6] Verifying proof..." + START=$(date +%s.%N) + # bb verify expects paths to vk, proof, and public inputs (all directly in target directory) + if $BB_VERIFY_CMD -k "${TARGET_DIR}/vk" -p "${TARGET_DIR}/proof" -i "${TARGET_DIR}/public_inputs" > /tmp/verify_output.txt 2>&1; then + END=$(date +%s.%N) + VERIFY_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + VERIFY_SUCCESS="true" + echo "✓ Verification successful (${VERIFY_TIME}s)" + else + END=$(date +%s.%N) + VERIFY_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') + echo "✗ Verification failed" + cat /tmp/verify_output.txt + fi +fi + +# Get system info (escape for JSON) +NARGO_VERSION=$(nargo --version 2>/dev/null | tr '\n' ' ' || echo "unknown") +BB_VERSION=$(bb --version 2>/dev/null | tr '\n' ' ' || echo "unknown") +OS_INFO=$(uname -s) +ARCH_INFO=$(uname -m) + +# Get hardware info +if [ "$(uname -s)" = "Darwin" ]; then + # macOS + CPU_MODEL=$(sysctl -n machdep.cpu.brand_string 2>/dev/null || echo "unknown") + CPU_CORES=$(sysctl -n hw.ncpu 2>/dev/null || echo "unknown") + RAM_GB=$(echo "scale=2; $(sysctl -n hw.memsize 2>/dev/null || echo 0) / 1073741824" | bc) + [ "$RAM_GB" = "0" ] && RAM_GB="unknown" +elif [ "$(uname -s)" = "Linux" ]; then + # Linux + CPU_MODEL=$(grep -m1 "model name" /proc/cpuinfo 2>/dev/null | cut -d: -f2 | xargs || echo "unknown") + CPU_CORES=$(nproc 2>/dev/null || grep -c processor /proc/cpuinfo 2>/dev/null || echo "unknown") + RAM_KB=$(grep MemTotal /proc/meminfo 2>/dev/null | awk '{print $2}' || echo "0") + RAM_GB=$(echo "scale=2; $RAM_KB / 1048576" | bc) + [ "$RAM_GB" = "0" ] && RAM_GB="unknown" +else + CPU_MODEL="unknown" + CPU_CORES="unknown" + RAM_GB="unknown" +fi + +# Create JSON output +cat > "$OUTPUT_JSON" < +# circuit_path: e.g. "dkg/pk" or "threshold/share_decryption" +# mode: "insecure" or "secure" +# repo_root: absolute path to repository root (where Cargo.toml and circuits/ live) + +set -e + +CIRCUIT_PATH="$1" +MODE="$2" +REPO_ROOT="$3" + +if [ -z "$CIRCUIT_PATH" ] || [ -z "$MODE" ] || [ -z "$REPO_ROOT" ]; then + echo "Usage: $0 " + echo " circuit_path: e.g. dkg/pk, threshold/share_decryption" + echo " mode: insecure or secure" + echo " repo_root: absolute path to repo root" + exit 1 +fi + +if [ "$MODE" != "insecure" ] && [ "$MODE" != "secure" ]; then + echo "Error: mode must be 'insecure' or 'secure'" + exit 1 +fi + +PRESET="insecure" +[ "$MODE" = "secure" ] && PRESET="secure" + +OUTPUT_DIR="${REPO_ROOT}/circuits/bin/${CIRCUIT_PATH}" + +# Map circuit path to zk_cli --circuit and optional --witness +# DKG circuits that need --witness: share-computation, dkg-share-encryption, share-decryption +get_zk_args() { + local path="$1" + case "$path" in + dkg/pk) + echo "pk" + return + ;; + dkg/sk_share_computation) + echo "share-computation secret-key" + return + ;; + dkg/e_sm_share_computation) + echo "share-computation smudging-noise" + return + ;; + dkg/sk_share_encryption) + echo "dkg-share-encryption secret-key" + return + ;; + dkg/e_sm_share_encryption) + echo "dkg-share-encryption smudging-noise" + return + ;; + dkg/sk_share_decryption) + echo "share-decryption secret-key" + return + ;; + dkg/e_sm_share_decryption) + echo "share-decryption smudging-noise" + return + ;; + threshold/user_data_encryption) + echo "user-data-encryption" + return + ;; + threshold/pk_generation) + echo "pk-generation" + return + ;; + threshold/pk_aggregation) + echo "pk-aggregation" + return + ;; + threshold/share_decryption) + echo "threshold-share-decryption" + return + ;; + threshold/decrypted_shares_aggregation_bn|threshold/decrypted_shares_aggregation_mod) + echo "decrypted-shares-aggregation" + return + ;; + *) + echo "Error: unknown circuit path: $path" >&2 + exit 1 + ;; + esac +} + +ZK_ARGS=($(get_zk_args "$CIRCUIT_PATH")) +ZK_CIRCUIT="${ZK_ARGS[0]}" +ZK_WITNESS="${ZK_ARGS[1]:-}" + +cd "$REPO_ROOT" + +CMD=(cargo run -p e3-zk-helpers --bin zk_cli -- --circuit "$ZK_CIRCUIT" --preset "$PRESET" --output "$OUTPUT_DIR" --toml --no-configs) +if [ -n "$ZK_WITNESS" ]; then + CMD+=(--witness "$ZK_WITNESS") +fi + +echo " Generating Prover.toml: zk_cli --circuit $ZK_CIRCUIT --preset $PRESET ${ZK_WITNESS:+--witness $ZK_WITNESS}" +if ! "${CMD[@]}" 2>&1; then + echo "Error: zk_cli failed for $CIRCUIT_PATH" + exit 1 +fi diff --git a/circuits/benchmarks/scripts/generate_report.sh b/circuits/benchmarks/scripts/generate_report.sh new file mode 100755 index 0000000000..27a288e566 --- /dev/null +++ b/circuits/benchmarks/scripts/generate_report.sh @@ -0,0 +1,306 @@ +#!/bin/bash + +# generate_report.sh - Generates a markdown report from benchmark JSON results +# Usage: ./generate_report.sh --input-dir --output --git-commit --git-branch + +set -e + +INPUT_DIR="" +OUTPUT_FILE="" +GIT_COMMIT="unknown" +GIT_BRANCH="unknown" + +# Parse arguments +while [[ $# -gt 0 ]]; do + case $1 in + --input-dir) + INPUT_DIR="$2" + shift 2 + ;; + --output) + OUTPUT_FILE="$2" + shift 2 + ;; + --git-commit) + GIT_COMMIT="$2" + shift 2 + ;; + --git-branch) + GIT_BRANCH="$2" + shift 2 + ;; + *) + echo "Unknown option: $1" + exit 1 + ;; + esac +done + +if [ -z "$INPUT_DIR" ] || [ -z "$OUTPUT_FILE" ]; then + echo "Usage: $0 --input-dir --output [--git-commit ] [--git-branch ]" + exit 1 +fi + +# Helper functions +format_bytes() { + local bytes=$1 + if [ "$bytes" -eq 0 ]; then + echo "0 B" + elif [ "$bytes" -lt 1024 ]; then + echo "${bytes} B" + elif [ "$bytes" -lt 1048576 ]; then + local kb=$(echo "scale=5; $bytes/1024" | bc | awk '{printf "%.2f", $0}') + echo "${kb} KB" + else + local mb=$(echo "scale=5; $bytes/1048576" | bc | awk '{printf "%.2f", $0}') + echo "${mb} MB" + fi +} + +format_time() { + local seconds=$1 + # Format to 2 decimal places + local s=$(echo "$seconds" | awk '{printf "%.2f", $0}') + echo "${s} s" +} + +format_gates() { + local gates=$1 + if [ "$gates" -ge 1000000 ]; then + local m=$(echo "scale=5; $gates/1000000" | bc | awk '{printf "%.2f", $0}') + echo "${m}M" + elif [ "$gates" -ge 1000 ]; then + local k=$(echo "scale=5; $gates/1000" | bc | awk '{printf "%.2f", $0}') + echo "${k}K" + else + echo "$gates" + fi +} + + +# Helper: return "dkg" or "threshold" from circuit_path in JSON +category_of() { + local path + path=$(jq -r '.circuit_path' "$1") + if [[ "$path" == *"/dkg/"* ]]; then + echo "dkg" + elif [[ "$path" == *"/threshold/"* ]]; then + echo "threshold" + else + echo "other" + fi +} + +# Start building report +TIMESTAMP=$(date -u "+%Y-%m-%d %H:%M:%S UTC") + +cat > "$OUTPUT_FILE" << EOF +# Enclave ZK Circuit Benchmarks + +**Generated:** ${TIMESTAMP} + +**Git Branch:** \`${GIT_BRANCH}\` +**Git Commit:** \`${GIT_COMMIT}\` + +--- + +## Summary + +### DKG + +#### Timing Metrics + +| Circuit | Compile | Execute | Prove | Verify | +|---------|---------|---------|-------|--------| +EOF + +for json_file in "$INPUT_DIR"/*.json; do + [ -f "$json_file" ] || continue + [ "$(category_of "$json_file")" = "dkg" ] || continue + circuit=$(jq -r '.circuit_name' "$json_file") + compile_time=$(jq -r '.compilation.time_seconds' "$json_file") + execute_time=$(jq -r '.execution.time_seconds' "$json_file") + prove_time=$(jq -r '.proof_generation.time_seconds' "$json_file") + verify_time=$(jq -r '.verification.time_seconds' "$json_file") + compile_fmt=$(format_time "$compile_time") + execute_fmt=$(format_time "$execute_time") + prove_fmt=$(format_time "$prove_time") + verify_fmt=$(format_time "$verify_time") + echo "| $circuit | $compile_fmt | $execute_fmt | $prove_fmt | $verify_fmt |" >> "$OUTPUT_FILE" +done + +cat >> "$OUTPUT_FILE" << EOF + +#### Size & Circuit Metrics + +| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | +|---------|---------|-------|--------------|---------|---------|------------| +EOF + +for json_file in "$INPUT_DIR"/*.json; do + [ -f "$json_file" ] || continue + [ "$(category_of "$json_file")" = "dkg" ] || continue + circuit=$(jq -r '.circuit_name' "$json_file") + opcodes=$(jq -r '.gates.acir_opcodes // 0' "$json_file") + gates=$(jq -r '.gates.total_gates' "$json_file") + circuit_size=$(jq -r '.compilation.circuit_size_bytes' "$json_file") + witness_size=$(jq -r '.execution.witness_size_bytes' "$json_file") + vk_size=$(jq -r '.vk_generation.vk_size_bytes' "$json_file") + proof_size=$(jq -r '.proof_generation.proof_size_bytes' "$json_file") + gates_fmt=$(format_gates "$gates") + circuit_size_fmt=$(format_bytes "$circuit_size") + witness_size_fmt=$(format_bytes "$witness_size") + vk_size_fmt=$(format_bytes "$vk_size") + proof_size_fmt=$(format_bytes "$proof_size") + echo "| $circuit | $opcodes | $gates_fmt | $circuit_size_fmt | $witness_size_fmt | $vk_size_fmt | $proof_size_fmt |" >> "$OUTPUT_FILE" +done + +cat >> "$OUTPUT_FILE" << EOF + +### Threshold + +#### Timing Metrics + +| Circuit | Compile | Execute | Prove | Verify | +|---------|---------|---------|-------|--------| +EOF + +for json_file in "$INPUT_DIR"/*.json; do + [ -f "$json_file" ] || continue + [ "$(category_of "$json_file")" = "threshold" ] || continue + circuit=$(jq -r '.circuit_name' "$json_file") + compile_time=$(jq -r '.compilation.time_seconds' "$json_file") + execute_time=$(jq -r '.execution.time_seconds' "$json_file") + prove_time=$(jq -r '.proof_generation.time_seconds' "$json_file") + verify_time=$(jq -r '.verification.time_seconds' "$json_file") + compile_fmt=$(format_time "$compile_time") + execute_fmt=$(format_time "$execute_time") + prove_fmt=$(format_time "$prove_time") + verify_fmt=$(format_time "$verify_time") + echo "| $circuit | $compile_fmt | $execute_fmt | $prove_fmt | $verify_fmt |" >> "$OUTPUT_FILE" +done + +cat >> "$OUTPUT_FILE" << EOF + +#### Size & Circuit Metrics + +| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | +|---------|---------|-------|--------------|---------|---------|------------| +EOF + +for json_file in "$INPUT_DIR"/*.json; do + [ -f "$json_file" ] || continue + [ "$(category_of "$json_file")" = "threshold" ] || continue + circuit=$(jq -r '.circuit_name' "$json_file") + opcodes=$(jq -r '.gates.acir_opcodes // 0' "$json_file") + gates=$(jq -r '.gates.total_gates' "$json_file") + circuit_size=$(jq -r '.compilation.circuit_size_bytes' "$json_file") + witness_size=$(jq -r '.execution.witness_size_bytes' "$json_file") + vk_size=$(jq -r '.vk_generation.vk_size_bytes' "$json_file") + proof_size=$(jq -r '.proof_generation.proof_size_bytes' "$json_file") + gates_fmt=$(format_gates "$gates") + circuit_size_fmt=$(format_bytes "$circuit_size") + witness_size_fmt=$(format_bytes "$witness_size") + vk_size_fmt=$(format_bytes "$vk_size") + proof_size_fmt=$(format_bytes "$proof_size") + echo "| $circuit | $opcodes | $gates_fmt | $circuit_size_fmt | $witness_size_fmt | $vk_size_fmt | $proof_size_fmt |" >> "$OUTPUT_FILE" +done + +# Detailed metrics by circuit, grouped by DKG / Threshold +cat >> "$OUTPUT_FILE" << EOF + +## Circuit Details + +EOF + +for category in dkg threshold; do + title="DKG"; [ "$category" = "threshold" ] && title="Threshold" + echo "### $title" >> "$OUTPUT_FILE" + echo "" >> "$OUTPUT_FILE" + circuits=$(for json_file in "$INPUT_DIR"/*.json; do + [ -f "$json_file" ] || continue + [ "$(category_of "$json_file")" = "$category" ] || continue + jq -r '.circuit_name' "$json_file" + done | sort -u) + for circuit in $circuits; do + json_file="" + for f in "$INPUT_DIR"/*.json; do + [ -f "$f" ] || continue + [ "$(category_of "$f")" = "$category" ] || continue + c=$(jq -r '.circuit_name' "$f") + if [ "$c" = "$circuit" ]; then + json_file="$f" + break + fi + done + [ -z "$json_file" ] && continue + echo "#### $circuit" >> "$OUTPUT_FILE" + echo "" >> "$OUTPUT_FILE" + compile=$(jq -r '.compilation.time_seconds' "$json_file") + execute=$(jq -r '.execution.time_seconds' "$json_file") + opcodes=$(jq -r '.gates.acir_opcodes // 0' "$json_file") + gates=$(jq -r '.gates.total_gates' "$json_file") + vk_gen=$(jq -r '.vk_generation.time_seconds' "$json_file") + prove=$(jq -r '.proof_generation.time_seconds' "$json_file") + verify=$(jq -r '.verification.time_seconds' "$json_file") + circuit_size=$(jq -r '.compilation.circuit_size_bytes' "$json_file") + witness_size=$(jq -r '.execution.witness_size_bytes' "$json_file") + vk_size=$(jq -r '.vk_generation.vk_size_bytes' "$json_file") + proof_size=$(jq -r '.proof_generation.proof_size_bytes' "$json_file") + cat >> "$OUTPUT_FILE" << INNER +| Metric | Value | +|--------|-------| +| **Compilation** | $(format_time $compile) | +| **Execution** | $(format_time $execute) | +| **VK Generation** | $(format_time $vk_gen) | +| **Proof Generation** | $(format_time $prove) | +| **Verification** | $(format_time $verify) | +| **ACIR Opcodes** | $opcodes | +| **Total Gates** | $gates | +| **Circuit Size** | $(format_bytes $circuit_size) | +| **Witness Size** | $(format_bytes $witness_size) | +| **VK Size** | $(format_bytes $vk_size) | +| **Proof Size** | $(format_bytes $proof_size) | + +INNER + done + echo "" >> "$OUTPUT_FILE" +done + +# System info (from first JSON file) +first_json=$(ls "$INPUT_DIR"/*.json 2>/dev/null | head -1) +if [ -n "$first_json" ]; then + cat >> "$OUTPUT_FILE" << EOF +## System Information + +### Hardware + +EOF + + cpu_model=$(jq -r '.system_info.cpu_model // "unknown"' "$first_json") + cpu_cores=$(jq -r '.system_info.cpu_cores // "unknown"' "$first_json") + ram_gb=$(jq -r '.system_info.ram_gb // "unknown"' "$first_json") + os=$(jq -r '.system_info.os' "$first_json") + arch=$(jq -r '.system_info.arch' "$first_json") + + echo "- **CPU:** $cpu_model" >> "$OUTPUT_FILE" + echo "- **CPU Cores:** $cpu_cores" >> "$OUTPUT_FILE" + echo "- **RAM:** ${ram_gb} GB" >> "$OUTPUT_FILE" + echo "- **OS:** $os" >> "$OUTPUT_FILE" + echo "- **Architecture:** $arch" >> "$OUTPUT_FILE" + + cat >> "$OUTPUT_FILE" << EOF + +### Software + +EOF + + nargo=$(jq -r '.system_info.nargo_version' "$first_json") + bb=$(jq -r '.system_info.bb_version' "$first_json") + + echo "- **Nargo Version:** $nargo" >> "$OUTPUT_FILE" + echo "- **Barretenberg Version:** $bb" >> "$OUTPUT_FILE" + echo "" >> "$OUTPUT_FILE" +fi + +echo "✓ Report generated successfully: $OUTPUT_FILE" diff --git a/circuits/benchmarks/scripts/run_benchmarks.sh b/circuits/benchmarks/scripts/run_benchmarks.sh new file mode 100755 index 0000000000..f39a28d57d --- /dev/null +++ b/circuits/benchmarks/scripts/run_benchmarks.sh @@ -0,0 +1,208 @@ +#!/bin/bash + +# run_benchmarks.sh - Main orchestration script for benchmarking circuits +# Usage: ./run_benchmarks.sh [--config ] [--mode insecure|secure] [--skip-compile] [--clean] + +set -e + +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +BENCHMARKS_DIR="$(dirname "$SCRIPT_DIR")" +CONFIG_FILE="${BENCHMARKS_DIR}/config.json" +CLEAN_ARTIFACTS=false +MODE_OVERRIDE="" +SKIP_COMPILE=false + +# Parse arguments +while [[ $# -gt 0 ]]; do + case $1 in + --config) + CONFIG_FILE="$2" + shift 2 + ;; + --mode) + MODE_OVERRIDE="$2" + if [ "$MODE_OVERRIDE" != "insecure" ] && [ "$MODE_OVERRIDE" != "secure" ]; then + echo "Error: Mode must be 'insecure' or 'secure'" + exit 1 + fi + shift 2 + ;; + --skip-compile|--no-compile) + SKIP_COMPILE=true + shift + ;; + --clean) + CLEAN_ARTIFACTS=true + shift + ;; + *) + echo "Unknown option: $1" + echo "Usage: $0 [--config ] [--mode insecure|secure] [--skip-compile] [--clean]" + exit 1 + ;; + esac +done + +if [ ! -f "$CONFIG_FILE" ]; then + echo "Error: Config file not found: $CONFIG_FILE" + exit 1 +fi + +echo "╔════════════════════════════════════════════════╗" +echo "║ Enclave ZK Circuit Benchmark Suite ║" +echo "╚════════════════════════════════════════════════╝" +echo "" + +# Read configuration +CIRCUITS=$(jq -r '.circuits[]' "$CONFIG_FILE") +ORACLES=$(jq -r '.oracles[]' "$CONFIG_FILE") +OUTPUT_DIR_BASE=$(jq -r '.output_dir // "results"' "$CONFIG_FILE") +BIN_DIR=$(jq -r '.bin_dir // "../bin"' "$CONFIG_FILE") +MODE=$(jq -r '.mode // "insecure"' "$CONFIG_FILE") + +# Override mode if provided via command line +if [ -n "$MODE_OVERRIDE" ]; then + MODE="$MODE_OVERRIDE" +fi + +# Validate mode +if [ "$MODE" != "insecure" ] && [ "$MODE" != "secure" ]; then + echo "Error: Invalid mode '$MODE'. Must be 'insecure' or 'secure'" + exit 1 +fi + +# Monorepo root (benchmarks live in circuits/benchmarks, so go up two levels) +REPO_ROOT="$(cd "${BENCHMARKS_DIR}/../.." && pwd)" +# Circuits live under circuits/bin (bin_dir is relative to benchmarks dir, e.g. ../bin) +CIRCUITS_BASE_DIR="$(cd "${BENCHMARKS_DIR}/${BIN_DIR}" && pwd)" + +# Create mode-specific output directory +OUTPUT_DIR="${OUTPUT_DIR_BASE}_${MODE}" +mkdir -p "${BENCHMARKS_DIR}/${OUTPUT_DIR}/raw" + +# For secure mode, patch lib to use secure configs (restored at end) +DEFAULT_MOD_NR="${REPO_ROOT}/circuits/lib/src/configs/default/mod.nr" +DEFAULT_MOD_BACKUP="" +if [ "$MODE" = "secure" ] && [ -f "$DEFAULT_MOD_NR" ]; then + DEFAULT_MOD_BACKUP="${DEFAULT_MOD_NR}.benchmark_backup" + cp "$DEFAULT_MOD_NR" "$DEFAULT_MOD_BACKUP" + if sed --version 2>/dev/null | grep -q GNU; then + sed -i 's|super::insecure::|super::secure::|g' "$DEFAULT_MOD_NR" + else + sed -i '' 's|super::insecure::|super::secure::|g' "$DEFAULT_MOD_NR" + fi + echo " Patched lib configs to secure (will restore)" +fi + +# Store git info +GIT_COMMIT=$(git rev-parse HEAD 2>/dev/null || echo "unknown") +GIT_BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown") + +echo "Configuration:" +echo " Mode: $MODE" +if [ "$SKIP_COMPILE" = true ]; then + echo " Skip Compilation: Yes (using existing artifacts)" +fi +echo " Git Branch: $GIT_BRANCH" +echo " Git Commit: $GIT_COMMIT" +echo " Circuits: $(echo $CIRCUITS | wc -w | tr -d ' ')" +echo " Oracles: $(echo $ORACLES)" +echo " Base Directory: $CIRCUITS_BASE_DIR" +echo " Output Directory: ${OUTPUT_DIR}" +echo "" + +TOTAL_BENCHMARKS=$(($(echo $CIRCUITS | wc -w | tr -d ' ') * $(echo $ORACLES | wc -w | tr -d ' '))) +CURRENT=0 + +# Restore lib config on exit (if we patched for secure) +restore_default_mod() { + if [ -n "$DEFAULT_MOD_BACKUP" ] && [ -f "$DEFAULT_MOD_BACKUP" ]; then + cp "$DEFAULT_MOD_BACKUP" "$DEFAULT_MOD_NR" + rm -f "$DEFAULT_MOD_BACKUP" + echo " Restored lib configs/default to insecure" + fi +} +trap restore_default_mod EXIT + +# Run benchmarks +for CIRCUIT in $CIRCUITS; do + CIRCUIT_PATH="${CIRCUITS_BASE_DIR}/${CIRCUIT}" + + if [ ! -d "$CIRCUIT_PATH" ]; then + echo "⚠️ Warning: Circuit directory not found: $CIRCUIT_PATH" + echo " Skipping..." + echo "" + continue + fi + + for ORACLE in $ORACLES; do + CURRENT=$((CURRENT + 1)) + CIRCUIT_SLUG="$(echo "$CIRCUIT" | tr '/' '_')" + OUTPUT_FILE="${BENCHMARKS_DIR}/${OUTPUT_DIR}/raw/${CIRCUIT_SLUG}_${ORACLE}.json" + + echo "────────────────────────────────────────────────" + echo "Benchmark [$CURRENT/$TOTAL_BENCHMARKS]: ${CIRCUIT} (${MODE}) with ${ORACLE} oracle" + echo "────────────────────────────────────────────────" + + # Generate Prover.toml (and configs.nr) via zk_cli so nargo execute has witness + echo " Generating Prover.toml..." + if ! "${SCRIPT_DIR}/generate_prover_toml.sh" "$CIRCUIT" "$MODE" "$REPO_ROOT" 2>&1; then + echo "⚠️ Prover.toml generation failed for $CIRCUIT, skipping benchmark" + echo "" + continue + fi + + # Run benchmark + BENCHMARK_ARGS=("$CIRCUIT_PATH" "$ORACLE" "$OUTPUT_FILE" "$MODE") + if [ "$SKIP_COMPILE" = true ]; then + BENCHMARK_ARGS+=("--skip-compile") + fi + "${SCRIPT_DIR}/benchmark_circuit.sh" "${BENCHMARK_ARGS[@]}" + + echo "" + done +done + +echo "╔════════════════════════════════════════════════╗" +echo "║ Generating Report... ║" +echo "╚════════════════════════════════════════════════╝" +echo "" + +# Generate markdown report +REPORT_FILE="${BENCHMARKS_DIR}/${OUTPUT_DIR}/report.md" +"${SCRIPT_DIR}/generate_report.sh" \ + --input-dir "${BENCHMARKS_DIR}/${OUTPUT_DIR}/raw" \ + --output "${REPORT_FILE}" \ + --git-commit "$GIT_COMMIT" \ + --git-branch "$GIT_BRANCH" + +echo "✓ Report generated: ${REPORT_FILE}" +echo "" + +# Clean artifacts if requested +if [ "$CLEAN_ARTIFACTS" = true ]; then + echo "Cleaning circuit artifacts..." + for CIRCUIT in $CIRCUITS; do + CIRCUIT_PATH="${CIRCUITS_BASE_DIR}/${CIRCUIT}" + if [ -d "$CIRCUIT_PATH/target" ]; then + rm -rf "$CIRCUIT_PATH/target" + echo " ✓ Cleaned: $CIRCUIT (${MODE})" + else + echo " ⊘ No target dir: $CIRCUIT (${MODE})" + fi + done + echo "" +fi + +echo "╔════════════════════════════════════════════════╗" +echo "║ Benchmark Complete! ║" +echo "╚════════════════════════════════════════════════╝" +echo "" +echo "Results:" +echo " Raw data: ${BENCHMARKS_DIR}/${OUTPUT_DIR}/raw/" +echo " Report: ${REPORT_FILE}" +echo "" +echo "To view the report:" +echo " cat ${REPORT_FILE}" +echo " # or" +echo " open ${REPORT_FILE} # (macOS)" diff --git a/crates/zk-helpers/README.md b/crates/zk-helpers/README.md index 85f452cadf..aa0b4f0276 100644 --- a/crates/zk-helpers/README.md +++ b/crates/zk-helpers/README.md @@ -18,14 +18,17 @@ cargo run -p e3-zk-helpers --bin zk_cli -- --circuit share-computation --preset # Generate configs.nr and Prover.toml (--witness required for share-computation) cargo run -p e3-zk-helpers --bin zk_cli -- --circuit pk --preset insecure --toml cargo run -p e3-zk-helpers --bin zk_cli -- --circuit share-computation --preset insecure --witness secret-key --toml -cargo run -p e3-zk-helpers --bin zk_cli -- --circuit share-computation --preset secure --witness smudging-noise --toml + +# Generate only Prover.toml (no configs.nr), e.g. for benchmarks where circuits use lib configs +cargo run -p e3-zk-helpers --bin zk_cli -- --circuit pk --preset insecure --toml --no-configs ``` -| Flag | Description | -| ------------------ | ----------------------------------------------------------------------------- | -| `--list_circuits` | List circuits and exit | -| `--circuit ` | Circuit: `pk` or `share-computation` | -| `--preset ` | Security preset: `insecure` (512) or `secure` (8192) | -| `--witness ` | For `share-computation` when using `--toml`: `secret-key` or `smudging-noise` | -| `--output ` | Output dir (default: `output`) | -| `--toml` | Also write Prover.toml (default: configs.nr only) | +| Flag | Description | +| ------------------ | ------------------------------------------------------------------------------ | +| `--list_circuits` | List circuits and exit | +| `--circuit ` | Circuit name (e.g. `pk`, `share-computation`, `threshold-share-decryption`) | +| `--preset ` | Security preset: `insecure` (512) or `secure` (8192) | +| `--witness ` | For DKG witness circuits when using `--toml`: `secret-key` or `smudging-noise` | +| `--output ` | Output dir (default: `output`) | +| `--toml` | Also write Prover.toml (default: configs.nr only) | +| `--no-configs` | With `--toml`: do not write configs.nr (e.g. for circuit benchmarks) | diff --git a/crates/zk-helpers/src/bin/zk_cli.rs b/crates/zk-helpers/src/bin/zk_cli.rs index 6cbab46d49..da103b7293 100644 --- a/crates/zk-helpers/src/bin/zk_cli.rs +++ b/crates/zk-helpers/src/bin/zk_cli.rs @@ -18,7 +18,7 @@ use e3_zk_helpers::circuits::dkg::pk::circuit::{PkCircuit, PkCircuitInput}; use e3_zk_helpers::circuits::dkg::share_computation::circuit::{ ShareComputationCircuit, ShareComputationCircuitInput, }; -use e3_zk_helpers::codegen::{write_artifacts, CircuitCodegen}; +use e3_zk_helpers::codegen::{write_artifacts, write_toml, CircuitCodegen}; use e3_zk_helpers::computation::DkgInputType; use e3_zk_helpers::dkg::share_decryption::{ ShareDecryptionCircuit as DkgShareDecryptionCircuit, @@ -77,6 +77,7 @@ fn print_generation_info( dkg_input_type: DkgInputType, output: &std::path::Path, write_prover_toml: bool, + no_configs: bool, ) { let meta = preset.metadata(); println!(" Circuit: {}", circuit); @@ -97,7 +98,9 @@ fn print_generation_info( } println!(" Output: {}", output.display()); println!(" Artifacts:"); - if write_prover_toml { + if no_configs { + println!(" • Prover.toml only (--toml --no-configs)"); + } else if write_prover_toml { println!(" • configs.nr"); println!(" • Prover.toml"); } else { @@ -157,6 +160,9 @@ struct Cli { /// Also write Prover.toml (default: configs.nr only). #[arg(long, default_value = "false")] toml: bool, + /// When used with --toml: do not write configs.nr (e.g. for benchmarks where circuits use lib configs). + #[arg(long, default_value = "false")] + no_configs: bool, } fn main() -> Result<()> { @@ -220,6 +226,7 @@ fn main() -> Result<()> { } let write_prover_toml = args.toml; + let no_configs = args.no_configs && args.toml; // DKG circuits have a witness-type choice (secret-key vs smudging-noise) excluding `pk` or C0 circuit. let has_witness_type = circuit_meta.name() == ShareComputationCircuit::NAME || circuit_meta.name() == ShareEncryptionCircuit::NAME @@ -255,6 +262,7 @@ fn main() -> Result<()> { dkg_input_type.clone(), &args.output, write_prover_toml, + no_configs, ); run_with_spinner(|| { @@ -337,12 +345,16 @@ fn main() -> Result<()> { name => return Err(anyhow!("circuit {} not yet implemented", name)), }; - let toml = if write_prover_toml { - Some(&artifacts.toml) + if no_configs { + write_toml(&artifacts.toml, Some(args.output.as_path()))?; } else { - None - }; - write_artifacts(toml, &artifacts.configs, Some(args.output.as_path()))?; + let toml = if write_prover_toml { + Some(&artifacts.toml) + } else { + None + }; + write_artifacts(toml, &artifacts.configs, Some(args.output.as_path()))?; + } Ok(()) })?; diff --git a/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs b/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs index bf2bf5bc37..fc1223c8b4 100644 --- a/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs +++ b/crates/zk-helpers/src/circuits/dkg/pk/codegen.rs @@ -125,14 +125,22 @@ mod tests { assert!(configs_content.contains( format!( "N: u32 = {}", - BfvPreset::InsecureThreshold512.metadata().degree + BfvPreset::InsecureThreshold512 + .dkg_counterpart() + .unwrap() + .metadata() + .degree, ) .as_str() )); assert!(configs_content.contains( format!( "L: u32 = {}", - BfvPreset::InsecureThreshold512.metadata().num_moduli + BfvPreset::InsecureThreshold512 + .dkg_counterpart() + .unwrap() + .metadata() + .num_moduli, ) .as_str() )); diff --git a/crates/zk-helpers/src/circuits/dkg/share_decryption/sample.rs b/crates/zk-helpers/src/circuits/dkg/share_decryption/sample.rs index cc1220ea4c..2514e978bd 100644 --- a/crates/zk-helpers/src/circuits/dkg/share_decryption/sample.rs +++ b/crates/zk-helpers/src/circuits/dkg/share_decryption/sample.rs @@ -46,7 +46,7 @@ impl ShareDecryptionCircuitInput { ShareManager::new(committee.n, committee.threshold, threshold_params.clone()); let mut honest_ciphertexts: Vec> = Vec::new(); - let num_honest = committee.n; + let num_honest = committee.h; for _ in 0..num_honest { let mut party_cts = Vec::new(); for _ in 0..threshold_params.moduli().len() { @@ -151,7 +151,7 @@ mod tests { ) .unwrap(); - assert_eq!(sample.honest_ciphertexts.len(), committee.n); + assert_eq!(sample.honest_ciphertexts.len(), committee.h); assert_eq!( sample.secret_key.coeffs.len(), BfvPreset::InsecureThreshold512.metadata().degree @@ -168,7 +168,7 @@ mod tests { ) .unwrap(); - assert_eq!(sample.honest_ciphertexts.len(), committee.n); + assert_eq!(sample.honest_ciphertexts.len(), committee.h); assert_eq!( sample.secret_key.coeffs.len(), BfvPreset::InsecureThreshold512.metadata().degree diff --git a/crates/zk-helpers/src/circuits/mod.rs b/crates/zk-helpers/src/circuits/mod.rs index f63ddfae9a..a60579d5df 100644 --- a/crates/zk-helpers/src/circuits/mod.rs +++ b/crates/zk-helpers/src/circuits/mod.rs @@ -9,7 +9,9 @@ pub mod commitments; pub mod computation; pub mod errors; -pub use codegen::{write_artifacts, Artifacts, CircuitCodegen, CodegenConfigs, CodegenToml}; +pub use codegen::{ + write_artifacts, write_toml, Artifacts, CircuitCodegen, CodegenConfigs, CodegenToml, +}; pub use commitments::*; pub use computation::{CircuitComputation, Computation}; pub use errors::CircuitsErrors; diff --git a/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs b/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs index 23ab1c48e4..d87c963530 100644 --- a/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs +++ b/crates/zk-helpers/src/circuits/threshold/pk_aggregation/codegen.rs @@ -129,7 +129,7 @@ mod tests { .contains(format!("{}_BIT_PK: u32 = {}", prefix, configs.bits.pk_bit).as_str())); assert!(codegen_configs.contains( format!( - "{}_CONFIGS: PkAggregationConfigs = PkAggregationConfigs::new(QIS,);", + "{}_CONFIGS: PkAggregationConfigs = PkAggregationConfigs::new(QIS);", prefix ) .as_str() From cb1eeb0770bdf619de9ea22574c789247f259149 Mon Sep 17 00:00:00 2001 From: 0xjei Date: Wed, 11 Feb 2026 10:58:22 +0100 Subject: [PATCH 5/6] add circuit selector for bench script and nits --- .../benchmarks/results_insecure/report.md | 204 +++++++++--------- circuits/benchmarks/results_secure/report.md | 60 ++---- .../benchmarks/scripts/benchmark_circuit.sh | 106 ++++++--- .../benchmarks/scripts/generate_report.sh | 22 +- circuits/benchmarks/scripts/run_benchmarks.sh | 46 +++- 5 files changed, 253 insertions(+), 185 deletions(-) diff --git a/circuits/benchmarks/results_insecure/report.md b/circuits/benchmarks/results_insecure/report.md index 43da531c01..1f2da7ef10 100644 --- a/circuits/benchmarks/results_insecure/report.md +++ b/circuits/benchmarks/results_insecure/report.md @@ -1,9 +1,9 @@ # Enclave ZK Circuit Benchmarks -**Generated:** 2026-02-10 14:31:26 UTC +**Generated:** 2026-02-11 09:57:32 UTC **Git Branch:** `circuits/configs-benches` -**Git Commit:** `a59e54c02ae531cb9579c2fae86caab28c7e9efa` +**Git Commit:** `eb62e90b8e36fedfd255a2dc8e6867296c2dc379` --- @@ -15,24 +15,24 @@ | Circuit | Compile | Execute | Prove | Verify | | ---------------------- | ------- | ------- | ------ | ------ | -| e_sm_share_computation | 0.33 s | 0.53 s | 1.62 s | 0.03 s | -| e_sm_share_decryption | 0.26 s | 0.27 s | 0.21 s | 0.02 s | +| e_sm_share_computation | 4.67 s | 0.50 s | 1.67 s | 0.03 s | +| e_sm_share_decryption | 0.82 s | 0.29 s | 0.24 s | 0.02 s | | e_sm_share_encryption | 0.30 s | 0.45 s | 0.63 s | 0.03 s | -| pk | 0.25 s | 0.27 s | 0.12 s | 0.02 s | -| sk_share_computation | 0.32 s | 0.52 s | 1.69 s | 0.02 s | -| sk_share_decryption | 0.27 s | 0.28 s | 0.21 s | 0.02 s | +| pk | 0.34 s | 0.26 s | 0.12 s | 0.02 s | +| sk_share_computation | 4.63 s | 0.53 s | 1.56 s | 0.02 s | +| sk_share_decryption | 0.79 s | 0.27 s | 0.24 s | 0.02 s | | sk_share_encryption | 0.29 s | 0.44 s | 0.62 s | 0.03 s | #### Size & Circuit Metrics | Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | | ---------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | -| e_sm_share_computation | 90956 | 328.74K | 1.39 MB | 477.88 KB | 3.59 KB | 15.88 KB | -| e_sm_share_decryption | 1949 | 19.05K | 129.17 KB | 95.40 KB | 3.59 KB | 15.88 KB | +| e_sm_share_computation | 90956 | 328.74K | 1.39 MB | 477.92 KB | 3.59 KB | 15.88 KB | +| e_sm_share_decryption | 3093 | 28.72K | 158.28 KB | 148.85 KB | 3.59 KB | 15.88 KB | | e_sm_share_encryption | 47758 | 127.69K | 797.90 KB | 512.26 KB | 3.59 KB | 15.88 KB | -| pk | 344 | 6.85K | 87.63 KB | 29.09 KB | 3.59 KB | 15.88 KB | -| sk_share_computation | 90827 | 326.14K | 1.38 MB | 463.66 KB | 3.59 KB | 15.88 KB | -| sk_share_decryption | 1949 | 19.05K | 129.17 KB | 95.45 KB | 3.59 KB | 15.88 KB | +| pk | 344 | 6.85K | 87.84 KB | 29.08 KB | 3.59 KB | 15.88 KB | +| sk_share_computation | 90827 | 326.14K | 1.38 MB | 463.65 KB | 3.59 KB | 15.88 KB | +| sk_share_decryption | 3093 | 28.72K | 158.27 KB | 148.83 KB | 3.59 KB | 15.88 KB | | sk_share_encryption | 47758 | 127.69K | 797.90 KB | 512.48 KB | 3.59 KB | 15.88 KB | ### Threshold @@ -42,22 +42,22 @@ | Circuit | Compile | Execute | Prove | Verify | | -------------------------------- | ------- | ------- | ------ | ------ | | decrypted_shares_aggregation_bn | 0.30 s | 0.50 s | 0.52 s | 0.03 s | -| decrypted_shares_aggregation_mod | 0.28 s | 0.33 s | 0.47 s | 0.03 s | -| pk_aggregation | 0.28 s | 0.41 s | 0.86 s | 0.02 s | -| pk_generation | 0.27 s | 0.39 s | 0.50 s | 0.03 s | -| share_decryption | 0.28 s | 0.39 s | 0.56 s | 0.03 s | -| user_data_encryption | 0.29 s | 0.47 s | 0.60 s | 0.02 s | +| decrypted_shares_aggregation_mod | 0.27 s | 0.32 s | 0.46 s | 0.02 s | +| pk_aggregation | 2.32 s | 0.44 s | 0.90 s | 0.02 s | +| pk_generation | 1.95 s | 0.38 s | 0.51 s | 0.03 s | +| share_decryption | 1.85 s | 0.39 s | 0.53 s | 0.03 s | +| user_data_encryption | 2.78 s | 0.47 s | 0.57 s | 0.02 s | #### Size & Circuit Metrics | Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | | -------------------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | | decrypted_shares_aggregation_bn | 40424 | 102.01K | 1.00 MB | 104.64 KB | 3.59 KB | 15.88 KB | -| decrypted_shares_aggregation_mod | 31544 | 80.74K | 509.67 KB | 77.58 KB | 3.59 KB | 15.88 KB | -| pk_aggregation | 46897 | 151.06K | 821.80 KB | 278.60 KB | 3.59 KB | 15.88 KB | -| pk_generation | 30019 | 65.61K | 541.92 KB | 445.47 KB | 3.59 KB | 15.88 KB | -| share_decryption | 30570 | 85.48K | 541.56 KB | 522.85 KB | 3.59 KB | 15.88 KB | -| user_data_encryption | 56601 | 106.72K | 847.43 KB | 691.14 KB | 3.59 KB | 15.88 KB | +| decrypted_shares_aggregation_mod | 31544 | 80.74K | 509.84 KB | 77.56 KB | 3.59 KB | 15.88 KB | +| pk_aggregation | 47817 | 169.89K | 884.11 KB | 360.79 KB | 3.59 KB | 15.88 KB | +| pk_generation | 30019 | 65.61K | 542.16 KB | 446.26 KB | 3.59 KB | 15.88 KB | +| share_decryption | 30570 | 85.48K | 541.56 KB | 522.92 KB | 3.59 KB | 15.88 KB | +| user_data_encryption | 56601 | 106.72K | 847.68 KB | 690.24 KB | 3.59 KB | 15.88 KB | ## Circuit Details @@ -67,15 +67,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.33 s | -| **Execution** | 0.53 s | -| **VK Generation** | 0.60 s | -| **Proof Generation** | 1.62 s | +| **Compilation** | 4.67 s | +| **Execution** | 0.50 s | +| **VK Generation** | 0.57 s | +| **Proof Generation** | 1.67 s | | **Verification** | 0.03 s | -| **ACIR Opcodes** | 90956 | -| **Total Gates** | 328743 | +| **ACIR Opcodes** | "90956" | +| **Total Gates** | "328743" | | **Circuit Size** | 1.39 MB | -| **Witness Size** | 477.88 KB | +| **Witness Size** | 477.92 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -83,15 +83,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.26 s | -| **Execution** | 0.27 s | -| **VK Generation** | 0.07 s | -| **Proof Generation** | 0.21 s | +| **Compilation** | 0.82 s | +| **Execution** | 0.29 s | +| **VK Generation** | 0.09 s | +| **Proof Generation** | 0.24 s | | **Verification** | 0.02 s | -| **ACIR Opcodes** | 1949 | -| **Total Gates** | 19049 | -| **Circuit Size** | 129.17 KB | -| **Witness Size** | 95.40 KB | +| **ACIR Opcodes** | "3093" | +| **Total Gates** | "28720" | +| **Circuit Size** | 158.28 KB | +| **Witness Size** | 148.85 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -104,8 +104,8 @@ | **VK Generation** | 0.27 s | | **Proof Generation** | 0.63 s | | **Verification** | 0.03 s | -| **ACIR Opcodes** | 47758 | -| **Total Gates** | 127691 | +| **ACIR Opcodes** | "47758" | +| **Total Gates** | "127691" | | **Circuit Size** | 797.90 KB | | **Witness Size** | 512.26 KB | | **VK Size** | 3.59 KB | @@ -115,15 +115,15 @@ | Metric | Value | | -------------------- | -------- | -| **Compilation** | 0.25 s | -| **Execution** | 0.27 s | +| **Compilation** | 0.34 s | +| **Execution** | 0.26 s | | **VK Generation** | 0.05 s | | **Proof Generation** | 0.12 s | | **Verification** | 0.02 s | -| **ACIR Opcodes** | 344 | -| **Total Gates** | 6846 | -| **Circuit Size** | 87.63 KB | -| **Witness Size** | 29.09 KB | +| **ACIR Opcodes** | "344" | +| **Total Gates** | "6846" | +| **Circuit Size** | 87.84 KB | +| **Witness Size** | 29.08 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -131,15 +131,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.32 s | -| **Execution** | 0.52 s | -| **VK Generation** | 0.62 s | -| **Proof Generation** | 1.69 s | +| **Compilation** | 4.63 s | +| **Execution** | 0.53 s | +| **VK Generation** | 0.60 s | +| **Proof Generation** | 1.56 s | | **Verification** | 0.02 s | -| **ACIR Opcodes** | 90827 | -| **Total Gates** | 326138 | +| **ACIR Opcodes** | "90827" | +| **Total Gates** | "326138" | | **Circuit Size** | 1.38 MB | -| **Witness Size** | 463.66 KB | +| **Witness Size** | 463.65 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -147,15 +147,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.27 s | -| **Execution** | 0.28 s | -| **VK Generation** | 0.07 s | -| **Proof Generation** | 0.21 s | +| **Compilation** | 0.79 s | +| **Execution** | 0.27 s | +| **VK Generation** | 0.09 s | +| **Proof Generation** | 0.24 s | | **Verification** | 0.02 s | -| **ACIR Opcodes** | 1949 | -| **Total Gates** | 19049 | -| **Circuit Size** | 129.17 KB | -| **Witness Size** | 95.45 KB | +| **ACIR Opcodes** | "3093" | +| **Total Gates** | "28720" | +| **Circuit Size** | 158.27 KB | +| **Witness Size** | 148.83 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -168,8 +168,8 @@ | **VK Generation** | 0.26 s | | **Proof Generation** | 0.62 s | | **Verification** | 0.03 s | -| **ACIR Opcodes** | 47758 | -| **Total Gates** | 127691 | +| **ACIR Opcodes** | "47758" | +| **Total Gates** | "127691" | | **Circuit Size** | 797.90 KB | | **Witness Size** | 512.48 KB | | **VK Size** | 3.59 KB | @@ -186,8 +186,8 @@ | **VK Generation** | 0.23 s | | **Proof Generation** | 0.52 s | | **Verification** | 0.03 s | -| **ACIR Opcodes** | 40424 | -| **Total Gates** | 102014 | +| **ACIR Opcodes** | "40424" | +| **Total Gates** | "102014" | | **Circuit Size** | 1.00 MB | | **Witness Size** | 104.64 KB | | **VK Size** | 3.59 KB | @@ -197,15 +197,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.28 s | -| **Execution** | 0.33 s | -| **VK Generation** | 0.19 s | -| **Proof Generation** | 0.47 s | -| **Verification** | 0.03 s | -| **ACIR Opcodes** | 31544 | -| **Total Gates** | 80740 | -| **Circuit Size** | 509.67 KB | -| **Witness Size** | 77.58 KB | +| **Compilation** | 0.27 s | +| **Execution** | 0.32 s | +| **VK Generation** | 0.18 s | +| **Proof Generation** | 0.46 s | +| **Verification** | 0.02 s | +| **ACIR Opcodes** | "31544" | +| **Total Gates** | "80740" | +| **Circuit Size** | 509.84 KB | +| **Witness Size** | 77.56 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -213,15 +213,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.28 s | -| **Execution** | 0.41 s | -| **VK Generation** | 0.33 s | -| **Proof Generation** | 0.86 s | +| **Compilation** | 2.32 s | +| **Execution** | 0.44 s | +| **VK Generation** | 0.34 s | +| **Proof Generation** | 0.90 s | | **Verification** | 0.02 s | -| **ACIR Opcodes** | 46897 | -| **Total Gates** | 151056 | -| **Circuit Size** | 821.80 KB | -| **Witness Size** | 278.60 KB | +| **ACIR Opcodes** | "47817" | +| **Total Gates** | "169890" | +| **Circuit Size** | 884.11 KB | +| **Witness Size** | 360.79 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -229,15 +229,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.27 s | -| **Execution** | 0.39 s | -| **VK Generation** | 0.17 s | -| **Proof Generation** | 0.50 s | +| **Compilation** | 1.95 s | +| **Execution** | 0.38 s | +| **VK Generation** | 0.16 s | +| **Proof Generation** | 0.51 s | | **Verification** | 0.03 s | -| **ACIR Opcodes** | 30019 | -| **Total Gates** | 65606 | -| **Circuit Size** | 541.92 KB | -| **Witness Size** | 445.47 KB | +| **ACIR Opcodes** | "30019" | +| **Total Gates** | "65606" | +| **Circuit Size** | 542.16 KB | +| **Witness Size** | 446.26 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -245,15 +245,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.28 s | +| **Compilation** | 1.85 s | | **Execution** | 0.39 s | -| **VK Generation** | 0.20 s | -| **Proof Generation** | 0.56 s | +| **VK Generation** | 0.19 s | +| **Proof Generation** | 0.53 s | | **Verification** | 0.03 s | -| **ACIR Opcodes** | 30570 | -| **Total Gates** | 85478 | +| **ACIR Opcodes** | "30570" | +| **Total Gates** | "85478" | | **Circuit Size** | 541.56 KB | -| **Witness Size** | 522.85 KB | +| **Witness Size** | 522.92 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -261,15 +261,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.29 s | +| **Compilation** | 2.78 s | | **Execution** | 0.47 s | -| **VK Generation** | 0.23 s | -| **Proof Generation** | 0.60 s | +| **VK Generation** | 0.22 s | +| **Proof Generation** | 0.57 s | | **Verification** | 0.02 s | -| **ACIR Opcodes** | 56601 | -| **Total Gates** | 106725 | -| **Circuit Size** | 847.43 KB | -| **Witness Size** | 691.14 KB | +| **ACIR Opcodes** | "56601" | +| **Total Gates** | "106725" | +| **Circuit Size** | 847.68 KB | +| **Witness Size** | 690.24 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | diff --git a/circuits/benchmarks/results_secure/report.md b/circuits/benchmarks/results_secure/report.md index d477fd7c51..00188be565 100644 --- a/circuits/benchmarks/results_secure/report.md +++ b/circuits/benchmarks/results_secure/report.md @@ -1,9 +1,9 @@ # Enclave ZK Circuit Benchmarks -**Generated:** 2026-02-10 15:46:56 UTC +**Generated:** 2026-02-11 09:44:15 UTC **Git Branch:** `circuits/configs-benches` -**Git Commit:** `a59e54c02ae531cb9579c2fae86caab28c7e9efa` +**Git Commit:** `eb62e90b8e36fedfd255a2dc8e6867296c2dc379` --- @@ -39,25 +39,23 @@ #### Timing Metrics -| Circuit | Compile | Execute | Prove | Verify | -| -------------------------------- | -------- | ------- | ------- | ------ | -| decrypted_shares_aggregation_bn | 1.15 s | 0.61 s | 0.80 s | 0.03 s | -| decrypted_shares_aggregation_mod | 0.70 s | 0.33 s | 0.00 s | 0.00 s | -| pk_aggregation | 116.13 s | 6.22 s | 20.25 s | 0.02 s | -| pk_generation | 388.08 s | 4.88 s | 12.30 s | 0.09 s | -| share_decryption | 430.14 s | 5.55 s | 12.41 s | 0.16 s | -| user_data_encryption | 409.30 s | 7.78 s | 13.37 s | 0.02 s | +| Circuit | Compile | Execute | Prove | Verify | +| ------------------------------- | -------- | ------- | ------- | ------ | +| decrypted_shares_aggregation_bn | 0.30 s | 0.58 s | 0.80 s | 0.02 s | +| pk_aggregation | 116.13 s | 6.22 s | 20.25 s | 0.02 s | +| pk_generation | 388.08 s | 4.88 s | 12.30 s | 0.09 s | +| share_decryption | 430.14 s | 5.55 s | 12.41 s | 0.16 s | +| user_data_encryption | 409.30 s | 7.78 s | 13.37 s | 0.02 s | #### Size & Circuit Metrics -| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | -| -------------------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | -| decrypted_shares_aggregation_bn | 61568 | 154.96K | 1.29 MB | 193.99 KB | 3.59 KB | 15.88 KB | -| decrypted_shares_aggregation_mod | 0 | 0 | 793.45 KB | 0 B | 0 B | 0 B | -| pk_aggregation | 1529181 | 5.27M | 21.69 MB | 11.06 MB | 3.59 KB | 15.88 KB | -| pk_generation | 948955 | 3.49M | 12.31 MB | 16.86 MB | 3.59 KB | 15.88 KB | -| share_decryption | 1012104 | 3.54M | 12.98 MB | 19.20 MB | 3.59 KB | 15.88 KB | -| user_data_encryption | 1684299 | 4.02M | 20.75 MB | 23.82 MB | 3.59 KB | 15.88 KB | +| Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | +| ------------------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | +| decrypted_shares_aggregation_bn | 61568 | 154.96K | 1.29 MB | 194.35 KB | 3.59 KB | 15.88 KB | +| pk_aggregation | 1529181 | 5.27M | 21.69 MB | 11.06 MB | 3.59 KB | 15.88 KB | +| pk_generation | 948955 | 3.49M | 12.31 MB | 16.86 MB | 3.59 KB | 15.88 KB | +| share_decryption | 1012104 | 3.54M | 12.98 MB | 19.20 MB | 3.59 KB | 15.88 KB | +| user_data_encryption | 1684299 | 4.02M | 20.75 MB | 23.82 MB | 3.59 KB | 15.88 KB | ## Circuit Details @@ -181,34 +179,18 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 1.15 s | -| **Execution** | 0.61 s | -| **VK Generation** | 0.31 s | +| **Compilation** | 0.30 s | +| **Execution** | 0.58 s | +| **VK Generation** | 0.32 s | | **Proof Generation** | 0.80 s | -| **Verification** | 0.03 s | +| **Verification** | 0.02 s | | **ACIR Opcodes** | 61568 | | **Total Gates** | 154955 | | **Circuit Size** | 1.29 MB | -| **Witness Size** | 193.99 KB | +| **Witness Size** | 194.35 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | -#### decrypted_shares_aggregation_mod - -| Metric | Value | -| -------------------- | --------- | -| **Compilation** | 0.70 s | -| **Execution** | 0.33 s | -| **VK Generation** | 0.00 s | -| **Proof Generation** | 0.00 s | -| **Verification** | 0.00 s | -| **ACIR Opcodes** | 0 | -| **Total Gates** | 0 | -| **Circuit Size** | 793.45 KB | -| **Witness Size** | 0 B | -| **VK Size** | 0 B | -| **Proof Size** | 0 B | - #### pk_aggregation | Metric | Value | diff --git a/circuits/benchmarks/scripts/benchmark_circuit.sh b/circuits/benchmarks/scripts/benchmark_circuit.sh index fb15de9905..a8b5d45035 100755 --- a/circuits/benchmarks/scripts/benchmark_circuit.sh +++ b/circuits/benchmarks/scripts/benchmark_circuit.sh @@ -51,6 +51,44 @@ else CIRCUIT_PATH_CLEAN="circuits/bin/${MODE}/$(basename "$CIRCUIT_PATH")" fi +# Portable high-resolution timestamp (fractional seconds) for timing. +# macOS date does not support %N; use gdate, Python, or Perl fallback. +get_timestamp() { + local t + # GNU date (Linux): date +%s.%N + t=$(date +%s.%N 2>/dev/null) + if [[ -n "$t" && "$t" =~ ^[0-9]+\.[0-9]+$ ]]; then + echo "$t" + return + fi + # GNU date on macOS (e.g. brew install coreutils -> gdate) + if command -v gdate >/dev/null 2>&1; then + t=$(gdate +%s.%N 2>/dev/null) + if [[ -n "$t" && "$t" =~ ^[0-9]+\.[0-9]+$ ]]; then + echo "$t" + return + fi + fi + # Python (python3 or python) - high resolution + if command -v python3 >/dev/null 2>&1; then + t=$(python3 -c 'import time; print("%.9f" % time.time())' 2>/dev/null) + [[ -n "$t" ]] && echo "$t" && return + fi + if command -v python >/dev/null 2>&1; then + t=$(python -c 'import time; print("%.9f" % time.time())' 2>/dev/null) + [[ -n "$t" ]] && echo "$t" && return + fi + # Perl with Time::HiRes + if t=$(perl -MTime::HiRes -e 'printf "%.9f\n", Time::HiRes::time()' 2>/dev/null); then + if [[ "$t" =~ ^[0-9]+\.[0-9]+$ ]]; then + echo "$t" + return + fi + fi + # Fallback: integer seconds (POSIX) + echo "$(date +%s).000000000" +} + TIMESTAMP=$(date -u +"%Y-%m-%dT%H:%M:%SZ") echo "==================================================" @@ -139,9 +177,9 @@ if [ "$SKIP_COMPILE" = true ]; then else echo "" echo "[1/6] Compiling circuit..." - START=$(date +%s.%N) + START=$(get_timestamp) if $NARGO_COMPILE_CMD > /tmp/compile_output.txt 2>&1; then - END=$(date +%s.%N) + END=$(get_timestamp) COMPILE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') COMPILE_SUCCESS="true" echo "✓ Compilation successful (${COMPILE_TIME}s)" @@ -151,7 +189,7 @@ else CIRCUIT_SIZE=$(wc -c < "${TARGET_DIR}/${CIRCUIT_NAME}.json" | tr -d ' ') fi else - END=$(date +%s.%N) + END=$(get_timestamp) COMPILE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') ERROR_MSG="Compilation failed. Check compilation logs." echo "✗ Compilation failed" @@ -163,9 +201,9 @@ fi if [ "$COMPILE_SUCCESS" = "true" ]; then echo "" echo "[2/6] Executing circuit..." - START=$(date +%s.%N) + START=$(get_timestamp) if $NARGO_EXECUTE_CMD > /tmp/execute_output.txt 2>&1; then - END=$(date +%s.%N) + END=$(get_timestamp) EXECUTE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') EXECUTE_SUCCESS="true" echo "✓ Execution successful (${EXECUTE_TIME}s)" @@ -175,7 +213,7 @@ if [ "$COMPILE_SUCCESS" = "true" ]; then WITNESS_SIZE=$(wc -c < "${TARGET_DIR}/${CIRCUIT_NAME}.gz" | tr -d ' ') fi else - END=$(date +%s.%N) + END=$(get_timestamp) EXECUTE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') ERROR_MSG="Execution failed. Check execution logs." echo "✗ Execution failed" @@ -211,9 +249,9 @@ fi if [ "$EXECUTE_SUCCESS" = "true" ]; then echo "" echo "[4/6] Generating verification key..." - START=$(date +%s.%N) + START=$(get_timestamp) if $BB_WRITE_VK_CMD -b "${TARGET_DIR}/${CIRCUIT_NAME}.json" -o "${TARGET_DIR}" > /tmp/vk_output.txt 2>&1; then - END=$(date +%s.%N) + END=$(get_timestamp) VK_GEN_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') VK_GEN_SUCCESS="true" echo "✓ VK generation successful (${VK_GEN_TIME}s)" @@ -223,7 +261,7 @@ if [ "$EXECUTE_SUCCESS" = "true" ]; then VK_SIZE=$(wc -c < "${TARGET_DIR}/vk" | tr -d ' ') fi else - END=$(date +%s.%N) + END=$(get_timestamp) VK_GEN_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') echo "✗ VK generation failed" cat /tmp/vk_output.txt @@ -234,9 +272,9 @@ fi if [ "$VK_GEN_SUCCESS" = "true" ]; then echo "" echo "[5/6] Generating proof..." - START=$(date +%s.%N) + START=$(get_timestamp) if $BB_PROVE_CMD -b "${TARGET_DIR}/${CIRCUIT_NAME}.json" -w "${TARGET_DIR}/${CIRCUIT_NAME}.gz" -k "${TARGET_DIR}/vk" -o "${TARGET_DIR}" > /tmp/prove_output.txt 2>&1; then - END=$(date +%s.%N) + END=$(get_timestamp) PROVE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') PROVE_SUCCESS="true" echo "✓ Proof generation successful (${PROVE_TIME}s)" @@ -246,7 +284,7 @@ if [ "$VK_GEN_SUCCESS" = "true" ]; then PROOF_SIZE=$(wc -c < "${TARGET_DIR}/proof" | tr -d ' ') fi else - END=$(date +%s.%N) + END=$(get_timestamp) PROVE_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') echo "✗ Proof generation failed" cat /tmp/prove_output.txt @@ -257,15 +295,15 @@ fi if [ "$PROVE_SUCCESS" = "true" ]; then echo "" echo "[6/6] Verifying proof..." - START=$(date +%s.%N) + START=$(get_timestamp) # bb verify expects paths to vk, proof, and public inputs (all directly in target directory) if $BB_VERIFY_CMD -k "${TARGET_DIR}/vk" -p "${TARGET_DIR}/proof" -i "${TARGET_DIR}/public_inputs" > /tmp/verify_output.txt 2>&1; then - END=$(date +%s.%N) + END=$(get_timestamp) VERIFY_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') VERIFY_SUCCESS="true" echo "✓ Verification successful (${VERIFY_TIME}s)" else - END=$(date +%s.%N) + END=$(get_timestamp) VERIFY_TIME=$(echo "$END - $START" | bc | awk '{printf "%.9f", $0}') echo "✗ Verification failed" cat /tmp/verify_output.txt @@ -298,22 +336,36 @@ else RAM_GB="unknown" fi +# JSON-escape string fields to ensure valid output +CIRCUIT_NAME_JSON=$(printf '%s' "$CIRCUIT_NAME" | jq -Rs .) +CIRCUIT_PATH_CLEAN_JSON=$(printf '%s' "$CIRCUIT_PATH_CLEAN" | jq -Rs .) +MODE_JSON=$(printf '%s' "$MODE" | jq -Rs .) +ORACLE_TYPE_JSON=$(printf '%s' "$ORACLE_TYPE" | jq -Rs .) +TIMESTAMP_JSON=$(printf '%s' "$TIMESTAMP" | jq -Rs .) +OS_INFO_JSON=$(printf '%s' "$OS_INFO" | jq -Rs .) +ARCH_INFO_JSON=$(printf '%s' "$ARCH_INFO" | jq -Rs .) +CPU_MODEL_JSON=$(printf '%s' "$CPU_MODEL" | jq -Rs .) +CPU_CORES_JSON=$(printf '%s' "$CPU_CORES" | jq -Rs .) +RAM_GB_JSON=$(printf '%s' "$RAM_GB" | jq -Rs .) +NARGO_VERSION_JSON=$(printf '%s' "$NARGO_VERSION" | jq -Rs .) +BB_VERSION_JSON=$(printf '%s' "$BB_VERSION" | jq -Rs .) + # Create JSON output cat > "$OUTPUT_JSON" <> "$OUTPUT_FILE" << INNER | Metric | Value | |--------|-------| -| **Compilation** | $(format_time $compile) | -| **Execution** | $(format_time $execute) | -| **VK Generation** | $(format_time $vk_gen) | -| **Proof Generation** | $(format_time $prove) | -| **Verification** | $(format_time $verify) | -| **ACIR Opcodes** | $opcodes | -| **Total Gates** | $gates | -| **Circuit Size** | $(format_bytes $circuit_size) | -| **Witness Size** | $(format_bytes $witness_size) | -| **VK Size** | $(format_bytes $vk_size) | -| **Proof Size** | $(format_bytes $proof_size) | +| **Compilation** | $(format_time "$compile") | +| **Execution** | $(format_time "$execute") | +| **VK Generation** | $(format_time "$vk_gen") | +| **Proof Generation** | $(format_time "$prove") | +| **Verification** | $(format_time "$verify") | +| **ACIR Opcodes** | "${opcodes}" | +| **Total Gates** | "${gates}" | +| **Circuit Size** | $(format_bytes "$circuit_size") | +| **Witness Size** | $(format_bytes "$witness_size") | +| **VK Size** | $(format_bytes "$vk_size") | +| **Proof Size** | $(format_bytes "$proof_size") | INNER done diff --git a/circuits/benchmarks/scripts/run_benchmarks.sh b/circuits/benchmarks/scripts/run_benchmarks.sh index f39a28d57d..dd586b44f2 100755 --- a/circuits/benchmarks/scripts/run_benchmarks.sh +++ b/circuits/benchmarks/scripts/run_benchmarks.sh @@ -1,7 +1,7 @@ #!/bin/bash # run_benchmarks.sh - Main orchestration script for benchmarking circuits -# Usage: ./run_benchmarks.sh [--config ] [--mode insecure|secure] [--skip-compile] [--clean] +# Usage: ./run_benchmarks.sh [--config ] [--mode insecure|secure] [--circuit ] [--skip-compile] [--clean] set -e @@ -11,6 +11,7 @@ CONFIG_FILE="${BENCHMARKS_DIR}/config.json" CLEAN_ARTIFACTS=false MODE_OVERRIDE="" SKIP_COMPILE=false +CIRCUIT_FILTER="" # Parse arguments while [[ $# -gt 0 ]]; do @@ -27,6 +28,10 @@ while [[ $# -gt 0 ]]; do fi shift 2 ;; + --circuit) + CIRCUIT_FILTER="$2" + shift 2 + ;; --skip-compile|--no-compile) SKIP_COMPILE=true shift @@ -37,7 +42,7 @@ while [[ $# -gt 0 ]]; do ;; *) echo "Unknown option: $1" - echo "Usage: $0 [--config ] [--mode insecure|secure] [--skip-compile] [--clean]" + echo "Usage: $0 [--config ] [--mode insecure|secure] [--circuit ] [--skip-compile] [--clean]" exit 1 ;; esac @@ -54,12 +59,22 @@ echo "╚═══════════════════════ echo "" # Read configuration -CIRCUITS=$(jq -r '.circuits[]' "$CONFIG_FILE") +ALL_CIRCUITS=$(jq -r '.circuits[]' "$CONFIG_FILE") ORACLES=$(jq -r '.oracles[]' "$CONFIG_FILE") OUTPUT_DIR_BASE=$(jq -r '.output_dir // "results"' "$CONFIG_FILE") BIN_DIR=$(jq -r '.bin_dir // "../bin"' "$CONFIG_FILE") MODE=$(jq -r '.mode // "insecure"' "$CONFIG_FILE") +# Restrict to one circuit if --circuit was given +if [ -n "$CIRCUIT_FILTER" ]; then + CIRCUITS="$CIRCUIT_FILTER" + if ! echo "$ALL_CIRCUITS" | grep -qx "$CIRCUIT_FILTER" 2>/dev/null; then + echo "Note: --circuit $CIRCUIT_FILTER is not in config.json; running anyway if path exists." + fi +else + CIRCUITS="$ALL_CIRCUITS" +fi + # Override mode if provided via command line if [ -n "$MODE_OVERRIDE" ]; then MODE="$MODE_OVERRIDE" @@ -100,6 +115,9 @@ GIT_BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown") echo "Configuration:" echo " Mode: $MODE" +if [ -n "$CIRCUIT_FILTER" ]; then + echo " Circuit: $CIRCUIT_FILTER (single)" +fi if [ "$SKIP_COMPILE" = true ]; then echo " Skip Compilation: Yes (using existing artifacts)" fi @@ -111,7 +129,23 @@ echo " Base Directory: $CIRCUITS_BASE_DIR" echo " Output Directory: ${OUTPUT_DIR}" echo "" -TOTAL_BENCHMARKS=$(($(echo $CIRCUITS | wc -w | tr -d ' ') * $(echo $ORACLES | wc -w | tr -d ' '))) +# decrypted_shares_aggregation_mod is for insecure only (Q < 128bit); _bn is for secure (large Q) +RUN_CIRCUITS="" +for c in $CIRCUITS; do + if [ "$MODE" = "secure" ] && [ "$c" = "threshold/decrypted_shares_aggregation_mod" ]; then + echo " Skipping $c (modular variant is insecure-only, Q < 128bit)" + continue + fi + if [ "$MODE" = "insecure" ] && [ "$c" = "threshold/decrypted_shares_aggregation_bn" ]; then + echo " Skipping $c (BigNum variant is for secure/large Q only)" + continue + fi + RUN_CIRCUITS="${RUN_CIRCUITS} ${c}" +done +RUN_CIRCUITS=$(echo "$RUN_CIRCUITS" | xargs) +echo "" + +TOTAL_BENCHMARKS=$(($(echo $RUN_CIRCUITS | wc -w | tr -d ' ') * $(echo $ORACLES | wc -w | tr -d ' '))) CURRENT=0 # Restore lib config on exit (if we patched for secure) @@ -125,7 +159,7 @@ restore_default_mod() { trap restore_default_mod EXIT # Run benchmarks -for CIRCUIT in $CIRCUITS; do +for CIRCUIT in $RUN_CIRCUITS; do CIRCUIT_PATH="${CIRCUITS_BASE_DIR}/${CIRCUIT}" if [ ! -d "$CIRCUIT_PATH" ]; then @@ -182,7 +216,7 @@ echo "" # Clean artifacts if requested if [ "$CLEAN_ARTIFACTS" = true ]; then echo "Cleaning circuit artifacts..." - for CIRCUIT in $CIRCUITS; do + for CIRCUIT in $RUN_CIRCUITS; do CIRCUIT_PATH="${CIRCUITS_BASE_DIR}/${CIRCUIT}" if [ -d "$CIRCUIT_PATH/target" ]; then rm -rf "$CIRCUIT_PATH/target" From 35eaffabf69093be68b027e484ecb815327e4921 Mon Sep 17 00:00:00 2001 From: 0xjei Date: Wed, 11 Feb 2026 11:05:04 +0100 Subject: [PATCH 6/6] update report for insecure --- .../benchmarks/results_insecure/report.md | 172 ++++++------------ 1 file changed, 59 insertions(+), 113 deletions(-) diff --git a/circuits/benchmarks/results_insecure/report.md b/circuits/benchmarks/results_insecure/report.md index 1f2da7ef10..c67c26e403 100644 --- a/circuits/benchmarks/results_insecure/report.md +++ b/circuits/benchmarks/results_insecure/report.md @@ -1,9 +1,9 @@ # Enclave ZK Circuit Benchmarks -**Generated:** 2026-02-11 09:57:32 UTC +**Generated:** 2026-02-11 10:04:35 UTC **Git Branch:** `circuits/configs-benches` -**Git Commit:** `eb62e90b8e36fedfd255a2dc8e6867296c2dc379` +**Git Commit:** `783e213aee09c9317df9d47a4ae1b3037b2dfad8` --- @@ -15,25 +15,21 @@ | Circuit | Compile | Execute | Prove | Verify | | ---------------------- | ------- | ------- | ------ | ------ | -| e_sm_share_computation | 4.67 s | 0.50 s | 1.67 s | 0.03 s | -| e_sm_share_decryption | 0.82 s | 0.29 s | 0.24 s | 0.02 s | -| e_sm_share_encryption | 0.30 s | 0.45 s | 0.63 s | 0.03 s | -| pk | 0.34 s | 0.26 s | 0.12 s | 0.02 s | -| sk_share_computation | 4.63 s | 0.53 s | 1.56 s | 0.02 s | -| sk_share_decryption | 0.79 s | 0.27 s | 0.24 s | 0.02 s | -| sk_share_encryption | 0.29 s | 0.44 s | 0.62 s | 0.03 s | +| e_sm_share_computation | 0.30 s | 0.50 s | 1.53 s | 0.02 s | +| e_sm_share_decryption | 0.25 s | 0.28 s | 0.23 s | 0.02 s | +| pk | 0.25 s | 0.25 s | 0.12 s | 0.02 s | +| sk_share_computation | 0.30 s | 0.50 s | 1.57 s | 0.02 s | +| sk_share_decryption | 0.25 s | 0.28 s | 0.23 s | 0.02 s | #### Size & Circuit Metrics | Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | | ---------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | -| e_sm_share_computation | 90956 | 328.74K | 1.39 MB | 477.92 KB | 3.59 KB | 15.88 KB | -| e_sm_share_decryption | 3093 | 28.72K | 158.28 KB | 148.85 KB | 3.59 KB | 15.88 KB | -| e_sm_share_encryption | 47758 | 127.69K | 797.90 KB | 512.26 KB | 3.59 KB | 15.88 KB | -| pk | 344 | 6.85K | 87.84 KB | 29.08 KB | 3.59 KB | 15.88 KB | -| sk_share_computation | 90827 | 326.14K | 1.38 MB | 463.65 KB | 3.59 KB | 15.88 KB | -| sk_share_decryption | 3093 | 28.72K | 158.27 KB | 148.83 KB | 3.59 KB | 15.88 KB | -| sk_share_encryption | 47758 | 127.69K | 797.90 KB | 512.48 KB | 3.59 KB | 15.88 KB | +| e_sm_share_computation | 90956 | 328.74K | 1.39 MB | 477.80 KB | 3.59 KB | 15.88 KB | +| e_sm_share_decryption | 3093 | 28.72K | 158.28 KB | 148.92 KB | 3.59 KB | 15.88 KB | +| pk | 344 | 6.85K | 87.84 KB | 29.09 KB | 3.59 KB | 15.88 KB | +| sk_share_computation | 90827 | 326.14K | 1.38 MB | 463.64 KB | 3.59 KB | 15.88 KB | +| sk_share_decryption | 3093 | 28.72K | 158.27 KB | 148.89 KB | 3.59 KB | 15.88 KB | ### Threshold @@ -41,23 +37,21 @@ | Circuit | Compile | Execute | Prove | Verify | | -------------------------------- | ------- | ------- | ------ | ------ | -| decrypted_shares_aggregation_bn | 0.30 s | 0.50 s | 0.52 s | 0.03 s | -| decrypted_shares_aggregation_mod | 0.27 s | 0.32 s | 0.46 s | 0.02 s | -| pk_aggregation | 2.32 s | 0.44 s | 0.90 s | 0.02 s | -| pk_generation | 1.95 s | 0.38 s | 0.51 s | 0.03 s | -| share_decryption | 1.85 s | 0.39 s | 0.53 s | 0.03 s | -| user_data_encryption | 2.78 s | 0.47 s | 0.57 s | 0.02 s | +| decrypted_shares_aggregation_mod | 0.27 s | 0.32 s | 0.47 s | 0.03 s | +| pk_aggregation | 0.28 s | 0.43 s | 0.99 s | 0.03 s | +| pk_generation | 0.27 s | 0.37 s | 0.48 s | 0.03 s | +| share_decryption | 0.28 s | 0.39 s | 0.53 s | 0.03 s | +| user_data_encryption | 0.29 s | 0.46 s | 0.58 s | 0.02 s | #### Size & Circuit Metrics | Circuit | Opcodes | Gates | Circuit Size | Witness | VK Size | Proof Size | | -------------------------------- | ------- | ------- | ------------ | --------- | ------- | ---------- | -| decrypted_shares_aggregation_bn | 40424 | 102.01K | 1.00 MB | 104.64 KB | 3.59 KB | 15.88 KB | | decrypted_shares_aggregation_mod | 31544 | 80.74K | 509.84 KB | 77.56 KB | 3.59 KB | 15.88 KB | -| pk_aggregation | 47817 | 169.89K | 884.11 KB | 360.79 KB | 3.59 KB | 15.88 KB | -| pk_generation | 30019 | 65.61K | 542.16 KB | 446.26 KB | 3.59 KB | 15.88 KB | -| share_decryption | 30570 | 85.48K | 541.56 KB | 522.92 KB | 3.59 KB | 15.88 KB | -| user_data_encryption | 56601 | 106.72K | 847.68 KB | 690.24 KB | 3.59 KB | 15.88 KB | +| pk_aggregation | 47817 | 169.89K | 884.11 KB | 360.78 KB | 3.59 KB | 15.88 KB | +| pk_generation | 30019 | 65.61K | 542.16 KB | 446.29 KB | 3.59 KB | 15.88 KB | +| share_decryption | 30570 | 85.48K | 541.56 KB | 522.85 KB | 3.59 KB | 15.88 KB | +| user_data_encryption | 56601 | 106.72K | 847.68 KB | 691.42 KB | 3.59 KB | 15.88 KB | ## Circuit Details @@ -67,15 +61,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 4.67 s | +| **Compilation** | 0.30 s | | **Execution** | 0.50 s | -| **VK Generation** | 0.57 s | -| **Proof Generation** | 1.67 s | -| **Verification** | 0.03 s | +| **VK Generation** | 0.58 s | +| **Proof Generation** | 1.53 s | +| **Verification** | 0.02 s | | **ACIR Opcodes** | "90956" | | **Total Gates** | "328743" | | **Circuit Size** | 1.39 MB | -| **Witness Size** | 477.92 KB | +| **Witness Size** | 477.80 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -83,31 +77,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.82 s | -| **Execution** | 0.29 s | +| **Compilation** | 0.25 s | +| **Execution** | 0.28 s | | **VK Generation** | 0.09 s | -| **Proof Generation** | 0.24 s | +| **Proof Generation** | 0.23 s | | **Verification** | 0.02 s | | **ACIR Opcodes** | "3093" | | **Total Gates** | "28720" | | **Circuit Size** | 158.28 KB | -| **Witness Size** | 148.85 KB | -| **VK Size** | 3.59 KB | -| **Proof Size** | 15.88 KB | - -#### e_sm_share_encryption - -| Metric | Value | -| -------------------- | --------- | -| **Compilation** | 0.30 s | -| **Execution** | 0.45 s | -| **VK Generation** | 0.27 s | -| **Proof Generation** | 0.63 s | -| **Verification** | 0.03 s | -| **ACIR Opcodes** | "47758" | -| **Total Gates** | "127691" | -| **Circuit Size** | 797.90 KB | -| **Witness Size** | 512.26 KB | +| **Witness Size** | 148.92 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -115,15 +93,15 @@ | Metric | Value | | -------------------- | -------- | -| **Compilation** | 0.34 s | -| **Execution** | 0.26 s | +| **Compilation** | 0.25 s | +| **Execution** | 0.25 s | | **VK Generation** | 0.05 s | | **Proof Generation** | 0.12 s | | **Verification** | 0.02 s | | **ACIR Opcodes** | "344" | | **Total Gates** | "6846" | | **Circuit Size** | 87.84 KB | -| **Witness Size** | 29.08 KB | +| **Witness Size** | 29.09 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -131,15 +109,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 4.63 s | -| **Execution** | 0.53 s | -| **VK Generation** | 0.60 s | -| **Proof Generation** | 1.56 s | +| **Compilation** | 0.30 s | +| **Execution** | 0.50 s | +| **VK Generation** | 0.57 s | +| **Proof Generation** | 1.57 s | | **Verification** | 0.02 s | | **ACIR Opcodes** | "90827" | | **Total Gates** | "326138" | | **Circuit Size** | 1.38 MB | -| **Witness Size** | 463.65 KB | +| **Witness Size** | 463.64 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -147,52 +125,20 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 0.79 s | -| **Execution** | 0.27 s | +| **Compilation** | 0.25 s | +| **Execution** | 0.28 s | | **VK Generation** | 0.09 s | -| **Proof Generation** | 0.24 s | +| **Proof Generation** | 0.23 s | | **Verification** | 0.02 s | | **ACIR Opcodes** | "3093" | | **Total Gates** | "28720" | | **Circuit Size** | 158.27 KB | -| **Witness Size** | 148.83 KB | -| **VK Size** | 3.59 KB | -| **Proof Size** | 15.88 KB | - -#### sk_share_encryption - -| Metric | Value | -| -------------------- | --------- | -| **Compilation** | 0.29 s | -| **Execution** | 0.44 s | -| **VK Generation** | 0.26 s | -| **Proof Generation** | 0.62 s | -| **Verification** | 0.03 s | -| **ACIR Opcodes** | "47758" | -| **Total Gates** | "127691" | -| **Circuit Size** | 797.90 KB | -| **Witness Size** | 512.48 KB | +| **Witness Size** | 148.89 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | ### Threshold -#### decrypted_shares_aggregation_bn - -| Metric | Value | -| -------------------- | --------- | -| **Compilation** | 0.30 s | -| **Execution** | 0.50 s | -| **VK Generation** | 0.23 s | -| **Proof Generation** | 0.52 s | -| **Verification** | 0.03 s | -| **ACIR Opcodes** | "40424" | -| **Total Gates** | "102014" | -| **Circuit Size** | 1.00 MB | -| **Witness Size** | 104.64 KB | -| **VK Size** | 3.59 KB | -| **Proof Size** | 15.88 KB | - #### decrypted_shares_aggregation_mod | Metric | Value | @@ -200,8 +146,8 @@ | **Compilation** | 0.27 s | | **Execution** | 0.32 s | | **VK Generation** | 0.18 s | -| **Proof Generation** | 0.46 s | -| **Verification** | 0.02 s | +| **Proof Generation** | 0.47 s | +| **Verification** | 0.03 s | | **ACIR Opcodes** | "31544" | | **Total Gates** | "80740" | | **Circuit Size** | 509.84 KB | @@ -213,15 +159,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 2.32 s | -| **Execution** | 0.44 s | +| **Compilation** | 0.28 s | +| **Execution** | 0.43 s | | **VK Generation** | 0.34 s | -| **Proof Generation** | 0.90 s | -| **Verification** | 0.02 s | +| **Proof Generation** | 0.99 s | +| **Verification** | 0.03 s | | **ACIR Opcodes** | "47817" | | **Total Gates** | "169890" | | **Circuit Size** | 884.11 KB | -| **Witness Size** | 360.79 KB | +| **Witness Size** | 360.78 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -229,15 +175,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 1.95 s | -| **Execution** | 0.38 s | +| **Compilation** | 0.27 s | +| **Execution** | 0.37 s | | **VK Generation** | 0.16 s | -| **Proof Generation** | 0.51 s | +| **Proof Generation** | 0.48 s | | **Verification** | 0.03 s | | **ACIR Opcodes** | "30019" | | **Total Gates** | "65606" | | **Circuit Size** | 542.16 KB | -| **Witness Size** | 446.26 KB | +| **Witness Size** | 446.29 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -245,7 +191,7 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 1.85 s | +| **Compilation** | 0.28 s | | **Execution** | 0.39 s | | **VK Generation** | 0.19 s | | **Proof Generation** | 0.53 s | @@ -253,7 +199,7 @@ | **ACIR Opcodes** | "30570" | | **Total Gates** | "85478" | | **Circuit Size** | 541.56 KB | -| **Witness Size** | 522.92 KB | +| **Witness Size** | 522.85 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB | @@ -261,15 +207,15 @@ | Metric | Value | | -------------------- | --------- | -| **Compilation** | 2.78 s | -| **Execution** | 0.47 s | +| **Compilation** | 0.29 s | +| **Execution** | 0.46 s | | **VK Generation** | 0.22 s | -| **Proof Generation** | 0.57 s | +| **Proof Generation** | 0.58 s | | **Verification** | 0.02 s | | **ACIR Opcodes** | "56601" | | **Total Gates** | "106725" | | **Circuit Size** | 847.68 KB | -| **Witness Size** | 690.24 KB | +| **Witness Size** | 691.42 KB | | **VK Size** | 3.59 KB | | **Proof Size** | 15.88 KB |