Merge pull request #1121 from 0xPolygonMiden/al-migrate-winterfell

Migrate to using Winterfell 0.7

CHANGELOG.md

@@ -13,6 +13,7 @@
 
 #### VM Internals
 - Introduced the `Event` decorator and an associated `on_event` handler on the `Host` trait (#1119).
+- Updated Winterfell dependency to v0.7 (#1121).
 
 ## 0.7.0 (2023-10-11)
 

air/Cargo.toml

@@ -30,9 +30,9 @@ std = ["vm-core/std", "winter-air/std"]
 
 [dependencies]
 vm-core = { package = "miden-core", path = "../core", version = "0.8", default-features = false }
-winter-air = { package = "winter-air", version = "0.6", default-features = false }
+winter-air = { package = "winter-air", version = "0.7", default-features = false }
 
 [dev-dependencies]
 criterion = "0.5"
 proptest = "1.3"
-rand-utils = { package = "winter-rand-utils", version = "0.6" }
+rand-utils = { package = "winter-rand-utils", version = "0.7" }

air/src/options.rs

@@ -1,20 +1,39 @@
-use super::{ExecutionOptionsError, HashFunction};
-use crate::trace::MIN_TRACE_LEN;
-use winter_air::{FieldExtension, ProofOptions as WinterProofOptions};
+use super::{
+    trace::MIN_TRACE_LEN, ExecutionOptionsError, FieldExtension, HashFunction, WinterProofOptions,
+};
 
 // PROVING OPTIONS
 // ================================================================================================
 
 /// A set of parameters specifying how Miden VM execution proofs are to be generated.
 #[derive(Debug, Clone, Eq, PartialEq)]
 pub struct ProvingOptions {
-    pub exec_options: ExecutionOptions,
-    pub proof_options: WinterProofOptions,
-    pub hash_fn: HashFunction,
+    exec_options: ExecutionOptions,
+    proof_options: WinterProofOptions,
+    hash_fn: HashFunction,
 }
 
 impl ProvingOptions {
-    // CONSTRUCTOR
+    // CONSTANTS
+    // --------------------------------------------------------------------------------------------
+
+    /// Standard proof parameters for 96-bit conjectured security in non-recursive context.
+    pub const REGULAR_96_BITS: WinterProofOptions =
+        WinterProofOptions::new(27, 8, 16, FieldExtension::Quadratic, 8, 255);
+
+    /// Standard proof parameters for 128-bit conjectured security in non-recursive context.
+    pub const REGULAR_128_BITS: WinterProofOptions =
+        WinterProofOptions::new(27, 16, 21, FieldExtension::Cubic, 8, 255);
+
+    /// Standard proof parameters for 96-bit conjectured security in recursive context.
+    pub const RECURSIVE_96_BITS: WinterProofOptions =
+        WinterProofOptions::new(27, 8, 16, FieldExtension::Quadratic, 4, 7);
+
+    /// Standard proof parameters for 128-bit conjectured security in recursive context.
+    pub const RECURSIVE_128_BITS: WinterProofOptions =
+        WinterProofOptions::new(27, 16, 21, FieldExtension::Cubic, 4, 7);
+
+    // CONSTRUCTORS
     // --------------------------------------------------------------------------------------------
 
     /// Creates a new instance of [ProvingOptions] from the specified parameters.
@@ -50,18 +69,15 @@ impl ProvingOptions {
     /// but may take significantly longer to generate.
     pub fn with_96_bit_security(recursive: bool) -> Self {
         if recursive {
-            let proof_options = WinterProofOptions::new(27, 8, 16, FieldExtension::Quadratic, 4, 7);
             Self {
                 exec_options: ExecutionOptions::default(),
-                proof_options,
+                proof_options: Self::RECURSIVE_96_BITS,
                 hash_fn: HashFunction::Rpo256,
             }
         } else {
-            let proof_options =
-                WinterProofOptions::new(27, 8, 16, FieldExtension::Quadratic, 8, 255);
             Self {
                 exec_options: ExecutionOptions::default(),
-                proof_options,
+                proof_options: Self::REGULAR_96_BITS,
                 hash_fn: HashFunction::Blake3_192,
             }
         }
@@ -74,17 +90,15 @@ impl ProvingOptions {
     /// but may take significantly longer to generate.
     pub fn with_128_bit_security(recursive: bool) -> Self {
         if recursive {
-            let proof_options = WinterProofOptions::new(27, 16, 21, FieldExtension::Cubic, 4, 7);
             Self {
                 exec_options: ExecutionOptions::default(),
-                proof_options,
+                proof_options: Self::RECURSIVE_128_BITS,
                 hash_fn: HashFunction::Rpo256,
             }
         } else {
-            let proof_options = WinterProofOptions::new(27, 16, 21, FieldExtension::Cubic, 8, 255);
             Self {
                 exec_options: ExecutionOptions::default(),
-                proof_options,
+                proof_options: Self::REGULAR_128_BITS,
                 hash_fn: HashFunction::Blake3_256,
             }
         }

core/Cargo.toml

@@ -22,11 +22,12 @@ std = ["miden-crypto/std", "math/std", "winter-utils/std"]
 sve = ["miden-crypto/sve", "std"]
 
 [dependencies]
-math = { package = "winter-math", version = "0.6", default-features = false }
-miden-crypto = { git = "https://github.com/0xPolygonMiden/crypto", branch = "next", default-features = false }
-winter-crypto = { package = "winter-crypto", version = "0.6", default-features = false }
-winter-utils = { package = "winter-utils", version = "0.6", default-features = false }
+math = { package = "winter-math", version = "0.7", default-features = false }
+# miden-crypto = { package = "miden-crypto", version = "0.8", default-features = false }
+miden-crypto = { package = "miden-crypto", git = "https://github.com/0xPolygonMiden/crypto", branch= "next", default-features = false }
+winter-crypto = { package = "winter-crypto", version = "0.7", default-features = false }
+winter-utils = { package = "winter-utils", version = "0.7", default-features = false }
 
 [dev-dependencies]
 proptest = "1.3"
-rand_utils = { version = "0.6", package = "winter-rand-utils" }
+rand_utils = { version = "0.7", package = "winter-rand-utils" }

core/src/random.rs

@@ -24,8 +24,6 @@ const HALF_RATE_WIDTH: usize = (Rpo256::RATE_RANGE.end - Rpo256::RATE_RANGE.star
 ///  This is possible because in our case we never reseed with more than 4 field elements.
 /// 2. As a result of the previous point, we dont make use of an input buffer to accumulate seed
 ///  material.
-/// It is important to note that the current implementation of `RPORandomCoin` assumes that
-/// `draw_integers()` is called immediately after `reseed_with_int()`.
 pub struct RpoRandomCoin {
     state: [Felt; STATE_WIDTH],
     current: usize,
@@ -82,20 +80,6 @@ impl RandomCoin for RpoRandomCoin {
         Rpo256::apply_permutation(&mut self.state);
     }
 
-    fn reseed_with_int(&mut self, value: u64) {
-        // Reset buffer
-        self.current = RATE_START;
-
-        let value = Felt::new(value);
-        self.state[RATE_START] += value;
-        Rpo256::apply_permutation(&mut self.state);
-    }
-
-    fn leading_zeros(&self) -> u32 {
-        let first_rate_element = self.state[RATE_START].as_int();
-        first_rate_element.trailing_zeros()
-    }
-
     fn check_leading_zeros(&self, value: u64) -> u32 {
         let value = Felt::new(value);
         let mut state_tmp = self.state;
@@ -123,13 +107,18 @@ impl RandomCoin for RpoRandomCoin {
         &mut self,
         num_values: usize,
         domain_size: usize,
+        nonce: u64,
     ) -> Result<Vec<usize>, RandomCoinError> {
         assert!(domain_size.is_power_of_two(), "domain size must be a power of two");
         assert!(num_values < domain_size, "number of values must be smaller than domain size");
 
-        // Since the first element of the rate portion is used for proof-of-work and thus is not
-        // random, we need to make sure that it is not used for generating a random index.
-        self.current += 1;
+        // absorb the nonce
+        let nonce = Felt::new(nonce);
+        self.state[RATE_START] += nonce;
+        Rpo256::apply_permutation(&mut self.state);
+
+        // reset the buffer
+        self.current = RATE_START;
 
         // determine how many bits are needed to represent valid values in the domain
         let v_mask = (domain_size - 1) as u64;
@@ -143,9 +132,6 @@ impl RandomCoin for RpoRandomCoin {
             // use the mask to get a value within the range
             let value = (value & v_mask) as usize;
 
-            if values.contains(&value) {
-                continue;
-            }
             values.push(value);
             if values.len() == num_values {
                 break;

core/src/utils/mod.rs

@@ -14,7 +14,7 @@ pub use winter_utils::{
     ByteWriter, Deserializable, DeserializationError, Serializable, SliceReader,
 };
 
-pub use miden_crypto::utils::collections;
+pub use miden_crypto::utils::{collections, vec};
 
 pub mod math {
     pub use math::{batch_inversion, log2};

miden/Cargo.toml

@@ -68,4 +68,4 @@ num-bigint = "0.4"
 predicates = "3.0"
 test-utils = { package = "miden-test-utils", path = "../test-utils" }
 vm-core = { package = "miden-core", path = "../core", version = "0.8" }
-winter-fri = { package = "winter-fri", version = "0.6" }
+winter-fri = { package = "winter-fri", version = "0.7" }

miden/tests/integration/air/range.rs

@@ -16,6 +16,7 @@ fn range_check_once() {
 fn range_check_multi() {
     let source = "begin u32checked_add u32checked_add end";
     let stack = vec![5, 5, 5];
+
     build_test!(source, &stack).prove_and_verify(stack, false);
 }
 

miden/tests/integration/cli/cli_test.rs

@@ -18,7 +18,7 @@ fn cli_run() -> Result<(), Box<dyn std::error::Error>> {
 
     cmd.arg("run")
         .arg("-a")
-        .arg("examples/fib/fib.masm")
+        .arg("./examples/fib/fib.masm")
         .arg("-n")
         .arg("1")
         .arg("-m")

processor/Cargo.toml

@@ -27,11 +27,11 @@ sve = ["std", "vm-core/sve"]
 log = { version = "0.4", default-features = false, optional = true }
 vm-core = { package = "miden-core", path = "../core", version = "0.8", default-features = false }
 miden-air = { package = "miden-air", path = "../air", version = "0.8", default-features = false }
-winter-prover = { package = "winter-prover", version = "0.6", default-features = false }
+winter-prover = { package = "winter-prover", version = "0.7", default-features = false }
 
 [dev-dependencies]
 logtest = { version = "2.0", default-features = false }
 miden-assembly = { package = "miden-assembly", path = "../assembly", version = "0.8", default-features = false }
 test-utils = { package = "miden-test-utils", path = "../test-utils" }
-winter-fri = { package = "winter-fri", version = "0.6" }
-winter-utils = { package = "winter-utils", version = "0.6" }
+winter-fri = { package = "winter-fri", version = "0.7" }
+winter-utils = { package = "winter-utils", version = "0.7" }

processor/src/lib.rs

@@ -24,7 +24,7 @@ use vm_core::{
     CodeBlockTable, Decorator, DecoratorIterator, Felt, FieldElement, StackTopState, StarkField,
 };
 
-use winter_prover::ColMatrix;
+use winter_prover::matrix::ColMatrix;
 
 mod operations;
 

prover/Cargo.toml

@@ -23,9 +23,9 @@ sve = ["processor/sve", "std"]
 air = { package = "miden-air", path = "../air", version = "0.8", default-features = false }
 log = { version = "0.4", default-features = false, optional = true }
 processor = { package = "miden-processor", path = "../processor", version = "0.8", default-features = false }
-winter-prover = { package = "winter-prover", version = "0.6", default-features = false }
+winter-prover = { package = "winter-prover", version = "0.7", default-features = false }
 
 [target.'cfg(all(target_arch = "aarch64", target_os = "macos"))'.dependencies]
 elsa = { version = "1.9", optional = true }
-ministark-gpu = { version = "0.1", features = [ "winterfell" ], optional = true }
+ministark-gpu = { version = "0.2", features = [ "winterfell" ], optional = true }
 pollster = { version = "0.3", optional = true }