origin_tag.hpp

Go to the documentation of this file.

// === AUDIT STATUS ===
// internal:    { status: Planned, auditors: [], commit: }
// external_1:  { status: not started, auditors: [], commit: }
// external_2:  { status: not started, auditors: [], commit: }
// =====================
 
#pragma once
#include "barretenberg/common/assert.hpp"
#include "barretenberg/common/throw_or_abort.hpp"
#include "barretenberg/numeric/uint256/uint256.hpp"
#include <atomic>
#include <cstddef>
#include <iterator>
#include <ostream>
#include <type_traits>
#include <vector>
 
// Trait to detect if a type is iterable
template <typename T, typename = void> struct is_iterable : std::false_type {};
 
// this gets used only when we can call std::begin() and std::end() on that type
template <typename T>
struct is_iterable<T, std::void_t<decltype(std::begin(std::declval<T&>())), decltype(std::end(std::declval<T&>()))>>
    : std::true_type {};
 
template <typename T> constexpr bool is_iterable_v = is_iterable<T>::value;
 
#define STANDARD_TESTING_TAGS /*Tags reused in tests*/                                                                 \
    const size_t parent_id = 0;                                                                                        \
    [[maybe_unused]] const auto clear_tag = OriginTag::constant();    /* A tag representing a constant value */        \
    [[maybe_unused]] const auto constant_tag = OriginTag::constant(); /* Alias for clear_tag */                        \
    [[maybe_unused]] const auto submitted_value_origin_tag = OriginTag(                                                \
        parent_id, /*round_id=*/0, /*is_submitted=*/true); /*A tag describing a value submitted in the 0th round*/     \
    [[maybe_unused]] const auto next_submitted_value_origin_tag = OriginTag(                                           \
        parent_id, /*round_id=*/1, /*is_submitted=*/true); /*A tag describing a value submitted in the 1st round*/     \
    [[maybe_unused]] const auto challenge_origin_tag = OriginTag(                                                      \
        parent_id, /*round_id=*/0, /*is_submitted=*/false); /*A tag describing a challenge derived in the 0th round*/  \
    [[maybe_unused]] const auto next_challenge_tag = OriginTag(                                                        \
        parent_id, /*round_id=*/1, /*is_submitted=*/false); /*A tag describing a challenge derived in the 1st round*/  \
    [[maybe_unused]] const auto first_two_merged_tag =                                                                 \
        OriginTag(submitted_value_origin_tag,                                                                          \
                  challenge_origin_tag); /*A tag describing a value constructed from values submitted by the prover in \
                                            the 0th round and challenges from the same round */                        \
    [[maybe_unused]] const auto first_and_third_merged_tag =                                                           \
        OriginTag(submitted_value_origin_tag,                                                                          \
                  next_challenge_tag); /* A tag describing a value constructed from values submitted in the 0th round  \
                                          and challenges computed in the 1st round*/                                   \
    [[maybe_unused]] const auto first_second_third_merged_tag = OriginTag(                                             \
        first_two_merged_tag, next_challenge_tag); /* A tag describing a value computed from values submitted in the   \
                                                      0th round and challenges generated in the 0th and 1st round*/    \
    [[maybe_unused]] const auto first_to_fourth_merged_tag =                                                           \
        OriginTag(first_second_third_merged_tag,                                                                       \
                  next_submitted_value_origin_tag); /* A tag describing a value computed from values submitted in the  \
                                 0th and 1st round and challenges generated in the 0th and 1st round*/                 \
    [[maybe_unused]] const auto instant_death_tag =                                                                    \
        OriginTag::poisoned(); /* A tag that causes an abort on any arithmetic*/
 
namespace bb {
 
void check_round_provenance(const uint256_t& provenance_a, const uint256_t& provenance_b);
#ifndef AZTEC_NO_ORIGIN_TAGS
struct OriginTag {
 
    // Unique per-object ID for debugging: when a tag merge fails, the error message includes
    // the IDs of both tags so you can trace which specific field elements were involved.
    static inline std::atomic<uint64_t> next_tag_id{ 0 };
    uint64_t tag_id = next_tag_id.fetch_add(1, std::memory_order_relaxed);
 
    static constexpr size_t CONSTANT = static_cast<size_t>(-1);
    static constexpr size_t FREE_WITNESS = static_cast<size_t>(-2);
    // transcript_index represents the index of a unique transcript object that generated the value. It uses
    // a concrete index, not bits for now, since we never expect two different indices to be used in the same
    // computation apart from equality assertion
    // transcript_index is set to CONSTANT if the value is just a constant
    // transcript_index is set to FREE_WITNESS if the value is a free witness (not a constant and not from the
    // transcript)
    // NOTE: The default is FREE_WITNESS so that if we forget to set the tag, it will be treated as a witness,
    // which is safer (can trigger errors if misused) than treating it as a constant (which would be silently accepted)
    size_t transcript_index = FREE_WITNESS;
 
    // round_provenance specifies which submitted values and challenges have been used to generate this element
    // The lower 128 bits represent using a submitted value from a corresponding round (the shift represents the
    // round) The higher 128 bits represent using a challenge value from an corresponding round (the shift
    // represents the round)
    numeric::uint256_t round_provenance = numeric::uint256_t(0);
 
    // Instant death is used for poisoning values we should never use in arithmetic
    bool instant_death = false;
 
    // Default Origin Tag has everything set to zero and can't cause any issues
    OriginTag() = default;
    OriginTag(const OriginTag& other) = default;
    OriginTag(OriginTag&& other) = default;
    OriginTag& operator=(const OriginTag& other) = default;
    OriginTag& operator=(OriginTag&& other) noexcept
    {
        tag_id = other.tag_id;
        transcript_index = other.transcript_index;
        round_provenance = other.round_provenance;
        instant_death = other.instant_death;
        return *this;
    }
    OriginTag(size_t transcript_idx, size_t round_number, bool is_submitted = true)
        : transcript_index(transcript_idx)
        , round_provenance((static_cast<uint256_t>(1) << (round_number + (is_submitted ? 0 : 128))))
    {
        BB_ASSERT_LT(round_number, 128U);
    }
 
    OriginTag(const OriginTag& tag_a, const OriginTag& tag_b);
 
    template <class... T>
    OriginTag(const OriginTag& tag, const T&... rest)
        : transcript_index(tag.transcript_index)
        , round_provenance(tag.round_provenance)
        , instant_death(tag.instant_death)
    {
 
        OriginTag merged_tag = *this;
        for (const auto& next_tag : { rest... }) {
            merged_tag = OriginTag(merged_tag, next_tag);
        }
        *this = merged_tag;
    }
    ~OriginTag() = default;
    bool operator==(const OriginTag& other) const;
    void poison() { instant_death = true; }
    void unpoison() { instant_death = false; }
    bool is_poisoned() const { return instant_death; }
    bool is_empty() const { return !instant_death && transcript_index == CONSTANT; };
 
    bool is_free_witness() const { return transcript_index == FREE_WITNESS; }
    void set_free_witness()
    {
        transcript_index = FREE_WITNESS;
        round_provenance = 0;
    }
    void unset_free_witness()
    {
        transcript_index = CONSTANT;
        round_provenance = numeric::uint256_t(0);
    }
 
    bool is_constant() const { return transcript_index == CONSTANT && !instant_death; }
    void set_constant()
    {
        transcript_index = CONSTANT;
        round_provenance = numeric::uint256_t(0);
    }
 
    // Static factory methods for cleaner syntax
    static OriginTag constant()
    {
        OriginTag tag;
        tag.transcript_index = CONSTANT;
        return tag;
    }
 
    static OriginTag free_witness()
    {
        OriginTag tag;
        tag.transcript_index = FREE_WITNESS;
        return tag;
    }
 
    static OriginTag poisoned()
    {
        OriginTag tag;
        tag.instant_death = true;
        return tag;
    }
 
    void clear_round_provenance() { round_provenance = numeric::uint256_t(0); }
};
inline std::ostream& operator<<(std::ostream& os, OriginTag const& v)
{
    return os << "{ id: " << v.tag_id << ", transcript_idx: " << v.transcript_index
              << ", round_prov: " << v.round_provenance << ", instadeath: " << v.instant_death << " }";
}
 
#else
 
struct OriginTag {
    OriginTag() = default;
    OriginTag(const OriginTag& other) = default;
    OriginTag(OriginTag&& other) = default;
    OriginTag& operator=(const OriginTag& other) = default;
    OriginTag& operator=(OriginTag&& other) = default;
    ~OriginTag() = default;
 
    OriginTag(size_t transcript_idx [[maybe_unused]],
              size_t round_number [[maybe_unused]],
              bool is_submitted [[maybe_unused]] = true)
    {}
 
    OriginTag(const OriginTag&, const OriginTag&) {}
    template <class... T> OriginTag(const OriginTag&, const T&...) {}
    bool operator==(const OriginTag& other) const;
    void poison() {}
    void unpoison() {}
    static bool is_poisoned() { return false; }
    static bool is_empty() { return true; };
    bool is_free_witness() const { return false; }
    void set_free_witness() {}
    void unset_free_witness() {}
    bool is_constant() const { return true; }
    void set_constant() {}
    void clear_round_provenance() {}
 
    // Static factory methods (no-ops in release builds)
    static OriginTag constant() { return OriginTag(); }
    static OriginTag free_witness() { return OriginTag(); }
    static OriginTag poisoned() { return OriginTag(); }
};
inline std::ostream& operator<<(std::ostream& os, OriginTag const&)
{
    return os << "{ Origin Tag tracking is disabled in release builds }";
}
#endif
 
// Helper functions for working with origin tags
template <bool in_circuit, typename T> inline void assign_origin_tag(T& elem, const OriginTag& tag)
{
    if constexpr (in_circuit) {
        if constexpr (is_iterable_v<T>) {
            for (auto& e : elem) {
                e.set_origin_tag(tag);
            }
        } else {
            elem.set_origin_tag(tag);
        }
    }
}
 
template <bool in_circuit, typename T> inline void check_origin_tag(T& elem, const OriginTag& tag)
{
    if constexpr (in_circuit) {
        if constexpr (is_iterable_v<T>) {
            for (auto& e : elem) {
                BB_ASSERT(e.get_origin_tag() == tag);
            };
        } else {
            BB_ASSERT(elem.get_origin_tag() == tag);
        }
    }
}
 
template <bool in_circuit, typename DataType> inline void unset_free_witness_tags(std::vector<DataType>& input)
{
    if constexpr (in_circuit) {
        for (auto& entry : input) {
            entry.unset_free_witness_tag();
        }
    }
}
 
template <bool in_circuit, typename Codec, typename T>
inline std::vector<typename Codec::DataType> tag_and_serialize(const T& component, const OriginTag& tag)
{
    if constexpr (in_circuit) {
        assign_origin_tag<in_circuit>(const_cast<T&>(component), tag);
    }
    // Serialize to field elements
    return Codec::serialize_to_fields(component);
}
 
template <typename TranscriptType> inline OriginTag extract_transcript_tag(const TranscriptType& transcript)
{
    return OriginTag(transcript.transcript_index, transcript.round_index, /*is_submitted=*/true);
}
 
} // namespace bb
template <typename T>
concept usesTag = requires(T x, const bb::OriginTag& tag) { x.set_origin_tag(tag); };