refactor(zk)!: directly use the CompactPkeCrs in all public APIs

BREAKING_CHANGE: - All the zk API (build_with_proof, verify, verify_and_expand,...) now take a `CompactPkeCrs` instead of a `CompactPkePublicParams`. Serialized `CompactPkePublicParams` from previous versions can be converted into a `CompactPkeCrs` using `params.into()`
zama-ai · Nov 7, 2024 · e0c703e · e0c703e
1 parent 5f19ce5
commit e0c703e
Show file tree

Hide file tree

Showing 21 changed files with 291 additions and 222 deletions.
diff --git a/tfhe/benches/integer/zk_pke.rs b/tfhe/benches/integer/zk_pke.rs
@@ -64,7 +64,7 @@ fn pke_zk_proof(c: &mut Criterion) {
 
             let crs =
                 CompactPkeCrs::from_shortint_params(param_pke, num_block * fhe_uint_count).unwrap();
-            let public_params = crs.public_params();
+
             for compute_load in [ZkComputeLoad::Proof, ZkComputeLoad::Verify] {
                 let zk_load = match compute_load {
                     ZkComputeLoad::Proof => "compute_load_proof",
@@ -78,7 +78,7 @@ fn pke_zk_proof(c: &mut Criterion) {
                     b.iter(|| {
                         let _ct1 = tfhe::integer::ProvenCompactCiphertextList::builder(&pk)
                             .extend(messages.iter().copied())
-                            .build_with_proof_packed(public_params, &metadata, compute_load)
+                            .build_with_proof_packed(&crs, &metadata, compute_load)
                             .unwrap();
                     })
                 });
@@ -150,11 +150,10 @@ fn pke_zk_verify(c: &mut Criterion, results_file: &Path) {
             println!("Generating CRS... ");
             let crs =
                 CompactPkeCrs::from_shortint_params(param_pke, num_block * fhe_uint_count).unwrap();
-            let public_params = crs.public_params();
 
             let shortint_params: PBSParameters = param_fhe.into();
 
-            let crs_data = bincode::serialize(&public_params).unwrap();
+            let crs_data = bincode::serialize(&crs).unwrap();
 
             println!("CRS size: {}", crs_data.len());
 
@@ -187,7 +186,7 @@ fn pke_zk_verify(c: &mut Criterion, results_file: &Path) {
                 println!("Generating proven ciphertext ({zk_load})... ");
                 let ct1 = tfhe::integer::ProvenCompactCiphertextList::builder(&pk)
                     .extend(messages.iter().copied())
-                    .build_with_proof_packed(public_params, &metadata, compute_load)
+                    .build_with_proof_packed(&crs, &metadata, compute_load)
                     .unwrap();
 
                 let proven_ciphertext_list_serialized = bincode::serialize(&ct1).unwrap();
@@ -234,15 +233,15 @@ fn pke_zk_verify(c: &mut Criterion, results_file: &Path) {
 
                 bench_group.bench_function(&bench_id_verify, |b| {
                     b.iter(|| {
-                        let _ret = ct1.verify(public_params, &pk, &metadata);
+                        let _ret = ct1.verify(&crs, &pk, &metadata);
                     });
                 });
 
                 bench_group.bench_function(&bench_id_verify_and_expand, |b| {
                     b.iter(|| {
                         let _ret = ct1
                             .verify_and_expand(
-                                public_params,
+                                &crs,
                                 &pk,
                                 &metadata,
                                 IntegerCompactCiphertextListExpansionMode::CastAndUnpackIfNecessary(

diff --git a/tfhe/c_api_tests/test_high_level_zk.c b/tfhe/c_api_tests/test_high_level_zk.c
@@ -31,10 +31,6 @@ int main(void) {
   status = compact_pke_crs_from_config(config, max_num_bits, &crs);
   assert(status == 0);
 
-  CompactPkePublicParams *public_params;
-  status = compact_pke_crs_public_params(crs, &public_params);
-  assert(status == 0);
-
 #define METADATA_LEN 5
   uint8_t metadata[METADATA_LEN] = {'c', '-', 'a', 'p', 'i'};
 
@@ -71,7 +67,7 @@ int main(void) {
     assert(status == 0);
 
     status = compact_ciphertext_list_builder_build_with_proof_packed(
-        builder, public_params, metadata, METADATA_LEN, ZkComputeLoadProof, &compact_list);
+        builder, crs, metadata, METADATA_LEN, ZkComputeLoadProof, &compact_list);
     assert(status == 0);
 
     // Don't forget to destroy the builder
@@ -85,7 +81,7 @@ int main(void) {
   FheUint2 *d = NULL;
   {
     CompactCiphertextListExpander *expander = NULL;
-    status = proven_compact_ciphertext_list_verify_and_expand(compact_list, public_params, pk,
+    status = proven_compact_ciphertext_list_verify_and_expand(compact_list, crs, pk,
                                                               metadata, METADATA_LEN, &expander);
     assert(status == 0);
 
@@ -132,7 +128,6 @@ int main(void) {
   client_key_destroy(client_key);
   server_key_destroy(server_key);
   compact_public_key_destroy(pk);
-  compact_pke_public_params_destroy(public_params);
   compact_pke_crs_destroy(crs);
 
   return EXIT_SUCCESS;

diff --git a/tfhe/docs/guides/zk-pok.md b/tfhe/docs/guides/zk-pok.md
@@ -25,7 +25,6 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let client_key = tfhe::ClientKey::generate(config.clone());
     // This is done in an offline phase and the CRS is shared to all clients and the server
     let crs = CompactPkeCrs::from_config(config.into(), 64).unwrap();
-    let public_zk_params = crs.public_params();
     let server_key = tfhe::ServerKey::new(&client_key);
     let public_key = tfhe::CompactPublicKey::try_new(&client_key).unwrap();
     // This can be left empty, but if provided allows to tie the proof to arbitrary data
@@ -37,14 +36,14 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let proven_compact_list = tfhe::ProvenCompactCiphertextList::builder(&public_key)
         .push(clear_a)
         .push(clear_b)
-        .build_with_proof_packed(public_zk_params, &metadata, ZkComputeLoad::Proof)?;
+        .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Proof)?;
 
     // Server side
     let result = {
         set_server_key(server_key);
 
         // Verify the ciphertexts
-        let expander = proven_compact_list.verify_and_expand(public_zk_params, &public_key, &metadata)?;
+        let expander = proven_compact_list.verify_and_expand(&crs, &public_key, &metadata)?;
         let a: tfhe::FheUint64 = expander.get(0)?.unwrap();
         let b: tfhe::FheUint64 = expander.get(1)?.unwrap();
 
@@ -99,7 +98,6 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let client_key = tfhe::ClientKey::generate(config.clone());
     // This is done in an offline phase and the CRS is shared to all clients and the server
     let crs = CompactPkeCrs::from_config(config.into(), 64).unwrap();
-    let public_zk_params = crs.public_params();
     let server_key = tfhe::ServerKey::new(&client_key);
     let public_key = tfhe::CompactPublicKey::try_new(&client_key).unwrap();
     // This can be left empty, but if provided allows to tie the proof to arbitrary data
@@ -111,15 +109,15 @@ pub fn main() -> Result<(), Box<dyn std::error::Error>> {
     let proven_compact_list = tfhe::ProvenCompactCiphertextList::builder(&public_key)
         .push(clear_a)
         .push(clear_b)
-        .build_with_proof_packed(public_zk_params, &metadata, ZkComputeLoad::Verify)?;
+        .build_with_proof_packed(&crs, &metadata, ZkComputeLoad::Verify)?;
 
     // Server side
     let result = {
         set_server_key(server_key);
 
         // Verify the ciphertexts
         let expander =
-            proven_compact_list.verify_and_expand(public_zk_params, &public_key, &metadata)?;
+            proven_compact_list.verify_and_expand(&crs, &public_key, &metadata)?;
         let a: tfhe::FheUint64 = expander.get(0)?.unwrap();
         let b: tfhe::FheUint64 = expander.get(1)?.unwrap();
 

diff --git a/tfhe/js_on_wasm_tests/test-hlapi-signed.js b/tfhe/js_on_wasm_tests/test-hlapi-signed.js
@@ -23,7 +23,6 @@ const {
     FheInt256,
     CompactCiphertextList,
     ProvenCompactCiphertextList,
-    CompactPkePublicParams,
     CompactPkeCrs,
     ZkComputeLoad,
     Shortint,
@@ -509,12 +508,11 @@ test('hlapi_compact_ciphertext_list_with_proof', (t) => {
     let publicKey = TfheCompactPublicKey.new(clientKey);
 
     let crs = CompactPkeCrs.from_parameters(block_params, 2 + 32 + 1 + 256);
-    let public_params = crs.public_params();
 
     const compress = false; // We don't compress as it's too slow on wasm
-    let serialized_pke_params = public_params.serialize(compress);
+    let serialized_pke_crs = crs.serialize(compress);
     let validate = false; // Also too slow on wasm
-    public_params = CompactPkePublicParams.deserialize(serialized_pke_params, compress, validate);
+    crs = CompactPkePublicParams.deserialize(serialized_pke_crs, compress, validate);
 
     let clear_u2 = 3;
     let clear_i32 = -3284;
@@ -526,7 +524,7 @@ test('hlapi_compact_ciphertext_list_with_proof', (t) => {
     builder.push_i32(clear_i32);
     builder.push_boolean(clear_bool);
     builder.push_u256(clear_u256);
-    let list = builder.build_with_proof_packed(public_params, ZkComputeLoad.Proof);
+    let list = builder.build_with_proof_packed(crs, ZkComputeLoad.Proof);
 
     let serialized = list.safe_serialize(BigInt(10000000));
     let deserialized = ProvenCompactCiphertextList.safe_deserialize(serialized, BigInt(10000000));

diff --git a/tfhe/src/c_api/high_level_api/compact_list.rs b/tfhe/src/c_api/high_level_api/compact_list.rs
@@ -13,7 +13,7 @@ use crate::c_api::high_level_api::utils::{
     impl_destroy_on_type, impl_serialize_deserialize_on_type, CApiIntegerType,
 };
 #[cfg(feature = "zk-pok")]
-use crate::c_api::high_level_api::zk::{CompactPkePublicParams, ZkComputeLoad};
+use crate::c_api::high_level_api::zk::{CompactPkeCrs, ZkComputeLoad};
 use crate::c_api::utils::{catch_panic, get_mut_checked, get_ref_checked};
 use crate::prelude::CiphertextList;
 use std::ffi::c_int;
@@ -78,15 +78,15 @@ pub unsafe extern "C" fn compact_ciphertext_list_builder_build_packed(
 #[no_mangle]
 pub unsafe extern "C" fn compact_ciphertext_list_builder_build_with_proof_packed(
     builder: *const CompactCiphertextListBuilder,
-    public_params: *const CompactPkePublicParams,
+    crs: *const CompactPkeCrs,
     metadata: *const u8,
     metadata_len: usize,
     compute_load: ZkComputeLoad,
     list: *mut *mut ProvenCompactCiphertextList,
 ) -> c_int {
     catch_panic(|| {
         let builder = get_ref_checked(builder).unwrap();
-        let public_params = get_ref_checked(public_params).unwrap();
+        let crs = get_ref_checked(crs).unwrap();
 
         let metadata = if metadata.is_null() {
             &[]
@@ -97,7 +97,7 @@ pub unsafe extern "C" fn compact_ciphertext_list_builder_build_with_proof_packed
 
         let inner = builder
             .0
-            .build_with_proof_packed(&public_params.0, metadata, compute_load.into())
+            .build_with_proof_packed(&crs.0, metadata, compute_load.into())
             .unwrap();
 
         *list = Box::into_raw(Box::new(ProvenCompactCiphertextList(inner)));
@@ -182,15 +182,15 @@ pub unsafe extern "C" fn compact_ciphertext_list_expand(
 #[no_mangle]
 pub unsafe extern "C" fn proven_compact_ciphertext_list_verify_and_expand(
     compact_list: *const ProvenCompactCiphertextList,
-    public_params: *const CompactPkePublicParams,
+    crs: *const CompactPkeCrs,
     public_key: *const CompactPublicKey,
     metadata: *const u8,
     metadata_len: usize,
     expander: *mut *mut CompactCiphertextListExpander,
 ) -> c_int {
     catch_panic(|| {
         let list = get_ref_checked(compact_list).unwrap();
-        let public_params = get_ref_checked(public_params).unwrap();
+        let crs = get_ref_checked(crs).unwrap();
         let public_key = get_ref_checked(public_key).unwrap();
 
         let metadata = if metadata.is_null() {
@@ -202,7 +202,7 @@ pub unsafe extern "C" fn proven_compact_ciphertext_list_verify_and_expand(
 
         let inner = list
             .0
-            .verify_and_expand(&public_params.0, &public_key.0, metadata)
+            .verify_and_expand(&crs.0, &public_key.0, metadata)
             .unwrap();
 
         *expander = Box::into_raw(Box::new(CompactCiphertextListExpander(inner)));

diff --git a/tfhe/src/c_api/high_level_api/zk.rs b/tfhe/src/c_api/high_level_api/zk.rs
@@ -129,7 +129,6 @@ pub unsafe extern "C" fn compact_pke_public_params_safe_deserialize(
 }
 
 pub struct CompactPkeCrs(pub(crate) crate::core_crypto::entities::CompactPkeCrs);
-
 impl_destroy_on_type!(CompactPkeCrs);
 
 #[no_mangle]
@@ -148,16 +147,18 @@ pub unsafe extern "C" fn compact_pke_crs_from_config(
     })
 }
 
+/// Create a CompactPkeCrs from CompactPkePublicParams. The CompactPkePublicParams will be cloned
+/// and still need to be freed afterwards.
 #[no_mangle]
-pub unsafe extern "C" fn compact_pke_crs_public_params(
-    crs: *const CompactPkeCrs,
-    out_public_params: *mut *mut CompactPkePublicParams,
+pub unsafe extern "C" fn compact_pke_crs_from_public_params(
+    public_params: *const CompactPkePublicParams,
+    out_result: *mut *mut CompactPkeCrs,
 ) -> c_int {
     crate::c_api::utils::catch_panic(|| {
-        let crs = get_ref_checked(crs).unwrap();
+        let public_params = get_ref_checked(public_params).unwrap();
 
-        *out_public_params = Box::into_raw(Box::new(CompactPkePublicParams(
-            crs.0.public_params().clone(),
-        )));
+        let crs = crate::core_crypto::entities::CompactPkeCrs::from(public_params.0.to_owned());
+
+        *out_result = Box::into_raw(Box::new(CompactPkeCrs(crs)));
     })
 }