From baed56929510eeee9fa807def831c63aaf7b5718 Mon Sep 17 00:00:00 2001 From: Mariano Nicolini Date: Tue, 9 Apr 2024 14:53:44 +0300 Subject: [PATCH 1/4] Fix fields fuzzers --- fuzz/no_gpu_fuzz/Cargo.toml | 3 +- .../fuzz_targets/deserialize_stark_proof.rs | 10 ++- .../field/{field_from_hex.rs => from_hex.rs} | 0 .../field/{field_from_raw.rs => from_raw.rs} | 66 ++++++++++++------- .../field/{field_fuzzer.rs => fuzzer.rs} | 0 .../{field_mersenne31.rs => mersenne31.rs} | 58 ++++++++++------ ..._mini_goldilocks.rs => mini_goldilocks.rs} | 0 7 files changed, 85 insertions(+), 52 deletions(-) rename fuzz/no_gpu_fuzz/fuzz_targets/field/{field_from_hex.rs => from_hex.rs} (100%) rename fuzz/no_gpu_fuzz/fuzz_targets/field/{field_from_raw.rs => from_raw.rs} (61%) rename fuzz/no_gpu_fuzz/fuzz_targets/field/{field_fuzzer.rs => fuzzer.rs} (100%) rename fuzz/no_gpu_fuzz/fuzz_targets/field/{field_mersenne31.rs => mersenne31.rs} (70%) rename fuzz/no_gpu_fuzz/fuzz_targets/field/{field_mini_goldilocks.rs => mini_goldilocks.rs} (100%) diff --git a/fuzz/no_gpu_fuzz/Cargo.toml b/fuzz/no_gpu_fuzz/Cargo.toml index ec9f53fb3..e2df09196 100644 --- a/fuzz/no_gpu_fuzz/Cargo.toml +++ b/fuzz/no_gpu_fuzz/Cargo.toml @@ -16,6 +16,7 @@ num-traits = "0.2" ibig = "0.3.6" p3-goldilocks = { git = "https://github.com/Plonky3/Plonky3", rev = "41cd843" } p3-mersenne-31 = { git = "https://github.com/Plonky3/Plonky3", rev = "41cd843" } +p3-field = { git = "https://github.com/Plonky3/Plonky3", rev = "41cd843" } [[bin]] name = "curve_bls12_381" @@ -42,7 +43,7 @@ test = false doc = false [[bin]] -name = "field_fuzz_mersenne31" +name = "field_mersenne31" path = "fuzz_targets/field/mersenne31.rs" test = false doc = false diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs b/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs index c6c945ee2..5ce792cb3 100644 --- a/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs +++ b/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs @@ -1,12 +1,10 @@ #![no_main] -use libfuzzer_sys::fuzz_target; -use stark_platinum_prover::proof::stark::StarkProof; use lambdaworks_math::field::fields::fft_friendly::stark_252_prime_field::Stark252PrimeField; use lambdaworks_math::traits::Deserializable; - +use libfuzzer_sys::fuzz_target; +use serde::de::Deserialize; +use stark_platinum_prover::proof::stark::StarkProof; fuzz_target!(|data: Vec| { - - let _proof = StarkProof::::deserialize(&data); - + let _proof = StarkProof::::deserialize(&data); }); diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/field/field_from_hex.rs b/fuzz/no_gpu_fuzz/fuzz_targets/field/from_hex.rs similarity index 100% rename from fuzz/no_gpu_fuzz/fuzz_targets/field/field_from_hex.rs rename to fuzz/no_gpu_fuzz/fuzz_targets/field/from_hex.rs diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/field/field_from_raw.rs b/fuzz/no_gpu_fuzz/fuzz_targets/field/from_raw.rs similarity index 61% rename from fuzz/no_gpu_fuzz/fuzz_targets/field/field_from_raw.rs rename to fuzz/no_gpu_fuzz/fuzz_targets/field/from_raw.rs index 972198158..de9757bd0 100644 --- a/fuzz/no_gpu_fuzz/fuzz_targets/field/field_from_raw.rs +++ b/fuzz/no_gpu_fuzz/fuzz_targets/field/from_raw.rs @@ -1,48 +1,56 @@ #![no_main] -use libfuzzer_sys::fuzz_target; +use ibig::{modular::ModuloRing, UBig}; use lambdaworks_math::field::{ - element::FieldElement, - fields::fft_friendly::stark_252_prime_field::Stark252PrimeField + element::FieldElement, fields::fft_friendly::stark_252_prime_field::Stark252PrimeField, }; -use ibig::{modular::ModuloRing, UBig}; use lambdaworks_math::unsigned_integer::element::UnsignedInteger; +use libfuzzer_sys::fuzz_target; fuzz_target!(|values: (u64, u64)| { - let (value_u64_a, value_u64_b) = values; - let prime = - UBig::from_str_radix("800000000000011000000000000000000000000000000000000000000000001", 16).unwrap(); + let prime = UBig::from_str_radix( + "800000000000011000000000000000000000000000000000000000000000001", + 16, + ) + .unwrap(); let ring = ModuloRing::new(&prime); let value_a = UnsignedInteger::from(value_u64_a); let value_b = UnsignedInteger::from(value_u64_b); - let a = FieldElement::::from_raw(&value_a); - let b = FieldElement::::from_raw(&value_b); + let a = FieldElement::::from_raw(value_a); + let b = FieldElement::::from_raw(value_b); let _a_expected = ring.from(value_u64_a); let _b_expected = ring.from(value_u64_b); let _add_u64 = &a + &b; - + let _sub_u64 = &a - &b; - + let _mul_u64 = &a * &b; - + let _pow = &a.pow(b.representative()); - + if value_u64_b != 0 { - - let div = &a / &b; + let div = &a / &b; assert_eq!(&div * &b, a.clone()); } for n in [&a, &b] { match n.sqrt() { Some((fst_sqrt, snd_sqrt)) => { - assert_eq!(fst_sqrt.square(), snd_sqrt.square(), "Squared roots don't match each other"); - assert_eq!(n, &fst_sqrt.square(), "Squared roots don't match original number"); + assert_eq!( + fst_sqrt.square(), + snd_sqrt.square(), + "Squared roots don't match each other" + ); + assert_eq!( + n, + &fst_sqrt.square(), + "Squared roots don't match original number" + ); } None => {} }; @@ -62,10 +70,22 @@ fuzz_target!(|values: (u64, u64)| { assert_eq!(&a * &b, &b * &a, "Commutative mul property failed"); let c = &a * &b; - assert_eq!((&a + &b) + &c, &a + (&b + &c), "Associative add property failed"); - assert_eq!((&a * &b) * &c, &a * (&b * &c), "Associative mul property failed"); - - assert_eq!(&a * (&b + &c), &a * &b + &a * &c, "Distributive property failed"); + assert_eq!( + (&a + &b) + &c, + &a + (&b + &c), + "Associative add property failed" + ); + assert_eq!( + (&a * &b) * &c, + &a * (&b * &c), + "Associative mul property failed" + ); + + assert_eq!( + &a * (&b + &c), + &a * &b + &a * &c, + "Distributive property failed" + ); assert_eq!(&a - &a, zero, "Inverse add a failed"); assert_eq!(&b - &b, zero, "Inverse add b failed"); @@ -76,8 +96,4 @@ fuzz_target!(|values: (u64, u64)| { if b != zero { assert_eq!(&b * b.inv().unwrap(), one, "Inverse mul b failed"); } - - }); - - diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/field/field_fuzzer.rs b/fuzz/no_gpu_fuzz/fuzz_targets/field/fuzzer.rs similarity index 100% rename from fuzz/no_gpu_fuzz/fuzz_targets/field/field_fuzzer.rs rename to fuzz/no_gpu_fuzz/fuzz_targets/field/fuzzer.rs diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/field/field_mersenne31.rs b/fuzz/no_gpu_fuzz/fuzz_targets/field/mersenne31.rs similarity index 70% rename from fuzz/no_gpu_fuzz/fuzz_targets/field/field_mersenne31.rs rename to fuzz/no_gpu_fuzz/fuzz_targets/field/mersenne31.rs index 1a6de4d60..939a2f319 100644 --- a/fuzz/no_gpu_fuzz/fuzz_targets/field/field_mersenne31.rs +++ b/fuzz/no_gpu_fuzz/fuzz_targets/field/mersenne31.rs @@ -1,25 +1,23 @@ #![no_main] -use libfuzzer_sys::fuzz_target; use lambdaworks_math::field::{ - element::FieldElement, - fields::{ - mersenne31::field::{Mersenne31Field, MERSENNE_31_PRIME_FIELD_ORDER}, - } + element::FieldElement, + fields::mersenne31::field::{Mersenne31Field, MERSENNE_31_PRIME_FIELD_ORDER}, }; +use libfuzzer_sys::fuzz_target; +use p3_field::{AbstractField, Field, PrimeField32, PrimeField64}; use p3_mersenne_31::Mersenne31; -use p3_field::{Field, PrimeField32, PrimeField64, AbstractField}; fuzz_target!(|values: (u32, u32)| { // Note: we filter values outside of order as it triggers an assert within plonky3 disallowing values n >= Self::Order if values.0 >= MERSENNE_31_PRIME_FIELD_ORDER || values.1 >= MERSENNE_31_PRIME_FIELD_ORDER { - return + return; } let (value_u32_a, value_u32_b) = values; - - let a = FieldElement::::from(value_u32_a as u64); - let b = FieldElement::::from(value_u32_b as u64); + + let a = FieldElement::::from(value_u32_a as u64); + let b = FieldElement::::from(value_u32_b as u64); // Note: if we parse using from_canonical_u32 fails due to check that n < Self::Order let a_expected = Mersenne31::from_canonical_u32(value_u32_a); @@ -27,13 +25,13 @@ fuzz_target!(|values: (u32, u32)| { let add_u32 = &a + &b; let addition = a_expected + b_expected; - + assert_eq!(add_u32.representative(), addition.as_canonical_u32()); let sub_u32 = &a - &b; let substraction = a_expected - b_expected; assert_eq!(sub_u32.representative(), substraction.as_canonical_u32()); - + let mul_u32 = &a * &b; let multiplication = a_expected * b_expected; assert_eq!(mul_u32.representative(), multiplication.as_canonical_u32()); @@ -41,9 +39,9 @@ fuzz_target!(|values: (u32, u32)| { let pow = &a.pow(b.representative()); let expected_pow = a_expected.exp_u64(b_expected.as_canonical_u64()); assert_eq!(pow.representative(), expected_pow.as_canonical_u32()); - + if value_u32_b != 0 && b.inv().is_ok() && b_expected.try_inverse().is_some() { - let div = &a / &b; + let div = &a / &b; assert_eq!(&div * &b, a.clone()); let expected_div = a_expected / b_expected; assert_eq!(div.representative(), expected_div.as_canonical_u32()); @@ -52,8 +50,16 @@ fuzz_target!(|values: (u32, u32)| { for n in [&a, &b] { match n.sqrt() { Some((fst_sqrt, snd_sqrt)) => { - assert_eq!(fst_sqrt.square(), snd_sqrt.square(), "Squared roots don't match each other"); - assert_eq!(n, &fst_sqrt.square(), "Squared roots don't match original number"); + assert_eq!( + fst_sqrt.square(), + snd_sqrt.square(), + "Squared roots don't match each other" + ); + assert_eq!( + n, + &fst_sqrt.square(), + "Squared roots don't match original number" + ); } None => {} }; @@ -73,10 +79,22 @@ fuzz_target!(|values: (u32, u32)| { assert_eq!(&a * &b, &b * &a, "Commutative mul property failed"); let c = &a * &b; - assert_eq!((&a + &b) + &c, &a + (&b + &c), "Associative add property failed"); - assert_eq!((&a * &b) * &c, &a * (&b * &c), "Associative mul property failed"); - - assert_eq!(&a * (&b + &c), &a * &b + &a * &c, "Distributive property failed"); + assert_eq!( + (&a + &b) + &c, + &a + (&b + &c), + "Associative add property failed" + ); + assert_eq!( + (&a * &b) * &c, + &a * (&b * &c), + "Associative mul property failed" + ); + + assert_eq!( + &a * (&b + &c), + &a * &b + &a * &c, + "Distributive property failed" + ); assert_eq!(&a - &a, zero, "Inverse add a failed"); assert_eq!(&b - &b, zero, "Inverse add b failed"); diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/field/field_mini_goldilocks.rs b/fuzz/no_gpu_fuzz/fuzz_targets/field/mini_goldilocks.rs similarity index 100% rename from fuzz/no_gpu_fuzz/fuzz_targets/field/field_mini_goldilocks.rs rename to fuzz/no_gpu_fuzz/fuzz_targets/field/mini_goldilocks.rs From 46fb39e220b5fb6488a601616424726ae417fcce Mon Sep 17 00:00:00 2001 From: Mariano Nicolini Date: Tue, 9 Apr 2024 15:27:54 +0300 Subject: [PATCH 2/4] Fix curve fuzzers --- .../{curve_bls12_381.rs => bls12_381.rs} | 98 +++++++++--- fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs | 145 ++++++++++++++++++ .../fuzz_targets/curve/curve_bn254.rs | 100 ------------ .../curve/{curve_grumpkin.rs => grumpkin.rs} | 0 4 files changed, 218 insertions(+), 125 deletions(-) rename fuzz/no_gpu_fuzz/fuzz_targets/curve/{curve_bls12_381.rs => bls12_381.rs} (50%) create mode 100644 fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs delete mode 100644 fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_bn254.rs rename fuzz/no_gpu_fuzz/fuzz_targets/curve/{curve_grumpkin.rs => grumpkin.rs} (100%) diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_bls12_381.rs b/fuzz/no_gpu_fuzz/fuzz_targets/curve/bls12_381.rs similarity index 50% rename from fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_bls12_381.rs rename to fuzz/no_gpu_fuzz/fuzz_targets/curve/bls12_381.rs index b5f281463..d515f6cb2 100644 --- a/fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_bls12_381.rs +++ b/fuzz/no_gpu_fuzz/fuzz_targets/curve/bls12_381.rs @@ -1,23 +1,21 @@ #![no_main] -use libfuzzer_sys::fuzz_target; use lambdaworks_math::{ - field::element::FieldElement, cyclic_group::IsGroup, elliptic_curve::{ - traits::{IsEllipticCurve, IsPairing}, short_weierstrass::{ curves::bls12_381::{ - curve::BLS12381Curve, - twist::BLS12381TwistCurve, - pairing::BLS12381AtePairing, - field_extension::Degree12ExtensionField, + curve::BLS12381Curve, field_extension::Degree12ExtensionField, + pairing::BLS12381AtePairing, twist::BLS12381TwistCurve, }, point::ShortWeierstrassProjectivePoint, - } + }, + traits::{IsEllipticCurve, IsPairing}, }, + field::element::FieldElement, unsigned_integer::element::U384, }; +use libfuzzer_sys::fuzz_target; type LambdaG1 = ShortWeierstrassProjectivePoint; type LambdaG2 = ShortWeierstrassProjectivePoint; @@ -44,38 +42,86 @@ fuzz_target!(|values: (u64, u64)| { assert_eq!(g1_zero.neg(), g1_zero, "Neutral mul element a failed"); // P + O = O - assert_eq!(a_g1.operate_with(&g1_zero), a_g1, "Neutral operate_with element a failed"); - assert_eq!(b_g1.operate_with(&g1_zero), b_g1, "Neutral operate_with element b failed"); + assert_eq!( + a_g1.operate_with(&g1_zero), + a_g1, + "Neutral operate_with element a failed" + ); + assert_eq!( + b_g1.operate_with(&g1_zero), + b_g1, + "Neutral operate_with element b failed" + ); // P + Q = Q + P - assert_eq!(a_g1.operate_with(&b_g1), b_g1.operate_with(&a_g1), "Commutative add property failed"); + assert_eq!( + a_g1.operate_with(&b_g1), + b_g1.operate_with(&a_g1), + "Commutative add property failed" + ); // (P + Q) + R = Q + (P + R) let c_g1 = a_g1.operate_with(&b_g1); - assert_eq!((a_g1.operate_with(&b_g1)).operate_with(&c_g1), a_g1.operate_with(&b_g1.operate_with(&c_g1)), "Associative operate_with property failed"); + assert_eq!( + (a_g1.operate_with(&b_g1)).operate_with(&c_g1), + a_g1.operate_with(&b_g1.operate_with(&c_g1)), + "Associative operate_with property failed" + ); // P + -P = O - assert_eq!(a_g1.operate_with(&a_g1.neg()), g1_zero, "Inverse add a failed"); - assert_eq!(b_g1.operate_with(&b_g1.neg()), g1_zero, "Inverse add b failed"); + assert_eq!( + a_g1.operate_with(&a_g1.neg()), + g1_zero, + "Inverse add a failed" + ); + assert_eq!( + b_g1.operate_with(&b_g1.neg()), + g1_zero, + "Inverse add b failed" + ); // G2 // -O = O assert_eq!(g2_zero.neg(), g2_zero, "Neutral mul element a failed"); // P + O = O - assert_eq!(a_g2.operate_with(&g2_zero), a_g2, "Neutral operate_with element a failed"); - assert_eq!(b_g2.operate_with(&g2_zero), b_g2, "Neutral operate_with element b failed"); + assert_eq!( + a_g2.operate_with(&g2_zero), + a_g2, + "Neutral operate_with element a failed" + ); + assert_eq!( + b_g2.operate_with(&g2_zero), + b_g2, + "Neutral operate_with element b failed" + ); // P + Q = Q + P - assert_eq!(a_g2.operate_with(&b_g2), b_g2.operate_with(&a_g2), "Commutative add property failed"); + assert_eq!( + a_g2.operate_with(&b_g2), + b_g2.operate_with(&a_g2), + "Commutative add property failed" + ); // (P + Q) + R = Q + (P + R) let c_g2 = a_g2.operate_with(&b_g2); - assert_eq!((a_g2.operate_with(&b_g2)).operate_with(&c_g2), a_g2.operate_with(&b_g2.operate_with(&c_g2)), "Associative operate_with property failed"); + assert_eq!( + (a_g2.operate_with(&b_g2)).operate_with(&c_g2), + a_g2.operate_with(&b_g2.operate_with(&c_g2)), + "Associative operate_with property failed" + ); // P + -P = O - assert_eq!(a_g2.operate_with(&a_g2.neg()), g2_zero, "Inverse add a failed"); - assert_eq!(b_g2.operate_with(&b_g2.neg()), g2_zero, "Inverse add b failed"); + assert_eq!( + a_g2.operate_with(&a_g2.neg()), + g2_zero, + "Inverse add a failed" + ); + assert_eq!( + b_g2.operate_with(&b_g2.neg()), + g2_zero, + "Inverse add b failed" + ); // Pairing Bilinearity let a = U384::from_u64(a_val); @@ -90,12 +136,14 @@ fuzz_target!(|values: (u64, u64)| { &a_g2.neg().to_affine(), ), ]); - assert_eq!(result, FieldElement::::one()); + assert_eq!(result, Ok(FieldElement::::one())); // Ate Pairing returns one with one element is neutral element - let result = BLS12381AtePairing::compute_batch(&[(&a_g1.to_affine(), &LambdaG2::neutral_element())]); - assert_eq!(result, FieldElement::::one()); + let result = + BLS12381AtePairing::compute_batch(&[(&a_g1.to_affine(), &LambdaG2::neutral_element())]); + assert_eq!(result, Ok(FieldElement::::one())); - let result = BLS12381AtePairing::compute_batch(&[(&LambdaG1::neutral_element(), &a_g2.to_affine())]); - assert_eq!(result, FieldElement::::one()); + let result = + BLS12381AtePairing::compute_batch(&[(&LambdaG1::neutral_element(), &a_g2.to_affine())]); + assert_eq!(result, Ok(FieldElement::::one())); }); diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs b/fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs new file mode 100644 index 000000000..e1042e54c --- /dev/null +++ b/fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs @@ -0,0 +1,145 @@ +#![no_main] + +use lambdaworks_math::{ + cyclic_group::IsGroup, + elliptic_curve::{ + short_weierstrass::{ + curves::bn_254::{ + curve::BN254Curve, field_extension::Degree12ExtensionField, twist::BN254TwistCurve, + }, + point::ShortWeierstrassProjectivePoint, + }, + traits::{IsEllipticCurve, IsPairing}, + }, + field::element::FieldElement, + unsigned_integer::element::U256, +}; +use libfuzzer_sys::fuzz_target; + +type LambdaG1 = ShortWeierstrassProjectivePoint; +type LambdaG2 = ShortWeierstrassProjectivePoint; + +//TODO: derive arbitrary for Affine and Projective or change this to use &[u8] as input to cover more cases +fuzz_target!(|values: (u64, u64)| { + let (a_val, b_val) = values; + + let a_g1 = BN254Curve::generator().operate_with_self(a_val); + let b_g1 = BN254Curve::generator().operate_with_self(b_val); + + let a_g2 = BN254TwistCurve::generator().operate_with_self(a_val); + let b_g2 = BN254TwistCurve::generator().operate_with_self(b_val); + + // ***AXIOM SOUNDNESS*** + + let g1_zero = LambdaG1::neutral_element(); + + let g2_zero = LambdaG2::neutral_element(); + + // G1 + // -O = O + assert_eq!(g1_zero.neg(), g1_zero, "Neutral mul element a failed"); + + // P * O = O + assert_eq!( + a_g1.operate_with(&g1_zero), + a_g1, + "Neutral operate_with element a failed" + ); + assert_eq!( + b_g1.operate_with(&g1_zero), + b_g1, + "Neutral operate_with element b failed" + ); + + // P * Q = Q * P + assert_eq!( + a_g1.operate_with(&b_g1), + b_g1.operate_with(&a_g1), + "Commutative add property failed" + ); + + // (P * Q) * R = Q * (P * R) + let c_g1 = a_g1.operate_with(&b_g1); + assert_eq!( + (a_g1.operate_with(&b_g1)).operate_with(&c_g1), + a_g1.operate_with(&b_g1.operate_with(&c_g1)), + "Associative operate_with property failed" + ); + + // P * -P = O + assert_eq!( + a_g1.operate_with(&a_g1.neg()), + g1_zero, + "Inverse add a failed" + ); + assert_eq!( + b_g1.operate_with(&b_g1.neg()), + g1_zero, + "Inverse add b failed" + ); + + // G2 + // -O = O + assert_eq!(g2_zero.neg(), g2_zero, "Neutral mul element a failed"); + + // P * O = O + assert_eq!( + a_g2.operate_with(&g2_zero), + a_g2, + "Neutral operate_with element a failed" + ); + assert_eq!( + b_g2.operate_with(&g2_zero), + b_g2, + "Neutral operate_with element b failed" + ); + + // P * Q = Q * P + assert_eq!( + a_g2.operate_with(&b_g2), + b_g2.operate_with(&a_g2), + "Commutative add property failed" + ); + + // (P * Q) * R = Q * (P * R) + let c_g2 = a_g2.operate_with(&b_g2); + assert_eq!( + (a_g2.operate_with(&b_g2)).operate_with(&c_g2), + a_g2.operate_with(&b_g2.operate_with(&c_g2)), + "Associative operate_with property failed" + ); + + // P * -P = O + assert_eq!( + a_g2.operate_with(&a_g2.neg()), + g2_zero, + "Inverse add a failed" + ); + assert_eq!( + b_g2.operate_with(&b_g2.neg()), + g2_zero, + "Inverse add b failed" + ); + + // Pairing Bilinearity + // let a = U256::from_u64(a_val); + // let b = U256::from_u64(b_val); + // let result = BN254AtePairing::compute_batch(&[ + // ( + // &a_g1.operate_with_self(a).to_affine(), + // &a_g2.operate_with_self(b).to_affine(), + // ), + // ( + // &a_g1.operate_with_self(a * b).to_affine(), + // &a_g2.neg().to_affine(), + // ), + // ]); + // assert_eq!(result, FieldElement::::one()); + + // // Ate Pairing returns one with one element is neutral element + // let result = BN254AtePairing::compute_batch(&[(&a_g1.to_affine(), &LambdaG2::neutral_element())]); + // assert_eq!(result, FieldElement::::one()); + + // let result = BN254AtePairing::compute_batch(&[(&LambdaG1::neutral_element(), &a_g2.to_affine())]); + // assert_eq!(result, FieldElement::::one()); +}); diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_bn254.rs b/fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_bn254.rs deleted file mode 100644 index 326ba0ad3..000000000 --- a/fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_bn254.rs +++ /dev/null @@ -1,100 +0,0 @@ -#![no_main] - -use libfuzzer_sys::fuzz_target; -use lambdaworks_math::{ - cyclic_group::IsGroup, - elliptic_curve::{ - traits::{IsEllipticCurve, IsPairing}, - short_weierstrass::{ - curves::bn_254::{ - curve::BN254Curve, - twist::BN254TwistCurve, - field_extension::Degree12ExtensionField, - pairing::BN254AtePairing, - }, - point::ShortWeierstrassProjectivePoint, - } - }, - field::element::FieldElement, - unsigned_integer::element::U256, -}; - -type LambdaG1 = ShortWeierstrassProjectivePoint; -type LambdaG2 = ShortWeierstrassProjectivePoint; - -//TODO: derive arbitrary for Affine and Projective or change this to use &[u8] as input to cover more cases -fuzz_target!(|values: (u64, u64)| { - let (a_val, b_val) = values; - - let a_g1 = BN254Curve::generator().operate_with_self(a_val); - let b_g1 = BN254Curve::generator().operate_with_self(b_val); - - let a_g2 = BN254TwistCurve::generator().operate_with_self(a_val); - let b_g2 = BN254TwistCurve::generator().operate_with_self(b_val); - - // ***AXIOM SOUNDNESS*** - - let g1_zero = LambdaG1::neutral_element(); - - let g2_zero = LambdaG2::neutral_element(); - - // G1 - // -O = O - assert_eq!(g1_zero.neg(), g1_zero, "Neutral mul element a failed"); - - // P * O = O - assert_eq!(a_g1.operate_with(&g1_zero), a_g1, "Neutral operate_with element a failed"); - assert_eq!(b_g1.operate_with(&g1_zero), b_g1, "Neutral operate_with element b failed"); - - // P * Q = Q * P - assert_eq!(a_g1.operate_with(&b_g1), b_g1.operate_with(&a_g1), "Commutative add property failed"); - - // (P * Q) * R = Q * (P * R) - let c_g1 = a_g1.operate_with(&b_g1); - assert_eq!((a_g1.operate_with(&b_g1)).operate_with(&c_g1), a_g1.operate_with(&b_g1.operate_with(&c_g1)), "Associative operate_with property failed"); - - // P * -P = O - assert_eq!(a_g1.operate_with(&a_g1.neg()), g1_zero, "Inverse add a failed"); - assert_eq!(b_g1.operate_with(&b_g1.neg()), g1_zero, "Inverse add b failed"); - - // G2 - // -O = O - assert_eq!(g2_zero.neg(), g2_zero, "Neutral mul element a failed"); - - // P * O = O - assert_eq!(a_g2.operate_with(&g2_zero), a_g2, "Neutral operate_with element a failed"); - assert_eq!(b_g2.operate_with(&g2_zero), b_g2, "Neutral operate_with element b failed"); - - // P * Q = Q * P - assert_eq!(a_g2.operate_with(&b_g2), b_g2.operate_with(&a_g2), "Commutative add property failed"); - - // (P * Q) * R = Q * (P * R) - let c_g2 = a_g2.operate_with(&b_g2); - assert_eq!((a_g2.operate_with(&b_g2)).operate_with(&c_g2), a_g2.operate_with(&b_g2.operate_with(&c_g2)), "Associative operate_with property failed"); - - // P * -P = O - assert_eq!(a_g2.operate_with(&a_g2.neg()), g2_zero, "Inverse add a failed"); - assert_eq!(b_g2.operate_with(&b_g2.neg()), g2_zero, "Inverse add b failed"); - - // Pairing Bilinearity - let a = U256::from_u64(a_val); - let b = U256::from_u64(b_val); - let result = BN254AtePairing::compute_batch(&[ - ( - &a_g1.operate_with_self(a).to_affine(), - &a_g2.operate_with_self(b).to_affine(), - ), - ( - &a_g1.operate_with_self(a * b).to_affine(), - &a_g2.neg().to_affine(), - ), - ]); - assert_eq!(result, FieldElement::::one()); - - // Ate Pairing returns one with one element is neutral element - let result = BN254AtePairing::compute_batch(&[(&a_g1.to_affine(), &LambdaG2::neutral_element())]); - assert_eq!(result, FieldElement::::one()); - - let result = BN254AtePairing::compute_batch(&[(&LambdaG1::neutral_element(), &a_g2.to_affine())]); - assert_eq!(result, FieldElement::::one()); -}); diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_grumpkin.rs b/fuzz/no_gpu_fuzz/fuzz_targets/curve/grumpkin.rs similarity index 100% rename from fuzz/no_gpu_fuzz/fuzz_targets/curve/curve_grumpkin.rs rename to fuzz/no_gpu_fuzz/fuzz_targets/curve/grumpkin.rs From 47ef00dc562422441e0a5cb3cc888d516642da4d Mon Sep 17 00:00:00 2001 From: Mariano Nicolini Date: Tue, 9 Apr 2024 15:29:54 +0300 Subject: [PATCH 3/4] remove pairing code in bn254 fuzzer --- fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs | 24 +++----------------- 1 file changed, 3 insertions(+), 21 deletions(-) diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs b/fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs index e1042e54c..f421688a9 100644 --- a/fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs +++ b/fuzz/no_gpu_fuzz/fuzz_targets/curve/bn254.rs @@ -121,25 +121,7 @@ fuzz_target!(|values: (u64, u64)| { "Inverse add b failed" ); - // Pairing Bilinearity - // let a = U256::from_u64(a_val); - // let b = U256::from_u64(b_val); - // let result = BN254AtePairing::compute_batch(&[ - // ( - // &a_g1.operate_with_self(a).to_affine(), - // &a_g2.operate_with_self(b).to_affine(), - // ), - // ( - // &a_g1.operate_with_self(a * b).to_affine(), - // &a_g2.neg().to_affine(), - // ), - // ]); - // assert_eq!(result, FieldElement::::one()); - - // // Ate Pairing returns one with one element is neutral element - // let result = BN254AtePairing::compute_batch(&[(&a_g1.to_affine(), &LambdaG2::neutral_element())]); - // assert_eq!(result, FieldElement::::one()); - - // let result = BN254AtePairing::compute_batch(&[(&LambdaG1::neutral_element(), &a_g2.to_affine())]); - // assert_eq!(result, FieldElement::::one()); + /* + NOTE(marian): pairing fuzzer must be added here once it is implemented for the curve + */ }); From 8276b107331e7e95e9dda2a529ff6dae8a0cda99 Mon Sep 17 00:00:00 2001 From: Mariano Nicolini Date: Tue, 9 Apr 2024 16:01:30 +0300 Subject: [PATCH 4/4] Save formatting in deserialize_stark_proof fuzzer --- fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs b/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs index 5ce792cb3..4d451ba44 100644 --- a/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs +++ b/fuzz/no_gpu_fuzz/fuzz_targets/deserialize_stark_proof.rs @@ -2,9 +2,8 @@ use lambdaworks_math::field::fields::fft_friendly::stark_252_prime_field::Stark252PrimeField; use lambdaworks_math::traits::Deserializable; use libfuzzer_sys::fuzz_target; -use serde::de::Deserialize; use stark_platinum_prover::proof::stark::StarkProof; fuzz_target!(|data: Vec| { - let _proof = StarkProof::::deserialize(&data); + let _proof = StarkProof::::deserialize(&data); });