Deploy Garble Guide using Mdbook to GH Pages #158
Conversation
README.md
Outdated
| Garble is a simple programming language for [Secure Multi-Party Computation](https://en.wikipedia.org/wiki/Secure_multi-party_computation) with [Garbled Circuits](https://en.wikipedia.org/wiki/Garbled_circuit). The circuits generated by Garble specify a _function_, with each input coming from a different party and the output computed collaboratively by all parties in a way that no party learns another party's input. Garble is statically typed, low-level, purely functional and uses a syntax heavily inspired by Rust. | ||
|
|
||
| All programs written in Garble are deliberately Turing-incomplete (only supporting bounded recursion), guaranteeing that they can be compiled to circuits using only `AND`, `XOR` and `NOT` gates (without any kind of stateful latches or registers). Here's an example of solving the [Millionaire's Problem](https://en.wikipedia.org/wiki/Yao%27s_Millionaires%27_problem) in Garble: | ||
| Garble is a simple programming language for [**Multi-Party Computation**](https://en.wikipedia.org/wiki/Secure_multi-party_computation) with [**Garbled Circuits**](https://en.wikipedia.org/wiki/Garbled_circuit). Garble programs are **compiled to boolean circuits** and always terminate. Garble is **statically typed, low-level, purely functional** and uses a **Rust-like syntax**. Garble is much simpler than Rust though, making it easy to learn and simple to [integrate](https://sine-fdn.github.io/garble-lang/integration.html) into MPC engines. |
There was a problem hiding this comment.
Garble is a simple programming language that enables describing functionalities for Secure Multi-Party Computation (SMPC or MPC in short) with Boolean Circuits. The most prominent solution is based on Garbled Circuits.
I know I am stressing this but Garble could be used for any GMW protocol-based (secret sharing but with bools) MPC engine as well! It was a very prominent protocol at some point and Garble is definitely nowhere tied to Garbled circuits, but is tied to Boolean circuits.
There was a problem hiding this comment.
Boolean circuit is generally always written capitalized, so "Garble programs are compiled to Boolean circuits and always terminate."
bool/boolean as a type is also written without capitalization for consistency, but Boolean circuits, Boolean grammar, Boolean algebra are not, due to coming from George Boole.
There was a problem hiding this comment.
"... into MPC engines that implement protocols based on Boolean circuits in Rust."
garble_docs/src/guide/intro.md
Outdated
|
|
||
| Garble is a programming language for [MPC](<(https://en.wikipedia.org/wiki/Secure_multi-party_computation)>) that is quite easy to learn and mostly works like Rust, except that it is much simpler and only implements a subset of Rust (without the borrow checker). The following guide introduces the main features of Garble. | ||
|
|
||
| A minimal Garble program is a public function (conventionally called `main`), with each input conceptually belonging to a different party in a [MPC Garbled Circuit](https://en.wikipedia.org/wiki/Garbled_circuit). For example, the following program computes the boolean `and` of two parties: |
There was a problem hiding this comment.
... in a Boolean circuit-based MPC protocol, e.g., the one using a Garbled Circuit. For example, the following program computes the boolean AND (
There was a problem hiding this comment.
In general I really like it and the most generic comment I have is about consistency between compiler and language. If we call both simply "Garble", then we could also make that clear in the intro, that Garble is both the name of the tool/compiler and the name of the language as well.
garble_docs/src/guide/variables.md
Outdated
|
|
||
| > In contrast to `let`, `let mut` does not support destructuring using patterns. The left-hand side of a `let mut` statement must always be a variable name. | ||
|
|
||
| Copying a value on every mutation might sound expensive, but this is actually not the case in a language like Garble that compiles to boolean gates: Previous values (or more specifically, "wires" with specific boolean values) can be freely reused, entirely or partially, because there are no memory locations, only gates and their connecting wires. |
There was a problem hiding this comment.
Boolean gates (or logic gates), Boolean values.
garble_docs/src/guide/intro.md
Outdated
| @@ -0,0 +1,19 @@ | |||
| # A Guide to Garble | |||
|
|
|||
| Garble is a programming language for [MPC](<(https://en.wikipedia.org/wiki/Secure_multi-party_computation)>) that is quite easy to learn and mostly works like Rust, except that it is much simpler and only implements a subset of Rust (without the borrow checker). The following guide introduces the main features of Garble. | |||
There was a problem hiding this comment.
The link does not work here on the website, not sure why.
garble_docs/src/guide/loops.md
Outdated
| } | ||
| ``` | ||
|
|
||
| Arrays in Garble always have a fixed size, Garble does not support data structures of a dynamic length. This is by design, as it disallows any form of unbounded recursion and thus enables the Garble compiler to generate fixed circuits consisting only of boolean gates. Garble programs are thus computationally equivalent to [LOOP programs](<https://en.wikipedia.org/wiki/LOOP_(programming_language)>), corresponding precisely to the class of _primitive recursive functions_. |
garble_docs/src/guide/loops.md
Outdated
| ``` | ||
|
|
||
| Garble automatically joins the arrays in a for-join loop using a [bitonic sorting network](https://en.wikipedia.org/wiki/Bitonic_sorter), more concretely implementing the paper [Private Set Intersection: | ||
| Are Garbled Circuits Better than Custom Protocols?](https://www.ndss-symposium.org/wp-content/uploads/2017/09/06_4.pdf) without the shuffle step, which has a circuit complexity of `(m + n) * log(m + n)` instead of `m * n` which would result from joining the arrays using nested loops. |
There was a problem hiding this comment.
As we do not use concrete constants and the constant here is not one, we should write:
"complexity of O((m + n) * log(m + n)) instead of O(m * n).
|
|
||
| The difference in circuit size is extreme: While the first version (with `i` as an input parameter) is compiled to a circuit with more than 700,000 non-input gates, the second version (which shifts the entire array by one element) uses only 2 non-input gates (because the program is effectively a static transformation from input to output). | ||
|
|
||
| Such an example might be a bit contrived, since it is possible to infer the inputs of both parties (except for the element that is dropped from the array) from the output of the above function, defeating the purpose of MPC, which is to keep each party's input private. But it does highlight how unintuitive the computational model of pure boolean circuits can be from the perspective of a load-and-store architecture with main memory and CPU. |
There was a problem hiding this comment.
[...] keep both parties' inputs private. [...] Boolean circuits [...]
| @@ -0,0 +1,76 @@ | |||
| # MPC Engine Integration | |||
|
|
|||
| Integrating Garble into your own MPC engine is pretty straightforward. You have to know how to compile Garble programs, how to encode inputs as Garble literals, and how to understand the circuit format that the Garble compiler produces. Let's look at all of these in more detail: | |||
There was a problem hiding this comment.
We sometimes call Garble a programming language and other times a compiler. I think we could differentiate between the two by calling the tool Garble a compiler and the language itself "the Garble Language". I think we to some extent do it, but e.g., now the main page says Garble is a programming language and here we refer to Garble compiler...
My main point is that we have both a compiler and a language and they are actually different...
There was a problem hiding this comment.
I think that's fine though, many other languages with just a single implementation use the name interchangeably for both, the context is normally enough to disambiguate it, I would say.
garble_docs/src/contributing.md
Outdated
| 2. [`parse.rs`](https://github.com/sine-fdn/garble-lang/blob/main/src/parse.rs) parses a [`token::Token`](https://github.com/sine-fdn/garble-lang/blob/main/src/token.rs) sequence into an untyped [`ast::Program`](https://github.com/sine-fdn/garble-lang/blob/main/src/ast.rs). | ||
| 3. [`check.rs`](https://github.com/sine-fdn/garble-lang/blob/main/src/check.rs) type-checks an untyped [`ast::Program`](https://github.com/sine-fdn/garble-lang/blob/main/src/ast.rs), returning a typed [`ast::Program`](https://github.com/sine-fdn/garble-lang/blob/main/src/ast.rs). | ||
| 4. [`compile.rs`](https://github.com/sine-fdn/garble-lang/blob/main/src/compile.rs) converts a well-typed [`ast::Program`](https://github.com/sine-fdn/garble-lang/blob/main/src/ast.rs) into a [`circuit::Circuit`](https://github.com/sine-fdn/garble-lang/blob/main/src/circuit.rs). | ||
| 5. [`eval.rs`](https://github.com/sine-fdn/garble-lang/blob/main/src/eval.rs) executes a [`circuit::Circuit`](https://github.com/sine-fdn/garble-lang/blob/main/src/circuit.rs) with locally supplied inputs. |
There was a problem hiding this comment.
Maybe we could add: "This execution is for testing the correctness of the result locally and does not use any privacy-preserving techniques."
garble_docs/src/landing.md
Outdated
| @@ -0,0 +1,25 @@ | |||
| # The Garble Programming Language | |||
|
|
|||
| Garble is a simple programming language for [**Multi-Party Computation**](https://en.wikipedia.org/wiki/Secure_multi-party_computation) with [**Garbled Circuits**](https://en.wikipedia.org/wiki/Garbled_circuit). Garble programs are **compiled to boolean circuits** and always terminate. Garble is **statically typed, low-level, purely functional** and uses a **Rust-like syntax**. Garble is much simpler than Rust though, making it easy to learn and simple to [integrate](./integration.md) into MPC engines. | |||
There was a problem hiding this comment.
See comment on the same paragraph in the ReadMe.
README.md
Outdated
| 3. [`check.rs`](src/check.rs) type-checks an untyped `ast::Program`, returning a typed `ast::Program`. | ||
| 4. [`compile.rs`](src/compile.rs) converts a well-typed `ast::Program` into a `circuit::Circuit`. | ||
| 5. [`eval.rs`](src/eval.rs) executes a `circuit::Circuit` with locally supplied inputs. | ||
| To learn more about Garble, check out the [website](https://sine-fdn.github.io/garble-lang) |
There was a problem hiding this comment.
Closing dot missing from the end of the sentence.
Deployed website/book is here: https://sine-fdn.github.io/garble-lang/