Merge pull request #56 from gnosisguild/feat/agg-wrapper

cedoor · web-flow · commit 86ea671e3dc4 · 2026-01-16T12:48:05.000+01:00
feat: add aggregation wrappers
diff --git a/bin/aggregation/Nargo.toml b/bin/aggregation/Nargo.toml
@@ -0,0 +1,7 @@
+[workspace]
+members = [
+    "fold",
+    "pk_trbfv_wrapper",
+    "insecure/verify_shares_trbfv_wrapper",
+    "production/verify_shares_trbfv_wrapper"
+]
diff --git a/bin/aggregation/fold/src/main.nr b/bin/aggregation/fold/src/main.nr
@@ -1,31 +1,14 @@
 use bb_proof_verification::{UltraHonkProof, UltraHonkVerificationKey, verify_honk_proof_non_zk};
-use lib::math::helpers::compute_safe;
+use lib::math::commitments::compute_aggregation_commitment;
 
 fn main(
     verification_key: UltraHonkVerificationKey,
-    wrapper_proofs: [UltraHonkProof; 2],
+    proofs: [UltraHonkProof; 2],
     commitments: pub [Field; 2],
     key_hash: Field,
 ) -> pub Field {
-    let proof = wrapper_proofs[0];
-    let public_inputs = [commitments[0]];
-    verify_honk_proof_non_zk(verification_key, proof, public_inputs, key_hash);
+    verify_honk_proof_non_zk(verification_key, proofs[0], [commitments[0]], key_hash);
+    verify_honk_proof_non_zk(verification_key, proofs[1], [commitments[1]], key_hash);
 
-    let proof = wrapper_proofs[1];
-    let public_inputs = [commitments[1]];
-    verify_honk_proof_non_zk(verification_key, proof, public_inputs, key_hash);
-
-    // Compute commitment of the two commitments using SAFE
-    let domain_separator = [
-        0x50, 0x56, 0x53, 0x53, 0x5f, 0x66, 0x6f, 0x6c, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00,
-    ]; // "PVSS_fold" in hex
-
-    let payload = Vec::from_slice(&[commitments[0], commitments[1]]);
-    let io_pattern = [0x80000002, 0x00000001];
-
-    compute_safe(domain_separator, payload, io_pattern).get(0)
+    compute_aggregation_commitment::<2>(commitments)
 }
diff --git a/bin/aggregation/insecure/verify_shares_trbfv_wrapper/Nargo.toml b/bin/aggregation/insecure/verify_shares_trbfv_wrapper/Nargo.toml
@@ -0,0 +1,9 @@
+[package]
+name = "verify_shares_trbfv_wrapper"
+type = "bin"
+authors = ["Gnosis Guild / Enclave"]
+version = "1.0.0-beta.15"
+
+[dependencies]
+lib = { path = "../../../lib" }
+bb_proof_verification = { git = "https://github.com/AztecProtocol/aztec-packages/", tag = "v3.0.0-nightly.20260102", directory = "barretenberg/noir/bb_proof_verification" }
diff --git a/bin/aggregation/insecure/verify_shares_trbfv_wrapper/src/main.nr b/bin/aggregation/insecure/verify_shares_trbfv_wrapper/src/main.nr
@@ -0,0 +1,28 @@
+use bb_proof_verification::{UltraHonkProof, UltraHonkVerificationKey, verify_honk_proof_non_zk};
+use lib::math::commitments::compute_aggregation_commitment;
+
+// Number of proofs.
+pub global N_PROOFS: u32 = 2;
+/// Number of commitments per proof.
+pub global N_COMMITMENTS: u32 = 10;
+
+fn main(
+    verification_key: UltraHonkVerificationKey,
+    proofs: [UltraHonkProof; N_PROOFS],
+    commitments: pub [[Field; N_COMMITMENTS]; N_PROOFS],
+    key_hash: Field,
+) -> pub Field {
+    for i in 0..N_PROOFS {
+        verify_honk_proof_non_zk(verification_key, proofs[i], commitments[i], key_hash);
+    }
+
+    let mut aggregated_commitments = Vec::new();
+
+    for i in 0..N_PROOFS {
+        for j in 0..N_COMMITMENTS {
+            aggregated_commitments.push(commitments[i][j]);
+        }
+    }
+
+    compute_aggregation_commitment(aggregated_commitments)
+}
diff --git a/bin/aggregation/pk_trbfv_wrapper/Nargo.toml b/bin/aggregation/pk_trbfv_wrapper/Nargo.toml
@@ -0,0 +1,9 @@
+[package]
+name = "pk_trbfv_wrapper"
+type = "bin"
+authors = ["Gnosis Guild / Enclave"]
+version = "1.0.0-beta.15"
+
+[dependencies]
+lib = { path = "../../../lib" }
+bb_proof_verification = { git = "https://github.com/AztecProtocol/aztec-packages/", tag = "v3.0.0-nightly.20260102", directory = "barretenberg/noir/bb_proof_verification" }
diff --git a/bin/aggregation/pk_trbfv_wrapper/src/main.nr b/bin/aggregation/pk_trbfv_wrapper/src/main.nr
@@ -0,0 +1,28 @@
+use bb_proof_verification::{UltraHonkProof, UltraHonkVerificationKey, verify_honk_proof_non_zk};
+use lib::math::commitments::compute_aggregation_commitment;
+
+// Number of proofs.
+pub global N_PROOFS: u32 = 1;
+/// Number of commitments per proof.
+pub global N_COMMITMENTS: u32 = 3;
+
+fn main(
+    verification_key: UltraHonkVerificationKey,
+    proofs: [UltraHonkProof; N_PROOFS],
+    commitments: pub [[Field; N_COMMITMENTS]; N_PROOFS],
+    key_hash: Field,
+) -> pub Field {
+    for i in 0..N_PROOFS {
+        verify_honk_proof_non_zk(verification_key, proofs[i], commitments[i], key_hash);
+    }
+
+    let mut aggregated_commitments = Vec::new();
+
+    for i in 0..N_PROOFS {
+        for j in 0..N_COMMITMENTS {
+            aggregated_commitments.push(commitments[i][j]);
+        }
+    }
+
+    compute_aggregation_commitment(aggregated_commitments)
+}
diff --git a/bin/aggregation/production/verify_shares_trbfv_wrapper/Nargo.toml b/bin/aggregation/production/verify_shares_trbfv_wrapper/Nargo.toml
@@ -0,0 +1,9 @@
+[package]
+name = "verify_shares_trbfv_wrapper"
+type = "bin"
+authors = ["Gnosis Guild / Enclave"]
+version = "1.0.0-beta.15"
+
+[dependencies]
+lib = { path = "../../../lib" }
+bb_proof_verification = { git = "https://github.com/AztecProtocol/aztec-packages/", tag = "v3.0.0-nightly.20260102", directory = "barretenberg/noir/bb_proof_verification" }
diff --git a/bin/aggregation/production/verify_shares_trbfv_wrapper/src/main.nr b/bin/aggregation/production/verify_shares_trbfv_wrapper/src/main.nr
@@ -0,0 +1,28 @@
+use bb_proof_verification::{UltraHonkProof, UltraHonkVerificationKey, verify_honk_proof_non_zk};
+use lib::math::commitments::compute_aggregation_commitment;
+
+// Number of proofs.
+pub global N_PROOFS: u32 = 2;
+/// Number of commitments per proof.
+pub global N_COMMITMENTS: u32 = 20;
+
+fn main(
+    verification_key: UltraHonkVerificationKey,
+    proofs: [UltraHonkProof; N_PROOFS],
+    commitments: pub [[Field; N_COMMITMENTS]; N_PROOFS],
+    key_hash: Field,
+) -> pub Field {
+    for i in 0..N_PROOFS {
+        verify_honk_proof_non_zk(verification_key, proofs[i], commitments[i], key_hash);
+    }
+
+    let mut aggregated_commitments = Vec::new();
+
+    for i in 0..N_PROOFS {
+        for j in 0..N_COMMITMENTS {
+            aggregated_commitments.push(commitments[i][j]);
+        }
+    }
+
+    compute_aggregation_commitment(aggregated_commitments)
+}
diff --git a/lib/src/math/commitments.nr b/lib/src/math/commitments.nr
@@ -283,3 +283,21 @@ pub fn compute_bfv_enc_challenge_commitment<let L: u32>(payload: Vec<Field>) ->
 
     compute_safe(domain_separator, payload, io_pattern)
 }
+
+/// Computes aggregation commitment
+/// Used in aggregation circuits.
+pub fn compute_aggregation_commitment(payload: Vec<Field>) -> Field {
+    // Domain separator - "Aggregation"
+    let domain_separator = [
+        0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00,
+    ];
+
+    // IO Pattern: ABSORB(payload.len()), SQUEEZE(1)
+    let io_pattern = [0x80000000 | payload.len(), 0x00000001];
+
+    compute_safe(domain_separator, payload, io_pattern).get(0)
+}
