amaloz
commented
2 years ago Interesting... is the only format difference between the two formats the header, or could there be something else in the new format that's causing problems when downgrading to the old format?
Hi, I tried to plug in the aes_128.txt circuit from https://homes.esat.kuleuven.be/~nsmart/MPC/ by first "downgrading" its header into the old format:
and also changing key,msg input ordering and reversing the output bits.
It passed the first 2 tests in parser.rs but failed on the 3rd: https://github.com/GaloisInc/swanky/blob/4455754abadee07f168079ac45ef33535b0df27d/fancy-garbling/src/parser.rs#L191-L196
Then I took another AES circuit from here https://github.com/n-for-1-auth/circuits/tree/main/aes (aes128_full.txt) , adjusted input/output ordering and set its header to
this time the test failed on test2
How can such non-deterministic behaviour happen? Does swanky choose different code paths based on the gate ordering of the circuit? Either way, you probably want to look at this as some corner case is triggering a bug.