[WIP] Aggregation & QuoteParse

[chzyer]

This PR introduces functionality for proof aggregation and quote parsing.

Please note that, as a proof of concept, we are currently using the AggregationCircuit from the Scroll fork (pse). The next step will involve migrating the AggregationCircuit to the Clique fork, which will allow us to consolidate our tools into a single Halo2 toolchain.

The functionality for parsing Dcap Quotes has been translated from a Solidity implementation to extract the certificates.

Extracting Certificates from a Quote
Execute the following command to extract certificates from a quote:

cargo run --release dcap extract-certs crates/dcap-quote/test_quote.hex

Generating a Verifier
To generate a verifier, use the command below. The EVM bytecode will be generated and saved to target/release/ZkVerifier.bin:

cargo run --release dcap generate-verifier

Verifying Quote Certificates
Run the following command to parse the quote, generate a proof, and perform verification locally:

cargo run --release dcap verify-quote-certs --quote crates/dcap-quote/test_quote.hex

Gas Consumption Analysis

Solidity native secp256r1 verification: ~330k

Verifying Multiple Signatures in a Single Circuit

N: Number of signatures to verify
N=1: evm_code_size: 14810, gas: 384620
N=2: evm_code_size: 21135, gas: 507341
N=3: evm_code_size: 28040, gas: 642653
N=4: evm_code_size: 33875, gas: 749759
N=5: evm_code_size: 41251, gas: 886244
N=6: evm_code_size: 48255, gas: 1004665

Aggregating Multiple Circuits to an AggregationCircuit:

N: Number of signatures to verify in one circuit
M: Number of proofs to aggregate
M=1,N=1: evm_code_size: 14350, gas: 356584
M=1,N=4: evm_code_size: 21610, gas: 530560
M=2,N=2: evm_code_size: 19060, gas: 469199

TODO

• Migrate the AggregationCircuit to the Clique fork.
• Organize the code.
• Support calling an on-chain contract for verification.
• Construct the public input on the Solidity side.

Related: #1