dante
    • Create new note
    • Create a note from template
      • Sharing URL Link copied
      • /edit
      • View mode
        • Edit mode
        • View mode
        • Book mode
        • Slide mode
        Edit mode View mode Book mode Slide mode
      • Customize slides
      • Note Permission
      • Read
        • Only me
        • Signed-in users
        • Everyone
        Only me Signed-in users Everyone
      • Write
        • Only me
        • Signed-in users
        • Everyone
        Only me Signed-in users Everyone
      • Engagement control Commenting, Suggest edit, Emoji Reply
      • Invitee
      • No invitee
    • Publish Note

      Publish Note

      Everyone on the web can find and read all notes of this public team.
      Once published, notes can be searched and viewed by anyone online.
      See published notes
      Please check the box to agree to the Community Guidelines.
    • Commenting
      Permission
      Disabled Forbidden Owners Signed-in users Everyone
    • Enable
    • Permission
      • Forbidden
      • Owners
      • Signed-in users
      • Everyone
    • Suggest edit
      Permission
      Disabled Forbidden Owners Signed-in users Everyone
    • Enable
    • Permission
      • Forbidden
      • Owners
      • Signed-in users
    • Emoji Reply
    • Enable
    • Versions and GitHub Sync
    • Note settings
    • Engagement control
    • Transfer ownership
    • Delete this note
    • Save as template
    • Insert from template
    • Import from
      • Dropbox
      • Google Drive
      • Gist
      • Clipboard
    • Export to
      • Dropbox
      • Google Drive
      • Gist
    • Download
      • Markdown
      • HTML
      • Raw HTML
Menu Note settings Sharing URL Create Help
Create Create new note Create a note from template
Menu
Options
Versions and GitHub Sync Engagement control Transfer ownership Delete this note
Import from
Dropbox Google Drive Gist Clipboard
Export to
Dropbox Google Drive Gist
Download
Markdown HTML Raw HTML
Back
Sharing URL Link copied
/edit
View mode
  • Edit mode
  • View mode
  • Book mode
  • Slide mode
Edit mode View mode Book mode Slide mode
Customize slides
Note Permission
Read
Only me
  • Only me
  • Signed-in users
  • Everyone
Only me Signed-in users Everyone
Write
Only me
  • Only me
  • Signed-in users
  • Everyone
Only me Signed-in users Everyone
Engagement control Commenting, Suggest edit, Emoji Reply
Invitee
No invitee
Publish Note

Publish Note

Everyone on the web can find and read all notes of this public team.
Once published, notes can be searched and viewed by anyone online.
See published notes
Please check the box to agree to the Community Guidelines.
Engagement control
Commenting
Permission
Disabled Forbidden Owners Signed-in users Everyone
Enable
Permission
  • Forbidden
  • Owners
  • Signed-in users
  • Everyone
Suggest edit
Permission
Disabled Forbidden Owners Signed-in users Everyone
Enable
Permission
  • Forbidden
  • Owners
  • Signed-in users
Emoji Reply
Enable
Import from Dropbox Google Drive Gist Clipboard
   owned this note    owned this note      
Published Linked with GitHub
Subscribed
  • Any changes
    Be notified of any changes
  • Mention me
    Be notified of mention me
  • Unsubscribe
Subscribe
# Planting trees on-chain > Full disclosure; this post is not about gardening but about implementing ZK versions of machine learning algorithms with botanical nomenclature: decision trees, gradient boosted trees, and random forests. If you're a keen gardener check [this](https://gwern.net/forking-path) out. Lingering Github issues give me heart palpitations, particularly those that have been open for months on end. Sitting like mildew in an otherwise pristine home. Here's one we've had open since *January* of this year: ![](https://hackmd.io/_uploads/HyY9_iN02.png) [`EZKL`](https://github.com/zkonduit/ezkl) (for those not in the know), is a library for converting common computational graphs, in the (quasi)-universal `.onnx` format, into zero knowledge (ZK) circuits. This allows, for example, for: - you to prove that you've run a particular neural network on a private dataset. - Or to prove you've developed a super secret new architecture that achieves 99% accuracy on a publicly available dataset _without_ revealing the model parameters. Though our library has improved in its scope of supported models, including [transformer](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/little_transformer.ipynb)-based models (see [here](https://hackmd.io/mGwARMgvSeq2nGvQWLL2Ww) for a writeup), [GANs](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/mnist_gan.ipynb), and [LSTMs](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/lstm.ipynb); implementing [Kaggle crushing](https://www.c-sharpcorner.com/article/xgboost-the-choice-of-champions/) models like random forests and gradient boosting trees has been challenging. Part of the issue stems from the way `sklearn`, `xgboost`, and `lightgbm` models are exported to `.onnx`. Instead of decomposing tree based models into individual operations, like matrix multiplication, addition, and comparisons, the whole model is exported as a single node (see image above) ! Given our library's focus on modularity and composability this has been a bit of an anti-pattern, a proverbial _thorn in our side_. This weekend after yet another call with users asking for a timeline for the implementation of such models we decided to roll up our sleeves and get it done in *48 hours*. [Check out a colab example here.](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/random_forest.ipynb) Here's what it took. ### Decomposing ugly single node onnx models into individual operations As noted above, having single node `onnx` graphs is an anti-pattern, something that might destroy our library's clean architecture if we try and accomodate it. A much better approach would be to instead convert the single node graph into its individual operations. Luckily we are not the only folks in history to have been keen to do this. And we landed on the beautifully coded [sk2torch](https://www.google.com/search?client=firefox-b-d&q=sk2torch+) library which takes a graph of this form: ![](https://hackmd.io/_uploads/B1XcjjVRn.png) And turns it into something like this: ![](https://hackmd.io/_uploads/rJfsjj4A2.png) So much nicer ! For more complex models like random forests we can simply extract the individual trees / estimators, run them through `sk2torch` and recreate the forest as a pytorch module. ```python trees = [] for tree in clr.estimators_: trees.append(sk2torch.wrap(tree)) print(trees) class RandomForest(nn.Module): def __init__(self, trees): super(RandomForest, self).__init__() self.trees = nn.ModuleList(trees) def forward(self, x): out = self.trees[0](x) for tree in self.trees[1:]: out += tree(x) return out / len(self.trees) ``` For `xgboost` and `lightgbm` we leveraged [hummingbird](https://github.com/microsoft/hummingbird), a Microsoft library for converting xgboost into torch / tensor graphs. A converted XGBoost classifier looks like this when exported to onnx: ![](https://hackmd.io/_uploads/B1Y3F6rR3.png) An observant reader will note that some operations, like `ArgMax` or `Gather` don't have particularly obvious implementations in zero-knowledge circuits. This was the second leg of our sprint. ## Dynamic / private indexing of values in ZK In python a simple and innocent indexing operation over a one-dimensional tensor $x$, `z = x[m]` is trivial. But in ZK-circuits how do we enforce this sort of indexing? especially when the indices like (`m`) might be private (advice in plonk parlance) values? The first argument we constructed was one which allows us to implement zk-circuit equivalents of the `Gather` operation. Which essentially just indexes a tensor `x` at a given set of indices. To allow for these indices to be advice values we need to construct a new kind of argument for indexing over vectors / tensors in a zk-circuit. ##### an argument for private indexing 1. We generate a claimed output. In the example above $z$. Which (should) correspond to the value of the tensor $x$ at index 3. We assign fixed _public_ values for the potential indices. In the example above $i = 0\dots N$. 4. We use the `equals` argument (see appendix below for a full description of this argument) to generate the following constraint: - $b = [(i == m)]_{i=1}^{N}$ - > Note that we want $b$ to be $0$ at indices not equal to $m$ and to be $1$ at $m$. This is a boolean operation, and should be distinguised from the typical zk-circuit operation of _constraining_ two elements to be equal (i.e arguments of the form $x - y =0$). 5. We use an element-wise multiplication argument to constrain: - $\hat{x} = x \odot b$ 6. We constrain $\hat{z}$ to be the sum of the elements of $\hat{x}$ (see the appendix for a description of the summation argument): - $\hat{z} = \sum_{i=1}^{N} \hat{x}_i$ 7. Finally we constrain $\hat{z} = z$. Altogether this set of arguments and constraints allow us to constrain the claimed output $z$ to be the $m^{th}$ element of $x$. The construction of argmax and argmin is very similar to the private indexing argument (and in fact leverages it). We add one additional constaint which is that, for a claimed $m = \text{argmax}(x)$, we should have $x[m] = \text{max}(x)$. ##### an argument for private argmax / argmin Say we want to calculate $m = \text{argmax}(x)$, where x is of length $N$. 1. We generate a claimed output. In the example above $m$. 2. Using the indexing argument above, we constrain: - $z = x[m]$ 3. As an additional step we constrain $z = \sum_{i=1}^{N} \hat{x}_i = \text{max}(x)$ (see the appendix for a description of the $\text{max}$ argument). For argmin you only need to replace the above `max` operations with `min` :) ### Conclusion You can try out colab notebooks for the new tree based models at: - [Decision Tree ___ {´◕ ◡ ◕`} ](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/decision_tree.ipynb) - [Random Forest __ (⁎⚈᷀᷁ᴗ⚈᷀᷁⁎)](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/random_forest.ipynb) - [Gradient Boosted _ (╯°□°)╯︵┻━┻](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/gradient_boosted_trees.ipynb) - [XGBoost _________ (˚Õ˚)ر ~~~~╚╩╩╝](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/xgboost.ipynb) - [LightGBM ________ ┻━┻︵ \(°□°)/ ︵ ┻━┻](https://colab.research.google.com/github/zkonduit/ezkl/blob/main/examples/notebooks/lightgbm.ipynb) All these models (when properly calibrated using ezkl) output predictions that are less than $0.1\%$ away from the original `sklearn`, `xgboost`, and `lightgbm` predictions. ------------------ ## References - [Private Gather PR](https://github.com/zkonduit/ezkl/pull/454) - [Random Forest and Gradient Boosted Trees PR](https://github.com/zkonduit/ezkl/pull/461) - [Private GatherElements and XGboost PR](https://github.com/zkonduit/ezkl/pull/462) - [hummingbird](https://github.com/microsoft/hummingbird) - [sk2torch](https://github.com/unixpickle/sk2torch) ------------------ ## Appendix ### equals argument 1. Generate a lookup table $a$ which corresponds to the "is zero" boolean operation (i.e returns 1 if an element is 0, else it returns 0). 2. Use an element-wise subtraction argument to constrain: $d = x-y$ 3. Apply lookup $a$ to $d$. ### max argument 1. Calculate the claimed $m=\text{max}(x)$, and instantiate a lookup table $a$ which corresponds to the `ReLU` element-wise operation. 2. Constrain $w = x - (m - 1)$ 4. Use lookup $a$ on $w$: $a(w)$. This is equivalent to clipping negative values. 5. Constraint the values $y=a(w)$ to be equal to 0 or 1, i.e assert that $y_i*(y_i - 1)=0$ ($\forall i \in 1\dots N$). - Any non-clipped values should be equal to 1 as at most we are subtracting the max). - This demonstrates that the there is no value of $x$ that is larger than the claimed $\text{max}(x)$. 7. We have now demonstrated that $m$ is larger than _any_ value of $x$, we must now demonstrate that _at least one_ value of $x$ is equal to $m$, i.e that $m$ is an element of $x$. - We do this by constructing the argument $z = a(1 - \sum_i y_i) = 0$. - If $z = 1$ then $\sum_i y_i = 0$ and thus no values of $x$ are equal to $\text{max}(x)$. - Conversely if $z=0$ then $\sum_i y_i >= 1$ and at least one value $y$ is equal to $1$. ### sum argument Consider the following plonk columns: ``` | a0 | a1 | m | s_dot | |-----|-----|-------|-------| | a_i | b_i |m_{i-1}| s_sum | | | |m_i | | ``` The sum between vectors $a$ and $b$ is then enforced using the following constraints $\forall i$: $a_i + b_i + m_{i-1} = m_i$

Import from clipboard

Advanced permission required

Your current role can only read. Ask the system administrator to acquire write and comment permission.

This team is disabled

Sorry, this team is disabled. You can't edit this note.

This note is locked

Sorry, only owner can edit this note.

Reach the limit

Sorry, you've reached the max length this note can be.
Please reduce the content or divide it to more notes, thank you!

Import from Gist

Import from Snippet

or

Export to Snippet

Are you sure?

Do you really want to delete this note?
All users will lose their connection.

Create a note from template

Create a note from template

Oops...
This template is not available.
Upgrade
All
  • All
  • Team
No template found.

Create custom template

Upgrade

Delete template

Do you really want to delete this template?
Turn this template into a regular note and keep its content, versions, and comments.

This page need refresh

You have an incompatible client version.
Refresh to update.
New version available!
See releases notes here
Refresh to enjoy new features.
Your user state has changed.
Refresh to load new user state.

Sign in

Forgot password

or

By clicking below, you agree to our terms of service.

Sign in via Facebook Sign in via Twitter Sign in via GitHub Sign in via Dropbox Sign in with Wallet
Wallet ( )
Connect another wallet

New to HackMD? Sign up

Help

  • English
  • 中文
  • Français
  • Deutsch
  • 日本語
  • Español
  • Català
  • Ελληνικά
  • Português
  • italiano
  • Türkçe
  • Русский
  • Nederlands
  • hrvatski jezik
  • język polski
  • Українська
  • हिन्दी
  • svenska
  • Esperanto
  • dansk

Documents

Help & Tutorial

How to use Book mode

How to use Slide mode

API Docs

Edit in VSCode

Install browser extension

Get in Touch

Feedback

Discord

Send us email

Resources

Releases

Pricing

Blog

Policy

Terms

Privacy

Cheatsheet

Syntax Example Reference
# Header Header 基本排版
- Unordered List
  • Unordered List
1. Ordered List
  1. Ordered List
- [ ] Todo List
  • Todo List
> Blockquote
Blockquote
**Bold font** Bold font
*Italics font* Italics font
~~Strikethrough~~ Strikethrough
19^th^ 19th
H~2~O H2O
++Inserted text++ Inserted text
==Marked text== Marked text
[link text](https:// "title") Link
![image alt](https:// "title") Image
`Code` Code 在筆記中貼入程式碼
```javascript
var i = 0;
```
var i = 0;
:smile: :smile: Emoji list
{%youtube youtube_id %} Externals
$L^aT_eX$ LaTeX
:::info
This is a alert area.
:::

This is a alert area.

Versions and GitHub Sync
Upgrade to Prime Plan

  • Edit version name
  • Delete

revision author avatar     named on  

More Less

No updates to save
Compare
    Choose a version
    No search result
    Version not found
Sign in to link this note to GitHub
Learn more
This note is not linked with GitHub
 

Feedback

Submission failed, please try again

Thanks for your support.

On a scale of 0-10, how likely is it that you would recommend HackMD to your friends, family or business associates?

Please give us some advice and help us improve HackMD.

 

Thanks for your feedback

Remove version name

Do you want to remove this version name and description?

Transfer ownership

Transfer to
    Warning: is a public team. If you transfer note to this team, everyone on the web can find and read this note.

      Link with GitHub

      Please authorize HackMD on GitHub
      • Please sign in to GitHub and install the HackMD app on your GitHub repo.
      • HackMD links with GitHub through a GitHub App. You can choose which repo to install our App.
      Learn more  Sign in to GitHub

      Push the note to GitHub Push to GitHub Pull a file from GitHub

        Authorize again
       

      Choose which file to push to

      Select repo
      Refresh Authorize more repos
      Select branch
      Select file
      Select branch
      Choose version(s) to push
      • Save a new version and push
      • Choose from existing versions
      Include title and tags
      Available push count

      Upgrade

      Pull from GitHub

       
      File from GitHub
      File from HackMD

      GitHub Link Settings

      File linked

      Linked by
      File path
      Last synced branch
      Available push count

      Upgrade

      Danger Zone

      Unlink
      You will no longer receive notification when GitHub file changes after unlink.

      Syncing

      Push failed

      Push successfully