longfellow 0.1.0

data/vendor/longfellow-zk/lib/circuits/cbor_parser/cbor_byte_decoder.h

@@ -0,0 +1,150 @@
+// Copyright 2026 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_BYTE_DECODER_H_
+#define PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_BYTE_DECODER_H_
+
+#include <stddef.h>
+#include <stdint.h>
+
+#include "circuits/logic/counter.h"
+
+namespace proofs {
+template <class Logic>
+class CborByteDecoder {
+ public:
+  using CounterL = Counter<Logic>;
+  using Field = typename Logic::Field;
+  using EltW = typename Logic::EltW;
+  using CEltW = typename CounterL::CEltW;
+  using BitW = typename Logic::BitW;
+  using v8 = typename Logic::v8;
+
+  explicit CborByteDecoder(const Logic& l) : l_(l), ctr_(l) {}
+
+  //------------------------------------------------------------
+  // Decoder (lexer)
+  //------------------------------------------------------------
+  struct decode {
+    BitW atomp;
+    BitW itemsp;
+    BitW stringp;
+    BitW arrayp;
+    BitW mapp;
+    BitW tagp;
+    BitW specialp;
+    BitW simple_specialp;  // One of false, true, null, or undefined.
+    BitW count0_23;
+    BitW count24_27;
+    BitW count24;
+    BitW count25;
+    BitW count26;
+    BitW count27;
+    BitW length_plus_next_v8;
+    BitW count_is_next_v8;
+    BitW invalid;
+    CEltW length;  // of this item
+    EltW as_scalar;
+    CEltW as_counter;
+    CEltW count_as_counter;
+    v8 as_bits;
+  };
+
+  // Extract whatever we can from one v8 alone, without looking
+  // at witnesses, assuming that
+  // this v8 is the start of a cbor token.
+  struct decode decode_one_v8(const v8& v) const {
+    const Logic& L = l_;  // shorthand
+    struct decode s;
+    L.vassert_is_bit(v);
+
+    // v = type:3 count:5
+    auto count = L.template slice<0, 5>(v);
+    auto type = L.template slice<5, 8>(v);
+
+    s.atomp = L.veqmask(type, /*mask*/ 0b110, /*val*/ 0b000);
+    s.stringp = L.veqmask(type, /*mask*/ 0b110, /*val*/ 0b010);
+    s.itemsp = L.veqmask(type, /*mask*/ 0b110, /*val*/ 0b100);
+
+    s.specialp = L.veq(type, 7);
+    s.tagp = L.veq(type, 6);
+    s.arrayp = L.land(s.itemsp, L.lnot(type[0]));
+    s.mapp = L.land(s.itemsp, type[0]);
+
+    // count0_23 = (0 <= count < 24) = ~(count == 11xxx)
+    s.count0_23 = L.lnot(L.veqmask(count, /*mask*/ 0b11000, /*val*/ 0b11000));
+    s.count24_27 = L.veqmask(count, /*mask*/ 0b11100, /*val*/ 0b11000);
+
+    s.count24 = L.veq(count, 24);
+    s.count25 = L.veq(count, 25);
+    s.count26 = L.veq(count, 26);
+    s.count27 = L.veq(count, 27);
+
+    BitW count20_23 = L.veqmask(count, /*mask*/ 0b11100, /*val*/ 0b10100);
+    s.simple_specialp = L.land(s.specialp, count20_23);
+
+    // stringp && count24
+    s.length_plus_next_v8 =
+        L.veqmask(v, /*mask*/ 0b110'11111, /*val*/ 0b010'11000);
+
+    // itemsp && count24
+    s.count_is_next_v8 =
+        L.veqmask(v, /*mask*/ 0b110'11111, /*val*/ 0b100'11000);
+
+    BitW count0_24 = L.lor_exclusive(s.count24, s.count0_23);
+    BitW atom_or_tag = L.lor_exclusive(s.atomp, s.tagp);
+
+    // count0_24 works for all types (except invalid special)
+    // but atom_or_tag supports count <= 27
+    BitW good_count = L.lor(count0_24, L.land(atom_or_tag, s.count24_27));
+    BitW invalid_special = L.land(s.specialp, L.lnot(s.simple_specialp));
+    s.invalid = L.lor(invalid_special, L.lnot(good_count));
+
+    s.count_as_counter = ctr_.as_counter(count);
+
+    // Hack to compute the length.  Unclear what the right
+    // abstraction should be.
+
+    // Compute l24_27, the length assuming count24_27
+    CEltW l1 = ctr_.as_counter(1 + 1);
+    CEltW l2 = ctr_.as_counter(1 + 2);
+    CEltW l4 = ctr_.as_counter(1 + 4);
+    CEltW l8 = ctr_.as_counter(1 + 8);
+    CEltW l24_25 = ctr_.mux(count[0], l2, l1);
+    CEltW l26_27 = ctr_.mux(count[0], l8, l4);
+    CEltW l24_27 = ctr_.mux(count[1], l26_27, l24_25);
+
+    // choose between count0_23 and count24_27
+    CEltW x1 = ctr_.as_counter(1);
+    s.length = ctr_.mux(s.count0_23, x1, l24_27);
+
+    // adjust for strings
+    BitW str_23 = L.land(s.stringp, s.count0_23);
+    CEltW adjust_if_string = ctr_.ite0(str_23, s.count_as_counter);
+    s.length = ctr_.add(s.length, adjust_if_string);
+
+    s.as_counter = ctr_.as_counter(v);
+    s.as_scalar = L.as_scalar(v);
+    s.as_bits = v;
+
+    return s;
+  }
+
+ private:
+  const Logic& l_;
+  const CounterL ctr_;
+};
+}  // namespace proofs
+
+#endif  // PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_BYTE_DECODER_H_

data/vendor/longfellow-zk/lib/circuits/cbor_parser/cbor_byte_decoder_test.cc

@@ -0,0 +1,147 @@
+// Copyright 2026 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "circuits/cbor_parser/cbor_byte_decoder.h"
+
+#include <stddef.h>
+
+#include "algebra/fp.h"
+#include "circuits/logic/counter.h"
+#include "circuits/logic/evaluation_backend.h"
+#include "circuits/logic/logic.h"
+#include "gf2k/gf2_128.h"
+#include "gtest/gtest.h"
+
+namespace proofs {
+namespace {
+
+template <class Field>
+void test_decode_one_v8(const Field& F) {
+  using EvalBackend = EvaluationBackend<Field>;
+  using Logic = Logic<Field, EvalBackend>;
+  using CounterL = Counter<Logic>;
+
+  const EvalBackend ebk(F);
+  const Logic L(&ebk, F);
+  const CounterL CTR(L);
+
+  using CborBD = CborByteDecoder<Logic>;
+  const CborBD CBORBD(L);
+  for (size_t type = 0; type < 8; ++type) {
+    for (size_t count = 0; count < 32; ++count) {
+      size_t v_as_size_t = (type << 5) | count;
+      typename Logic::v8 v = L.template vbit<8>(v_as_size_t);
+      auto ds = CBORBD.decode_one_v8(v);
+
+      bool atomp = (type == 0) || (type == 1);
+      bool stringp = (type == 2) || (type == 3);
+      bool arrayp = (type == 4);
+      bool mapp = (type == 5);
+      bool itemsp = arrayp || mapp;
+      bool tagp = (type == 6);
+      bool specialp = (type == 7);
+      bool simple_specialp = specialp && (20 <= count && count < 24);
+      bool count0_23 = (count < 24);
+      bool count24_27 = (24 <= count) && (count < 28);
+      bool count24 = (count == 24);
+      bool count25 = (count == 25);
+      bool count26 = (count == 26);
+      bool count27 = (count == 27);
+
+      bool length_plus_next_v8 = false;
+      bool count_is_next_v8 = false;
+      bool invalid = false;
+      size_t length = ~0;  // bogus
+      size_t count_as_counter = count;
+      if (atomp || tagp) {
+        if (count0_23) {
+          length = 1;
+        } else if (count24) {
+          length = 1 + 1;
+        } else if (count25) {
+          length = 1 + 2;
+        } else if (count26) {
+          length = 1 + 4;
+        } else if (count27) {
+          length = 1 + 8;
+        } else {
+          invalid = true;
+        }
+      } else if (itemsp) {
+        if (count0_23) {
+          length = 1;
+        } else if (count24) {
+          length = 2;
+          count_is_next_v8 = true;
+        } else {
+          invalid = true;
+        }
+      } else if (stringp) {
+        if (count0_23) {
+          length = 1 + count;
+        } else if (count24) {
+          length = 2;
+          length_plus_next_v8 = true;
+        } else {
+          invalid = true;
+        }
+      } else if (simple_specialp) {
+        length = 1;
+      } else {
+        invalid = true;
+      }
+
+      EXPECT_EQ(L.eval(ds.atomp), L.eval(L.bit(atomp)));
+      EXPECT_EQ(L.eval(ds.itemsp), L.eval(L.bit(itemsp)));
+      EXPECT_EQ(L.eval(ds.stringp), L.eval(L.bit(stringp)));
+      EXPECT_EQ(L.eval(ds.arrayp), L.eval(L.bit(arrayp)));
+      EXPECT_EQ(L.eval(ds.mapp), L.eval(L.bit(mapp)));
+      EXPECT_EQ(L.eval(ds.tagp), L.eval(L.bit(tagp)));
+      EXPECT_EQ(L.eval(ds.specialp), L.eval(L.bit(specialp)));
+      EXPECT_EQ(L.eval(ds.simple_specialp), L.eval(L.bit(simple_specialp)));
+
+      EXPECT_EQ(L.eval(ds.count0_23), L.eval(L.bit(count0_23)));
+      EXPECT_EQ(L.eval(ds.count24_27), L.eval(L.bit(count24_27)));
+      EXPECT_EQ(L.eval(ds.count24), L.eval(L.bit(count24)));
+      EXPECT_EQ(L.eval(ds.count25), L.eval(L.bit(count25)));
+      EXPECT_EQ(L.eval(ds.count26), L.eval(L.bit(count26)));
+      EXPECT_EQ(L.eval(ds.count27), L.eval(L.bit(count27)));
+      EXPECT_EQ(L.eval(ds.length_plus_next_v8),
+                L.eval(L.bit(length_plus_next_v8)));
+      EXPECT_EQ(L.eval(ds.count_is_next_v8), L.eval(L.bit(count_is_next_v8)));
+      EXPECT_EQ(L.eval(ds.invalid), L.eval(L.bit(invalid)));
+
+      if (!invalid) {
+        // the length is don't care unless valid
+        EXPECT_EQ(ds.length.e, CTR.as_counter(length).e);
+      }
+
+      EXPECT_EQ(ds.count_as_counter.e, CTR.as_counter(count_as_counter).e);
+      EXPECT_EQ(ds.as_counter.e, CTR.as_counter(v_as_size_t).e);
+      EXPECT_EQ(ds.as_scalar, L.konst(v_as_size_t));
+      for (size_t k = 0; k < 8; ++k) {
+        EXPECT_EQ(L.eval(ds.as_bits[k]), L.eval(L.bit((v_as_size_t >> k) & 1)));
+      }
+    }
+  }
+}
+
+TEST(CborByteDecoder, PrimeField) {
+  test_decode_one_v8(Fp<1>("18446744073709551557"));
+}
+
+TEST(CborByteDecoder, BinaryField) { test_decode_one_v8(GF2_128<>()); }
+
+}  // namespace
+}  // namespace proofs

data/vendor/longfellow-zk/lib/circuits/cbor_parser/cbor_constants.h

@@ -0,0 +1,27 @@
+// Copyright 2026 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_CONSTANTS_H_
+#define PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_CONSTANTS_H_
+
+#include <stddef.h>
+
+namespace proofs {
+struct CborConstants {
+  static constexpr size_t kNCounters = 4;
+  static constexpr size_t kIndexBits = 12;
+};
+}  // namespace proofs
+
+#endif  // PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_CONSTANTS_H_

data/vendor/longfellow-zk/lib/circuits/cbor_parser/cbor_pluck.h

@@ -0,0 +1,110 @@
+// Copyright 2026 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_PLUCK_H_
+#define PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_PLUCK_H_
+#include <stddef.h>
+#include <stdint.h>
+
+#include <vector>
+
+#include "algebra/interpolation.h"
+#include "algebra/poly.h"
+#include "circuits/logic/bit_plucker_constants.h"
+#include "circuits/logic/polynomial.h"
+
+namespace proofs {
+// Special plucker that decodes into a pair (B, J) where B is one bit,
+// and J is an array of NJ bits at most one of which can be set.
+//
+// B can assume one of two distinct values, and J can assume NJ+1
+// distinct values.  Thus there are N = 2*(NJ+1) evaluation points.
+// We encode J as the index IJ of which bit is set, or IJ=NJ if no bit
+// is set.
+template <class Logic, size_t NJ>
+class CborPlucker {
+ public:
+  using Field = typename Logic::Field;
+  using BitW = typename Logic::BitW;
+  using EltW = typename Logic::EltW;
+  using Elt = typename Field::Elt;
+  static constexpr size_t kN = 2 * (NJ + 1);
+  using PolyN = Poly<kN, Field>;
+  using InterpolationN = Interpolation<kN, Field>;
+  const Logic& l_;
+  PolyN pluckerb_;
+  std::vector<PolyN> pluckerj_;
+
+  explicit CborPlucker(const Logic& l) : l_(l), pluckerj_(NJ) {
+    const Field& F = l_.f_;  // shorthand
+    // evaluation points
+    PolyN X;
+    for (size_t i = 0; i < kN; ++i) {
+      X[i] = bit_plucker_point<Field, kN>()(i, F);
+    }
+
+    // encode B in the low-order bit
+    PolyN Y;
+    for (size_t i = 0; i < kN; ++i) {
+      Y[i] = F.of_scalar(i & 1);
+    }
+    pluckerb_ = InterpolationN::monomial_of_lagrange(Y, X, F);
+
+    // encode J in the high-order bits
+    for (size_t j = 0; j < NJ; ++j) {
+      for (size_t i = 0; i < kN; ++i) {
+        Y[i] = F.of_scalar((i >> 1) == j);
+      }
+      pluckerj_[j] = InterpolationN::monomial_of_lagrange(Y, X, F);
+    }
+  }
+
+  BitW pluckb(const EltW& e) const {
+    const Logic& L = l_;  // shorthand
+    const Polynomial<Logic> P(L);
+
+    EltW v = P.eval(pluckerb_, e);
+    L.assert_is_bit(v);
+    return BitW(v, L.f_);
+  }
+
+  typename Logic::template bitvec<NJ> pluckj(const EltW& e) const {
+    typename Logic::template bitvec<NJ> r;
+    const Logic& L = l_;  // shorthand
+    const Polynomial<Logic> P(L);
+
+    for (size_t j = 0; j < NJ; ++j) {
+      EltW v = P.eval(pluckerj_[j], e);
+      L.assert_is_bit(v);
+      r[j] = BitW(v, L.f_);
+    }
+
+    return r;
+  }
+};
+
+template <class Field, size_t NJ>
+struct cbor_plucker_point {
+  using Elt = typename Field::Elt;
+  static constexpr size_t kN = 2 * (NJ + 1);
+
+  // packing of bits compatible with even_lagrange_basis():
+  Elt operator()(bool b, size_t j, const Field& F) const {
+    uint64_t bits = b + 2 * j;
+    return bit_plucker_point<Field, kN>()(bits, F);
+  }
+};
+}  // namespace proofs
+
+#endif  // PRIVACY_PROOFS_ZK_LIB_CIRCUITS_CBOR_PARSER_CBOR_PLUCK_H_

data/vendor/longfellow-zk/lib/circuits/cbor_parser/cbor_pluck_test.cc

@@ -0,0 +1,55 @@
+// Copyright 2026 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "circuits/cbor_parser/cbor_pluck.h"
+
+#include <stddef.h>
+
+#include "algebra/fp.h"
+#include "circuits/logic/bit_plucker_constants.h"
+#include "circuits/logic/evaluation_backend.h"
+#include "circuits/logic/logic.h"
+#include "gf2k/gf2_128.h"
+#include "gtest/gtest.h"
+
+namespace proofs {
+namespace {
+
+template <class Field>
+void pluck_test(const Field &F) {
+  using EvalBackend = EvaluationBackend<Field>;
+  using Logic = Logic<Field, EvalBackend>;
+
+  constexpr size_t NJ = 7;
+  constexpr size_t N = 2 * (NJ + 1);
+  const EvalBackend ebk(F);
+  const Logic L(&ebk, F);
+  const CborPlucker<Logic, NJ> P(L);
+
+  for (size_t i = 0; i < N; ++i) {
+    auto gotb = P.pluckb(L.konst(bit_plucker_point<Field, N>()(i, F)));
+    auto gotj = P.pluckj(L.konst(bit_plucker_point<Field, N>()(i, F)));
+    EXPECT_EQ(L.eval(gotb), L.konst(i & 1));
+    for (size_t j = 0; j < NJ; ++j) {
+      EXPECT_EQ(L.eval(gotj[j]), L.konst((i >> 1) == j));
+    }
+  }
+}
+
+TEST(CborPluck, PluckPrimeField) { pluck_test(Fp<1>("18446744073709551557")); }
+
+TEST(CborPluck, PluckBinaryField) { pluck_test(GF2_128<>()); }
+
+}  // namespace
+}  // namespace proofs

data/vendor/longfellow-zk/lib/circuits/cbor_parser/cbor_test.cc

@@ -0,0 +1,174 @@
+// Copyright 2026 Google LLC.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "circuits/cbor_parser/cbor.h"
+
+#include <stddef.h>
+
+#include <cstdint>
+#include <vector>
+
+#include "circuits/cbor_parser/cbor_constants.h"
+#include "circuits/cbor_parser/cbor_pluck.h"
+#include "circuits/compiler/circuit_dump.h"
+#include "circuits/compiler/compiler.h"
+#include "circuits/logic/compiler_backend.h"
+#include "circuits/logic/counter.h"
+#include "circuits/logic/evaluation_backend.h"
+#include "circuits/logic/logic.h"
+#include "gf2k/gf2_128.h"
+#include "util/log.h"
+#include "gtest/gtest.h"
+
+namespace proofs {
+namespace {
+using Field = GF2_128<>;
+const Field F;
+
+using CompilerBackend = CompilerBackend<Field>;
+using LogicCircuit = Logic<Field, CompilerBackend>;
+
+using EvalBackend = EvaluationBackend<Field>;
+using Logic = Logic<Field, EvalBackend>;
+using CounterL = Counter<Logic>;
+
+
+// encoder of input bytes
+static inline uint8_t X(uint8_t type, uint8_t count) {
+  return (type << 5) | count;
+}
+
+const struct {
+  uint8_t v, len;
+} testcase[] = {
+    // a small atom, constant 23
+    {X(0, 23), 1},
+
+    // a larger atom, constant 33
+    {X(0, 24), 2},
+    {33},
+
+    // another large atom
+    {X(0, 24), 2},
+    {34},
+
+    // a short string
+    {X(2, 3), 4},
+    {'f'},
+    {'o'},
+    {'o'},
+
+    // a long string
+    {X(2, 24), 5},  // header + next byte + string
+    {/*length of the string*/ 3},
+    {0xff},
+    {25},
+    {31},
+
+    // another small atom
+    {X(0, 22), 1},
+
+    // a long string
+    {X(2, 24), 6},  // header + next byte + string
+    {/*length of the string*/ 4},
+    {'q'},
+    {'u'},
+    {'u'},
+    {'x'},
+};
+constexpr size_t ntestcase = sizeof(testcase) / sizeof(testcase[0]);
+
+TEST(CBOR, VerifyDecode) {
+  const EvalBackend ebk(F);
+  const Logic L(&ebk, F);
+  using Cbor = Cbor<Logic>;
+  const Cbor CBOR(L);
+
+  constexpr size_t n = ntestcase;
+  std::vector<Cbor::v8> in(n);
+  std::vector<Cbor::position_witness> pw(n);
+  Cbor::global_witness gw;
+
+  size_t slen = 1;
+  auto prod = F.one();
+  for (size_t i = 0; i < n; ++i) {
+    in[i] = L.vbit<8>(testcase[i].v);
+
+    size_t slenm1 = slen - 1;
+    size_t slen_next;
+    if (slenm1 == 0) {
+      slen_next = testcase[i].len;
+    } else {
+      if (i > 0) {
+        prod = F.mulf(prod, F.znz_indicator(F.as_counter(slenm1)));
+      }
+      slen_next = slenm1;
+    }
+    pw[i].encoded_sel_header =
+        L.konst(cbor_plucker_point<Field, CborConstants::kNCounters>()(
+            (slenm1 == 0), 0, F));
+    slen = slen_next;
+  }
+
+  std::vector<Cbor::decode> ds(n);
+  gw.invprod_decode = L.konst(F.invertf(prod));
+  CBOR.decode_and_assert_decode(n, ds.data(), in.data(), pw.data(), gw);
+}
+
+TEST(CBOR, VerifyParseSize) {
+  set_log_level(INFO);
+
+  size_t sizes[] = {247, 503, 1079, 1591, 2231, 2551};
+
+  for (size_t i = 0; i < sizeof(sizes) / sizeof(sizes[0]); ++i) {
+    size_t n = sizes[i];
+    QuadCircuit<Field> Q(F);
+    const CompilerBackend cbk(&Q);
+    const LogicCircuit LC(&cbk, F);
+    using CborC = Cbor<LogicCircuit>;
+    const CborC CBORC(LC);
+    const Counter<LogicCircuit> CTRC(LC);
+
+    std::vector<CborC::v8> inC(n);
+    std::vector<CborC::position_witness> pwC(n);
+    CborC::global_witness gwC;
+
+    for (size_t j = 0; j < n; ++j) {
+      inC[j] = LC.vinput<8>();
+      pwC[j].encoded_sel_header = LC.eltw_input();
+    }
+    gwC.invprod_decode = LC.eltw_input();
+    gwC.cc0_counter = CTRC.input();
+    gwC.invprod_parse = LC.eltw_input();
+
+    std::vector<CborC::decode> dsC(n);
+    std::vector<CborC::parse_output> psC(n);
+    CBORC.decode_and_assert_decode_and_parse(n, dsC.data(), psC.data(),
+                                             inC.data(), pwC.data(), gwC);
+
+    // Fake parser output, otherwise the compiler eliminates important wires.
+    constexpr size_t kNCounters = CborC::kNCounters;
+    size_t nout = 0;
+    for (size_t j = 0; j < n; ++j) {
+      for (size_t l = 0; l < kNCounters; ++l) {
+        LC.output(psC[j].c[l].e, nout++);
+      }
+    }
+
+    auto CIRCUIT = Q.mkcircuit(/*nc=*/1);
+    dump_info<Field>("decode_and_assert_decode_and_parse", n, Q);
+  }
+}
+}  // namespace
+}  // namespace proofs