From 5309b903083d985b0fc70e5117a2a458bfe7cda6 Mon Sep 17 00:00:00 2001
From: adria0 <adria0@nowhere>
Date: Wed, 5 Jun 2024 10:07:41 +0200
Subject: [PATCH] Deterministic tests

---
 Cargo.toml                                   |  1 +
 halo2_backend/src/poly/commitment.rs         |  4 +-
 halo2_backend/src/poly/ipa/commitment.rs     | 13 +++---
 halo2_backend/src/poly/ipa/msm.rs            |  3 +-
 halo2_backend/src/poly/kzg/commitment.rs     | 15 ++++---
 halo2_backend/src/poly/multiopen_test.rs     |  8 ++--
 halo2_debug/Cargo.toml                       | 26 +++++++++++
 halo2_debug/src/lib.rs                       | 36 ++++++++++++++++
 halo2_frontend/Cargo.toml                    |  1 -
 halo2_proofs/Cargo.toml                      |  3 +-
 halo2_proofs/benches/plonk.rs                |  2 +-
 halo2_proofs/tests/compress_selectors.rs     | 43 +++++++++----------
 halo2_proofs/tests/frontend_backend_split.rs | 45 +++++++-------------
 halo2_proofs/tests/plonk_api.rs              | 34 ++++++++++-----
 halo2_proofs/tests/serialization.rs          | 24 ++++++-----
 halo2_proofs/tests/shuffle.rs                | 33 +++++++++++---
 halo2_proofs/tests/shuffle_api.rs            | 20 ++++++---
 halo2_proofs/tests/vector-ops-unblinded.rs   | 19 +++++++--
 test.sh                                      | 36 ++++++++++++++++
 19 files changed, 256 insertions(+), 110 deletions(-)
 create mode 100644 halo2_debug/Cargo.toml
 create mode 100644 halo2_debug/src/lib.rs
 create mode 100755 test.sh

diff --git a/Cargo.toml b/Cargo.toml
index 233bf95ad0..1e75bcb87e 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -5,6 +5,7 @@ members = [
     "halo2_frontend",
     "halo2_middleware",
     "halo2_backend",
+    "halo2_debug",
     "p3_frontend",
 ]
 resolver = "2"
diff --git a/halo2_backend/src/poly/commitment.rs b/halo2_backend/src/poly/commitment.rs
index fb11099150..f85170c3ed 100644
--- a/halo2_backend/src/poly/commitment.rs
+++ b/halo2_backend/src/poly/commitment.rs
@@ -30,7 +30,7 @@ pub trait CommitmentScheme {
     type ParamsVerifier: for<'params> ParamsVerifier<'params, Self::Curve>;
 
     /// Wrapper for parameter generator
-    fn new_params(k: u32) -> Self::ParamsProver;
+    fn new_params(k: u32, rng: impl RngCore) -> Self::ParamsProver;
 
     /// Wrapper for parameter reader
     fn read_params<R: io::Read>(reader: &mut R) -> io::Result<Self::ParamsProver>;
@@ -69,7 +69,7 @@ pub trait Params<C: CurveAffine>: Sized + Clone + Debug {
 /// Parameters for circuit synthesis and prover parameters.
 pub trait ParamsProver<C: CurveAffine>: Params<C> {
     /// Returns new instance of parameters
-    fn new(k: u32) -> Self;
+    fn new(k: u32, rng: impl RngCore) -> Self;
 
     /// This computes a commitment to a polynomial described by the provided
     /// slice of coefficients. The commitment may be blinded by the blinding
diff --git a/halo2_backend/src/poly/ipa/commitment.rs b/halo2_backend/src/poly/ipa/commitment.rs
index e1436e28c5..352f599a5f 100644
--- a/halo2_backend/src/poly/ipa/commitment.rs
+++ b/halo2_backend/src/poly/ipa/commitment.rs
@@ -11,6 +11,7 @@ use crate::poly::{Coeff, LagrangeCoeff, Polynomial};
 
 use group::{Curve, Group};
 use halo2_middleware::zal::traits::MsmAccel;
+use rand_core::RngCore;
 use std::marker::PhantomData;
 
 mod prover;
@@ -45,8 +46,8 @@ impl<C: CurveAffine> CommitmentScheme for IPACommitmentScheme<C> {
     type ParamsProver = ParamsIPA<C>;
     type ParamsVerifier = ParamsVerifierIPA<C>;
 
-    fn new_params(k: u32) -> Self::ParamsProver {
-        ParamsIPA::new(k)
+    fn new_params(k: u32, rng: impl RngCore) -> Self::ParamsProver {
+        ParamsIPA::new(k, rng)
     }
 
     fn read_params<R: io::Read>(reader: &mut R) -> io::Result<Self::ParamsProver> {
@@ -150,7 +151,7 @@ impl<C: CurveAffine> Params<C> for ParamsIPA<C> {
 impl<C: CurveAffine> ParamsProver<C> for ParamsIPA<C> {
     /// Initializes parameters for the curve, given a random oracle to draw
     /// points from.
-    fn new(k: u32) -> Self {
+    fn new(k: u32, _: impl RngCore) -> Self {
         // This is usually a limitation on the curve, but we also want 32-bit
         // architectures to be supported.
         assert!(k < 32);
@@ -253,7 +254,7 @@ mod test {
         use halo2curves::pasta::{EpAffine, Fq};
 
         let engine = H2cEngine::new();
-        let params = ParamsIPA::<EpAffine>::new(K);
+        let params = ParamsIPA::<EpAffine>::new(K, OsRng);
         let domain = EvaluationDomain::new(1, K);
 
         let mut a = domain.empty_lagrange();
@@ -282,7 +283,7 @@ mod test {
         use halo2curves::pasta::{EqAffine, Fp};
 
         let engine = H2cEngine::new();
-        let params: ParamsIPA<EqAffine> = ParamsIPA::<EqAffine>::new(K);
+        let params: ParamsIPA<EqAffine> = ParamsIPA::<EqAffine>::new(K, OsRng);
         let domain = EvaluationDomain::new(1, K);
 
         let mut a = domain.empty_lagrange();
@@ -322,7 +323,7 @@ mod test {
         let rng = OsRng;
 
         let engine = H2cEngine::new();
-        let params = ParamsIPA::<EpAffine>::new(K);
+        let params = ParamsIPA::<EpAffine>::new(K, OsRng);
         let mut params_buffer = vec![];
         <ParamsIPA<_> as Params<_>>::write(&params, &mut params_buffer).unwrap();
         let params: ParamsIPA<EpAffine> = Params::read::<_>(&mut &params_buffer[..]).unwrap();
diff --git a/halo2_backend/src/poly/ipa/msm.rs b/halo2_backend/src/poly/ipa/msm.rs
index b2869e9dd0..0542636666 100644
--- a/halo2_backend/src/poly/ipa/msm.rs
+++ b/halo2_backend/src/poly/ipa/msm.rs
@@ -227,6 +227,7 @@ mod tests {
         pasta::{Ep, EpAffine, Fp, Fq},
         CurveAffine,
     };
+    use rand_core::OsRng;
 
     #[test]
     fn msm_arithmetic() {
@@ -234,7 +235,7 @@ mod tests {
         let base_viol = base + base;
 
         let engine = H2cEngine::new();
-        let params = ParamsIPA::new(4);
+        let params = ParamsIPA::new(4, OsRng);
         let mut a: MSMIPA<EpAffine> = MSMIPA::new(&params);
         a.append_term(Fq::one(), base);
         // a = [1] P
diff --git a/halo2_backend/src/poly/kzg/commitment.rs b/halo2_backend/src/poly/kzg/commitment.rs
index 3bb0e5669f..8375be0dfb 100644
--- a/halo2_backend/src/poly/kzg/commitment.rs
+++ b/halo2_backend/src/poly/kzg/commitment.rs
@@ -8,7 +8,7 @@ use halo2_middleware::ff::{Field, PrimeField};
 use halo2_middleware::zal::traits::MsmAccel;
 use halo2curves::pairing::Engine;
 use halo2curves::{CurveAffine, CurveExt};
-use rand_core::{OsRng, RngCore};
+use rand_core::RngCore;
 use std::fmt::Debug;
 use std::marker::PhantomData;
 
@@ -139,8 +139,8 @@ where
     type ParamsProver = ParamsKZG<E>;
     type ParamsVerifier = ParamsVerifierKZG<E>;
 
-    fn new_params(k: u32) -> Self::ParamsProver {
-        ParamsKZG::new(k)
+    fn new_params(k: u32, rng: impl RngCore) -> Self::ParamsProver {
+        ParamsKZG::new(k, rng)
     }
 
     fn read_params<R: io::Read>(reader: &mut R) -> io::Result<Self::ParamsProver> {
@@ -429,8 +429,8 @@ where
     E::G1: CurveExt<AffineExt = E::G1Affine>,
     E::G2Affine: SerdeCurveAffine,
 {
-    fn new(k: u32) -> Self {
-        Self::setup(k, OsRng)
+    fn new(k: u32, rng: impl RngCore) -> Self {
+        Self::setup(k, rng)
     }
 
     fn commit(
@@ -455,6 +455,7 @@ mod test {
     use crate::poly::kzg::commitment::ParamsKZG;
     use halo2_middleware::ff::Field;
     use halo2_middleware::zal::impls::H2cEngine;
+    use rand_core::OsRng;
 
     #[test]
     fn test_commit_lagrange() {
@@ -466,7 +467,7 @@ mod test {
         use halo2curves::bn256::{Bn256, Fr};
 
         let engine = H2cEngine::new();
-        let params = ParamsKZG::<Bn256>::new(K);
+        let params = ParamsKZG::<Bn256>::new(K, OsRng);
         let domain = EvaluationDomain::new(1, K);
 
         let mut a = domain.empty_lagrange();
@@ -492,7 +493,7 @@ mod test {
         use super::super::commitment::Params;
         use halo2curves::bn256::Bn256;
 
-        let params0 = ParamsKZG::<Bn256>::new(K);
+        let params0 = ParamsKZG::<Bn256>::new(K, OsRng);
         let mut data = vec![];
         <ParamsKZG<_> as Params<_>>::write(&params0, &mut data).unwrap();
         let params1: ParamsKZG<Bn256> = Params::read::<_>(&mut &data[..]).unwrap();
diff --git a/halo2_backend/src/poly/multiopen_test.rs b/halo2_backend/src/poly/multiopen_test.rs
index e907d0134c..ef7cf7606b 100644
--- a/halo2_backend/src/poly/multiopen_test.rs
+++ b/halo2_backend/src/poly/multiopen_test.rs
@@ -29,7 +29,7 @@ mod test {
         const K: u32 = 4;
 
         let engine = H2cEngine::new();
-        let params = ParamsIPA::<EqAffine>::new(K);
+        let params = ParamsIPA::<EqAffine>::new(K, OsRng);
 
         let proof = create_proof::<
             IPACommitmentScheme<EqAffine>,
@@ -67,7 +67,7 @@ mod test {
         const K: u32 = 4;
 
         let engine = H2cEngine::new();
-        let params = ParamsIPA::<EqAffine>::new(K);
+        let params = ParamsIPA::<EqAffine>::new(K, OsRng);
 
         let proof = create_proof::<
             IPACommitmentScheme<EqAffine>,
@@ -105,7 +105,7 @@ mod test {
         const K: u32 = 4;
 
         let engine = H2cEngine::new();
-        let params = ParamsKZG::<Bn256>::new(K);
+        let params = ParamsKZG::<Bn256>::new(K, OsRng);
 
         let proof = create_proof::<_, ProverGWC<_>, _, Blake2bWrite<_, _, Challenge255<_>>>(
             &engine, &params,
@@ -138,7 +138,7 @@ mod test {
         const K: u32 = 4;
 
         let engine = H2cEngine::new();
-        let params = ParamsKZG::<Bn256>::new(K);
+        let params = ParamsKZG::<Bn256>::new(K, OsRng);
 
         let proof = create_proof::<
             KZGCommitmentScheme<Bn256>,
diff --git a/halo2_debug/Cargo.toml b/halo2_debug/Cargo.toml
new file mode 100644
index 0000000000..9e71ffdcc3
--- /dev/null
+++ b/halo2_debug/Cargo.toml
@@ -0,0 +1,26 @@
+[package]
+name = "halo2_debug"
+version = "0.3.0"
+authors = [
+    "Privacy Scaling Explorations team",
+]
+edition = "2021"
+rust-version = "1.66.0"
+description = """
+Halo2 Debug.  This package contains utilities for debugging and testing within
+the halo2 ecosystem.
+"""
+license = "MIT OR Apache-2.0"
+repository = "https://github.com/privacy-scaling-explorations/halo2"
+documentation = "https://privacy-scaling-explorations.github.io/halo2/"
+categories = ["cryptography"]
+keywords = ["halo", "proofs", "zkp", "zkSNARKs"]
+
+[package.metadata.docs.rs]
+all-features = true
+rustdoc-args = ["--cfg", "docsrs", "--html-in-header", "katex-header.html"]
+
+[dependencies]
+tiny-keccak = { version = "2.0.2", features=["keccak"] }
+hex = "0.4.3"
+rand_core = "0.6.4"
diff --git a/halo2_debug/src/lib.rs b/halo2_debug/src/lib.rs
new file mode 100644
index 0000000000..f8a6fc01ac
--- /dev/null
+++ b/halo2_debug/src/lib.rs
@@ -0,0 +1,36 @@
+use rand_core::block::BlockRng;
+use rand_core::block::BlockRngCore;
+use rand_core::OsRng;
+use tiny_keccak::Hasher;
+
+/// One number generator, that can be used as a deterministic Rng, outputing fixed values.
+pub struct OneNg {}
+
+impl BlockRngCore for OneNg {
+    type Item = u32;
+    type Results = [u32; 16];
+
+    fn generate(&mut self, results: &mut Self::Results) {
+        for elem in results.iter_mut() {
+            *elem = 1;
+        }
+    }
+}
+
+pub fn one_rng() -> BlockRng<OneNg> {
+    BlockRng::<OneNg>::new(OneNg {})
+}
+
+/// Random number generator for testing
+pub fn test_rng() -> OsRng {
+    OsRng
+}
+
+/// Gets the hex representation of the keccak hash of the input data
+pub fn keccak_hex<D: AsRef<[u8]>>(data: D) -> String {
+    let mut hash = [0u8; 32];
+    let mut hasher = tiny_keccak::Keccak::v256();
+    hasher.update(data.as_ref());
+    hasher.finalize(&mut hash);
+    hex::encode(hash)
+}
diff --git a/halo2_frontend/Cargo.toml b/halo2_frontend/Cargo.toml
index 3714c7dca7..b5fc50ad0e 100644
--- a/halo2_frontend/Cargo.toml
+++ b/halo2_frontend/Cargo.toml
@@ -60,7 +60,6 @@ bits = ["halo2curves/bits"]
 gadget-traces = ["backtrace"]
 thread-safe-region = []
 circuit-params = []
-heap-profiling = []
 cost-estimator = ["serde", "serde_derive"]
 derive_serde = ["halo2curves/derive_serde"]
 
diff --git a/halo2_proofs/Cargo.toml b/halo2_proofs/Cargo.toml
index a68f422934..d11ea7b2d0 100644
--- a/halo2_proofs/Cargo.toml
+++ b/halo2_proofs/Cargo.toml
@@ -61,6 +61,7 @@ gumdrop = "0.8"
 proptest = "1"
 dhat = "0.3.2"
 serde_json = "1"
+halo2_debug = { path = "../halo2_debug" }
 
 [target.'cfg(all(target_arch = "wasm32", target_os = "unknown"))'.dev-dependencies]
 getrandom = { version = "0.2", features = ["js"] }
@@ -81,9 +82,9 @@ thread-safe-region = ["halo2_frontend/thread-safe-region"]
 sanity-checks = ["halo2_backend/sanity-checks"]
 batch = ["rand_core/getrandom", "halo2_backend/batch"]
 circuit-params = ["halo2_frontend/circuit-params"]
-heap-profiling = ["halo2_frontend/heap-profiling"]
 cost-estimator = ["halo2_frontend/cost-estimator"]
 derive_serde = ["halo2curves/derive_serde", "halo2_frontend/derive_serde", "halo2_backend/derive_serde"]
+vector-tests = []
 
 [lib]
 bench = false
diff --git a/halo2_proofs/benches/plonk.rs b/halo2_proofs/benches/plonk.rs
index ac531f1c53..c35df32bc0 100644
--- a/halo2_proofs/benches/plonk.rs
+++ b/halo2_proofs/benches/plonk.rs
@@ -268,7 +268,7 @@ fn criterion_benchmark(c: &mut Criterion) {
     }
 
     fn keygen(k: u32) -> (ParamsIPA<EqAffine>, ProvingKey<EqAffine>) {
-        let params: ParamsIPA<EqAffine> = ParamsIPA::new(k);
+        let params: ParamsIPA<EqAffine> = ParamsIPA::new(k, OsRng);
         let empty_circuit: MyCircuit<Fp> = MyCircuit {
             a: Value::unknown(),
             k,
diff --git a/halo2_proofs/tests/compress_selectors.rs b/halo2_proofs/tests/compress_selectors.rs
index ec87354fc2..f8339883e0 100644
--- a/halo2_proofs/tests/compress_selectors.rs
+++ b/halo2_proofs/tests/compress_selectors.rs
@@ -10,6 +10,7 @@ use halo2_proofs::poly::Rotation;
 use halo2_backend::transcript::{
     Blake2bRead, Blake2bWrite, Challenge255, TranscriptReadBuffer, TranscriptWriterBuffer,
 };
+use halo2_debug::one_rng;
 use halo2_middleware::zal::impls::{H2cEngine, PlonkEngineConfig};
 use halo2_proofs::arithmetic::Field;
 use halo2_proofs::plonk::{
@@ -20,22 +21,6 @@ use halo2_proofs::poly::kzg::commitment::{KZGCommitmentScheme, ParamsKZG};
 use halo2_proofs::poly::kzg::multiopen::{ProverSHPLONK, VerifierSHPLONK};
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2curves::bn256::{Bn256, Fr, G1Affine};
-use rand_core::block::BlockRng;
-use rand_core::block::BlockRngCore;
-
-// One number generator, that can be used as a deterministic Rng, outputing fixed values.
-pub struct OneNg {}
-
-impl BlockRngCore for OneNg {
-    type Item = u32;
-    type Results = [u32; 16];
-
-    fn generate(&mut self, results: &mut Self::Results) {
-        for elem in results.iter_mut() {
-            *elem = 1;
-        }
-    }
-}
 
 #[derive(Debug, Clone)]
 struct MyCircuitConfig {
@@ -344,7 +329,7 @@ impl<F: Field> Circuit<F> for MyCircuit<F> {
 fn test_mycircuit(
     vk_keygen_compress_selectors: bool,
     pk_keygen_compress_selectors: bool,
-) -> Result<(), halo2_proofs::plonk::Error> {
+) -> Result<Vec<u8>, halo2_proofs::plonk::Error> {
     let engine = PlonkEngineConfig::new()
         .set_curve::<G1Affine>()
         .set_msm(H2cEngine::new())
@@ -357,7 +342,7 @@ fn test_mycircuit(
     };
 
     // Setup
-    let mut rng = BlockRng::new(OneNg {});
+    let mut rng = one_rng();
     let params = ParamsKZG::<Bn256>::setup(k, &mut rng);
     let verifier_params = params.verifier_params();
     let vk = keygen_vk_custom(&params, &circuit, vk_keygen_compress_selectors)?;
@@ -395,7 +380,9 @@ fn test_mycircuit(
         &[instances_slice],
         &mut verifier_transcript,
     )
-    .map_err(halo2_proofs::plonk::Error::Backend)
+    .map_err(halo2_proofs::plonk::Error::Backend)?;
+
+    Ok(proof)
 }
 
 /*
@@ -436,12 +423,24 @@ How the `compress_selectors` works in `MyCircuit` under the hood:
 */
 
 #[test]
-fn test_success() {
+fn test_success() -> Result<(), halo2_proofs::plonk::Error> {
     // vk & pk keygen both WITH compress
-    assert!(test_mycircuit(true, true).is_ok());
+    let _proof = test_mycircuit(true, true)?;
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "088a7a9782efb2b9518e3c181ab126c9d621feb83b61dc21c93aaf4acf1c818c",
+        halo2_debug::keccak_hex(_proof),
+    );
 
     // vk & pk keygen both WITHOUT compress
-    assert!(test_mycircuit(false, false).is_ok());
+    let _proof = test_mycircuit(false, false)?;
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "b799363093b85f956c9f68d001e99bd68901147dc4059eaf70f9cacbf02b6886",
+        halo2_debug::keccak_hex(_proof),
+    );
+
+    Ok(())
 }
 
 #[should_panic]
diff --git a/halo2_proofs/tests/frontend_backend_split.rs b/halo2_proofs/tests/frontend_backend_split.rs
index 127d8552e0..c2c95a72a7 100644
--- a/halo2_proofs/tests/frontend_backend_split.rs
+++ b/halo2_proofs/tests/frontend_backend_split.rs
@@ -1,10 +1,6 @@
 #![allow(clippy::many_single_char_names)]
 #![allow(clippy::op_ref)]
 
-#[cfg(feature = "heap-profiling")]
-#[global_allocator]
-static ALLOC: dhat::Alloc = dhat::Alloc;
-
 use halo2_backend::{
     plonk::{
         keygen::{keygen_pk, keygen_vk},
@@ -15,6 +11,7 @@ use halo2_backend::{
         Blake2bRead, Blake2bWrite, Challenge255, TranscriptReadBuffer, TranscriptWriterBuffer,
     },
 };
+use halo2_debug::one_rng;
 use halo2_frontend::{
     circuit::{
         compile_circuit, AssignedCell, Layouter, Region, SimpleFloorPlanner, Value,
@@ -470,22 +467,6 @@ use halo2_proofs::poly::kzg::commitment::{KZGCommitmentScheme, ParamsKZG};
 use halo2_proofs::poly::kzg::multiopen::{ProverSHPLONK, VerifierSHPLONK};
 use halo2_proofs::poly::kzg::strategy::SingleStrategy;
 use halo2curves::bn256::{Bn256, Fr, G1Affine};
-use rand_core::block::BlockRng;
-use rand_core::block::BlockRngCore;
-
-// One number generator, that can be used as a deterministic Rng, outputing fixed values.
-struct OneNg {}
-
-impl BlockRngCore for OneNg {
-    type Item = u32;
-    type Results = [u32; 16];
-
-    fn generate(&mut self, results: &mut Self::Results) {
-        for elem in results.iter_mut() {
-            *elem = 1;
-        }
-    }
-}
 
 #[test]
 fn test_mycircuit_mock() {
@@ -504,9 +485,6 @@ const WIDTH_FACTOR: usize = 1;
 
 #[test]
 fn test_mycircuit_full_legacy() {
-    #[cfg(all(feature = "heap-profiling", not(coverage)))]
-    let _profiler = dhat::Profiler::new_heap();
-
     use halo2_proofs::plonk::{
         create_proof, keygen_pk as keygen_pk_legacy, keygen_vk as keygen_vk_legacy,
     };
@@ -515,7 +493,7 @@ fn test_mycircuit_full_legacy() {
     let circuit: MyCircuit<Fr, WIDTH_FACTOR> = MyCircuit::new(k, 42);
 
     // Setup
-    let mut rng = BlockRng::new(OneNg {});
+    let mut rng = one_rng();
     let params = ParamsKZG::<Bn256>::setup(k, &mut rng);
     let start = Instant::now();
     let vk = keygen_vk_legacy(&params, &circuit).expect("keygen_vk should not fail");
@@ -559,25 +537,28 @@ fn test_mycircuit_full_legacy() {
     )
     .expect("verify succeeds");
     println!("Verify: {:?}", start.elapsed());
+
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "abd4d6d18640def2cb3e3b4de0afe61ec2c5e64705f4386e8f96468d110e9df9",
+        halo2_debug::keccak_hex(proof),
+    );
 }
 
 #[test]
 fn test_mycircuit_full_split() {
     use halo2_middleware::zal::impls::{H2cEngine, PlonkEngineConfig};
 
-    #[cfg(all(feature = "heap-profiling", not(coverage)))]
-    let _profiler = dhat::Profiler::new_heap();
-
     let engine = PlonkEngineConfig::new()
         .set_curve::<G1Affine>()
         .set_msm(H2cEngine::new())
         .build();
     let k = K;
     let circuit: MyCircuit<Fr, WIDTH_FACTOR> = MyCircuit::new(k, 42);
-    let (compiled_circuit, config, cs) = compile_circuit(k, &circuit, false).unwrap();
+    let (compiled_circuit, config, cs) = compile_circuit(k, &circuit, true).unwrap();
 
     // Setup
-    let mut rng = BlockRng::new(OneNg {});
+    let mut rng = one_rng();
     let params = ParamsKZG::<Bn256>::setup(k, &mut rng);
     let start = Instant::now();
     let vk = keygen_vk(&params, &compiled_circuit).expect("keygen_vk should not fail");
@@ -639,4 +620,10 @@ fn test_mycircuit_full_split() {
     )
     .expect("verify succeeds");
     println!("Verify: {:?}", start.elapsed());
+
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "abd4d6d18640def2cb3e3b4de0afe61ec2c5e64705f4386e8f96468d110e9df9",
+        halo2_debug::keccak_hex(proof),
+    );
 }
diff --git a/halo2_proofs/tests/plonk_api.rs b/halo2_proofs/tests/plonk_api.rs
index e44484e514..e6c30c126d 100644
--- a/halo2_proofs/tests/plonk_api.rs
+++ b/halo2_proofs/tests/plonk_api.rs
@@ -3,6 +3,7 @@
 
 use assert_matches::assert_matches;
 use ff::{FromUniformBytes, WithSmallOrderMulGroup};
+use halo2_debug::one_rng;
 use halo2_middleware::zal::{
     impls::{PlonkEngine, PlonkEngineConfig},
     traits::MsmAccel,
@@ -436,7 +437,7 @@ fn plonk_api() {
 
             // Check that we get an error if we try to initialize the proving key with a value of
             // k that is too small for the minimum required number of rows.
-            let much_too_small_params= <$scheme as CommitmentScheme>::ParamsProver::new(1);
+            let much_too_small_params= <$scheme as CommitmentScheme>::ParamsProver::new(1, OsRng);
             assert_matches!(
                 keygen_vk(&much_too_small_params, &empty_circuit),
                 Err(Error::Frontend(ErrorFront::NotEnoughRowsAvailable {
@@ -446,7 +447,7 @@ fn plonk_api() {
 
             // Check that we get an error if we try to initialize the proving key with a value of
             // k that is too small for the number of rows the circuit uses.
-            let slightly_too_small_params = <$scheme as CommitmentScheme>::ParamsProver::new(K-1);
+            let slightly_too_small_params = <$scheme as CommitmentScheme>::ParamsProver::new(K-1,OsRng);
             assert_matches!(
                 keygen_vk(&slightly_too_small_params, &empty_circuit),
                 Err(Error::Frontend(ErrorFront::NotEnoughRowsAvailable {
@@ -578,15 +579,16 @@ fn plonk_api() {
         use halo2curves::bn256::Bn256;
 
         type Scheme = KZGCommitmentScheme<Bn256>;
+
         bad_keys!(Scheme);
 
-        let params = ParamsKZG::<Bn256>::new(K);
-        let rng = OsRng;
+        let mut rng = one_rng();
 
+        let params = ParamsKZG::<Bn256>::new(K, &mut rng);
         let pk = keygen::<KZGCommitmentScheme<_>>(&params);
 
         let proof = create_proof::<_, ProverGWC<_>, _, _, Blake2bWrite<_, _, Challenge255<_>>>(
-            rng, &params, &pk,
+            &mut rng, &params, &pk,
         );
 
         let verifier_params = params.verifier_params();
@@ -598,6 +600,12 @@ fn plonk_api() {
             Blake2bRead<_, _, Challenge255<_>>,
             AccumulatorStrategy<_>,
         >(&verifier_params, pk.get_vk(), &proof[..]);
+
+        #[cfg(all(feature="vector-tests", not(coverage)))]
+        assert_eq!(
+            "fce5b7c977f643baeafb383f1793daa6795aeae3d708616381af0f6f8e4170f7",
+            halo2_debug::keccak_hex(proof),
+        );
     }
 
     fn test_plonk_api_shplonk() {
@@ -609,8 +617,8 @@ fn plonk_api() {
         type Scheme = KZGCommitmentScheme<Bn256>;
         bad_keys!(Scheme);
 
-        let params = ParamsKZG::<Bn256>::new(K);
-        let rng = OsRng;
+        let mut rng = one_rng();
+        let params = ParamsKZG::<Bn256>::new(K, &mut rng);
 
         let pk = keygen::<KZGCommitmentScheme<_>>(&params);
 
@@ -627,6 +635,12 @@ fn plonk_api() {
             Blake2bRead<_, _, Challenge255<_>>,
             AccumulatorStrategy<_>,
         >(&verifier_params, pk.get_vk(), &proof[..]);
+
+        #[cfg(all(feature="vector-tests", not(coverage)))]
+        assert_eq!(
+            "e0121d6d53892969fbf4e08ddc74c4cba02695b7c6421e62a30f9c30b8ae4ae6",
+            halo2_debug::keccak_hex(proof),
+        );
     }
 
     fn test_plonk_api_ipa() {
@@ -638,13 +652,13 @@ fn plonk_api() {
         type Scheme = IPACommitmentScheme<EqAffine>;
         bad_keys!(Scheme);
 
-        let params = ParamsIPA::<EqAffine>::new(K);
-        let rng = OsRng;
+        let mut rng = one_rng();
+        let params = ParamsIPA::<EqAffine>::new(K, &mut rng);
 
         let pk = keygen::<IPACommitmentScheme<EqAffine>>(&params);
 
         let proof = create_proof::<_, ProverIPA<_>, _, _, Blake2bWrite<_, _, Challenge255<_>>>(
-            rng, &params, &pk,
+            &mut rng, &params, &pk,
         );
 
         let verifier_params = params;
diff --git a/halo2_proofs/tests/serialization.rs b/halo2_proofs/tests/serialization.rs
index 93e98989e0..9ab31846cb 100644
--- a/halo2_proofs/tests/serialization.rs
+++ b/halo2_proofs/tests/serialization.rs
@@ -4,6 +4,7 @@ use std::{
 };
 
 use ff::Field;
+use halo2_debug::one_rng;
 use halo2_proofs::{
     circuit::{Layouter, SimpleFloorPlanner, Value},
     plonk::{
@@ -24,7 +25,6 @@ use halo2_proofs::{
     SerdeFormat,
 };
 use halo2curves::bn256::{Bn256, Fr, G1Affine};
-use rand_core::OsRng;
 
 #[derive(Clone, Copy)]
 struct StandardPlonkConfig {
@@ -131,8 +131,11 @@ impl Circuit<Fr> for StandardPlonk {
 #[test]
 fn test_serialization() {
     let k = 4;
-    let circuit = StandardPlonk(Fr::random(OsRng));
-    let params = ParamsKZG::<Bn256>::setup(k, OsRng);
+
+    let mut rng = one_rng();
+
+    let circuit = StandardPlonk(Fr::random(&mut rng));
+    let params = ParamsKZG::<Bn256>::setup(k, &mut rng);
     let compress_selectors = true;
     let vk = keygen_vk_custom(&params, &circuit, compress_selectors).expect("vk should not fail");
     let pk = keygen_pk(&params, vk, &circuit).expect("pk should not fail");
@@ -165,14 +168,7 @@ fn test_serialization() {
         _,
         Blake2bWrite<Vec<u8>, G1Affine, Challenge255<_>>,
         _,
-    >(
-        &params,
-        &pk,
-        &[circuit],
-        &[instances],
-        OsRng,
-        &mut transcript,
-    )
+    >(&params, &pk, &[circuit], &[instances], rng, &mut transcript)
     .expect("prover should not fail");
     let proof = transcript.finalize();
 
@@ -193,4 +189,10 @@ fn test_serialization() {
         &mut transcript
     )
     .is_ok());
+
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "42d69881fc453fc9eac7cb51487cf98ac049db97bae0ce05338917d18d99ef21",
+        halo2_debug::keccak_hex(proof),
+    )
 }
diff --git a/halo2_proofs/tests/shuffle.rs b/halo2_proofs/tests/shuffle.rs
index 7ecfb49edc..6e1914ed9d 100644
--- a/halo2_proofs/tests/shuffle.rs
+++ b/halo2_proofs/tests/shuffle.rs
@@ -1,4 +1,5 @@
 use ff::{BatchInvert, FromUniformBytes};
+use halo2_debug::one_rng;
 use halo2_proofs::{
     arithmetic::{CurveAffine, Field},
     circuit::{floor_planner::V1, Layouter, Value},
@@ -18,7 +19,8 @@ use halo2_proofs::{
         Blake2bRead, Blake2bWrite, Challenge255, TranscriptReadBuffer, TranscriptWriterBuffer,
     },
 };
-use rand_core::{OsRng, RngCore};
+use rand_chacha::ChaCha20Rng;
+use rand_core::{RngCore, SeedableRng};
 use std::iter;
 
 fn rand_2d_array<F: Field, R: RngCore, const W: usize, const H: usize>(rng: &mut R) -> [[F; H]; W] {
@@ -273,10 +275,13 @@ fn test_prover<C: CurveAffine, const W: usize, const H: usize>(
     k: u32,
     circuit: MyCircuit<C::Scalar, W, H>,
     expected: bool,
-) where
+) -> Vec<u8>
+where
     C::Scalar: FromUniformBytes<64>,
 {
-    let params = ParamsIPA::<C>::new(k);
+    let mut rng = one_rng();
+
+    let params = ParamsIPA::<C>::new(k, &mut rng);
     let vk = keygen_vk(&params, &circuit).unwrap();
     let pk = keygen_pk(&params, vk, &circuit).unwrap();
 
@@ -288,7 +293,7 @@ fn test_prover<C: CurveAffine, const W: usize, const H: usize>(
             &pk,
             &[circuit],
             &[&[]],
-            OsRng,
+            rng,
             &mut transcript,
         )
         .expect("proof generation should not fail");
@@ -312,6 +317,8 @@ fn test_prover<C: CurveAffine, const W: usize, const H: usize>(
     };
 
     assert_eq!(accepted, expected);
+
+    proof
 }
 
 #[test]
@@ -320,11 +327,18 @@ fn test_shuffle() {
     const H: usize = 32;
     const K: u32 = 8;
 
-    let circuit = &MyCircuit::<_, W, H>::rand(&mut OsRng);
+    let mut shuffle_rng = ChaCha20Rng::seed_from_u64(0xdeadbeef);
+    let circuit = &MyCircuit::<_, W, H>::rand(&mut shuffle_rng);
 
     {
         test_mock_prover(K, circuit.clone(), Ok(()));
-        test_prover::<EqAffine, W, H>(K, circuit.clone(), true);
+        let _proof = test_prover::<EqAffine, W, H>(K, circuit.clone(), true);
+
+        #[cfg(all(feature="vector-tests", not(coverage)))]
+        assert_eq!(
+            "deeffa8f048fedfaf412b39484899714e46d08ed349c767341c8d6373ba25edc",
+            halo2_debug::keccak_hex(_proof),
+        );
     }
 
     #[cfg(not(feature = "sanity-checks"))]
@@ -348,6 +362,11 @@ fn test_shuffle() {
                 },
             )]),
         );
-        test_prover::<EqAffine, W, H>(K, circuit, false);
+        let _proof = test_prover::<EqAffine, W, H>(K, circuit, false);
+        #[cfg(all(feature="vector-tests", not(coverage)))]
+        assert_eq!(
+            "0b4e97f2d561fae56fe893333eba2df5228c78e80f8bd7c509d4d40d127dff92",
+            halo2_debug::keccak_hex(_proof),
+        );
     }
 }
diff --git a/halo2_proofs/tests/shuffle_api.rs b/halo2_proofs/tests/shuffle_api.rs
index e7034e6f36..e56b3be620 100644
--- a/halo2_proofs/tests/shuffle_api.rs
+++ b/halo2_proofs/tests/shuffle_api.rs
@@ -1,6 +1,7 @@
 use std::{marker::PhantomData, vec};
 
 use ff::FromUniformBytes;
+use halo2_debug::{keccak_hex, one_rng};
 use halo2_proofs::{
     arithmetic::Field,
     circuit::{Layouter, SimpleFloorPlanner, Value},
@@ -23,7 +24,6 @@ use halo2_proofs::{
     },
 };
 use halo2curves::{pasta::EqAffine, CurveAffine};
-use rand_core::OsRng;
 
 struct ShuffleChip<F: Field> {
     config: ShuffleConfig,
@@ -148,11 +148,13 @@ impl<F: Field> Circuit<F> for MyCircuit<F> {
     }
 }
 
-fn test_prover<C: CurveAffine>(k: u32, circuit: MyCircuit<C::Scalar>, expected: bool)
+fn test_prover<C: CurveAffine>(k: u32, circuit: MyCircuit<C::Scalar>, expected: bool) -> Vec<u8>
 where
     C::Scalar: FromUniformBytes<64>,
 {
-    let params = ParamsIPA::<C>::new(k);
+    let mut rng = one_rng();
+
+    let params = ParamsIPA::<C>::new(k, &mut rng);
     let vk = keygen_vk(&params, &circuit).unwrap();
     let pk = keygen_pk(&params, vk, &circuit).unwrap();
 
@@ -164,7 +166,7 @@ where
             &pk,
             &[circuit],
             &[&[]],
-            OsRng,
+            rng,
             &mut transcript,
         )
         .expect("proof generation should not fail");
@@ -188,6 +190,8 @@ where
     };
 
     assert_eq!(accepted, expected);
+
+    proof
 }
 
 #[test]
@@ -213,5 +217,11 @@ fn test_shuffle_api() {
     };
     let prover = MockProver::run(K, &circuit, vec![]).unwrap();
     prover.assert_satisfied();
-    test_prover::<EqAffine>(K, circuit, true);
+    let _proof = test_prover::<EqAffine>(K, circuit, true);
+
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "6f9141496227a467b91395cbc601c69764660ce6aac5624e319119887ce0453c",
+        keccak_hex(_proof),
+    );
 }
diff --git a/halo2_proofs/tests/vector-ops-unblinded.rs b/halo2_proofs/tests/vector-ops-unblinded.rs
index 01c24fef4d..60caf61aed 100644
--- a/halo2_proofs/tests/vector-ops-unblinded.rs
+++ b/halo2_proofs/tests/vector-ops-unblinded.rs
@@ -4,6 +4,7 @@
 use std::marker::PhantomData;
 
 use ff::FromUniformBytes;
+use halo2_debug::{keccak_hex, one_rng};
 use halo2_proofs::{
     arithmetic::{CurveAffine, Field},
     circuit::{AssignedCell, Chip, Layouter, Region, SimpleFloorPlanner, Value},
@@ -21,7 +22,6 @@ use halo2_proofs::{
         Blake2bRead, Blake2bWrite, Challenge255, TranscriptReadBuffer, TranscriptWriterBuffer,
     },
 };
-use rand_core::OsRng;
 
 // ANCHOR: instructions
 trait NumericInstructions<F: Field>: Chip<F> {
@@ -475,7 +475,9 @@ fn test_prover<C: CurveAffine>(
 where
     C::Scalar: FromUniformBytes<64>,
 {
-    let params = ParamsIPA::<C>::new(k);
+    let mut rng = one_rng();
+
+    let params = ParamsIPA::<C>::new(k, &mut rng);
     let vk = keygen_vk(&params, &circuit).unwrap();
     let pk = keygen_pk(&params, vk, &circuit).unwrap();
 
@@ -487,7 +489,7 @@ where
             &pk,
             &[circuit],
             &[&[&instances]],
-            OsRng,
+            rng,
             &mut transcript,
         )
         .expect("proof generation should not fail");
@@ -545,8 +547,19 @@ fn test_vector_ops_unbinded() {
 
     // the commitments will be the first columns of the proof transcript so we can compare them easily
     let proof_1 = test_prover::<halo2curves::pasta::EqAffine>(k, mul_circuit, true, c_mul);
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "99d6cadd2596dce8dc8918907ba9cb051a5d9775f9fb7ed6ac51cc75e41e6da4",
+        keccak_hex(&proof_1),
+    );
+
     // the commitments will be the first columns of the proof transcript so we can compare them easily
     let proof_2 = test_prover::<halo2curves::pasta::EqAffine>(k, add_circuit, true, c_add);
+    #[cfg(all(feature="vector-tests", not(coverage)))]
+    assert_eq!(
+        "159fe77867a8ee7e1cac1da22d375e864816bbbbb0b8b1d6f2ace241b35c115a",
+        keccak_hex(&proof_2),
+    );
 
     // the commitments will be the first columns of the proof transcript so we can compare them easily
     // here we compare the first 10 bytes of the commitments
diff --git a/test.sh b/test.sh
new file mode 100755
index 0000000000..bf1805a5c4
--- /dev/null
+++ b/test.sh
@@ -0,0 +1,36 @@
+cargo test --release -- test_mycircuit_full_legacy >/dev/null 2>/dev/null
+if [ $? -eq 0 ]; then
+    echo TEST RELEASE DEFAULT-FEATURES -- OK
+else
+    echo TEST RELEASE DEFAULT-FEATURES -- FAIL
+fi
+cargo test --release --all-features -- test_mycircuit_full_legacy >/dev/null 2>/dev/null
+if [ $? -eq 0 ]; then
+    echo TEST RELEASE ALL-FEATURES -- OK
+else
+    echo TEST RELEASE ALL-FEATURES -- FAIL
+fi
+cargo test -- test_mycircuit_full_legacy >/dev/null 2>/dev/null
+if [ $? -eq 0 ]; then
+    echo TEST DEBUG DEFAULT-FEATURES -- OK
+else
+    echo TEST DEBUG DEFAULT-FEATURES -- FAIL
+fi
+cargo test --all-features -- test_mycircuit_full_legacy >/dev/null 2>/dev/null
+if [ $? -eq 0 ]; then
+    echo TEST DEBUG ALL-FEATURES -- OK
+else
+    echo TEST DEBUG ALL-FEATURES -- FAIL
+fi
+cargo llvm-cov --default-features -- test_mycircuit_full_legacy >/dev/null 2>/dev/null
+if [ $? -eq 0 ]; then
+    echo LLVMCOV DEFAULT-FEATURES -- OK
+else
+    echo LLVMCOV DEFAULT-FEATURES -- FAIL
+fi
+cargo llvm-cov --all-features -- test_mycircuit_full_legacy >/dev/null 2>/dev/null
+if [ $? -eq 0 ]; then
+    echo LLVMCOV ALL-FEATURES -- OK
+else
+    echo LLVMCOV ALL-FEATURES -- FAIL
+fi