From a1c749e6a0f80af531b89fac46e7caa1ae3a5779 Mon Sep 17 00:00:00 2001 From: Sean Bowe Date: Tue, 20 Feb 2018 18:12:27 -0700 Subject: [PATCH] Change fixed-base exponentiation API to handle scalars better. --- src/circuit/mont.rs | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/src/circuit/mont.rs b/src/circuit/mont.rs index b470a6c..48e419e 100644 --- a/src/circuit/mont.rs +++ b/src/circuit/mont.rs @@ -44,8 +44,7 @@ impl Clone for EdwardsPoint { } /// Perform a fixed-base scalar multiplication with -/// `by` being in little-endian bit order. `by` must -/// be a multiple of 3. +/// `by` being in little-endian bit order. pub fn fixed_base_multiplication( mut cs: CS, base: FixedGenerators, @@ -55,11 +54,6 @@ pub fn fixed_base_multiplication( where CS: ConstraintSystem, E: JubjubEngine { - // We're going to chunk the scalar into 3-bit windows, - // so let's force the caller to supply the right number - // of bits for our lookups. - assert!(by.len() % 3 == 0); - // Represents the result of the multiplication let mut result = None; @@ -67,9 +61,13 @@ pub fn fixed_base_multiplication( .zip(params.circuit_generators(base).iter()) .enumerate() { + let chunk_a = chunk.get(0).map(|e| e.clone()).unwrap_or(Boolean::constant(false)); + let chunk_b = chunk.get(1).map(|e| e.clone()).unwrap_or(Boolean::constant(false)); + let chunk_c = chunk.get(2).map(|e| e.clone()).unwrap_or(Boolean::constant(false)); + let (x, y) = lookup3_xy( cs.namespace(|| format!("window table lookup {}", i)), - chunk, + &[chunk_a, chunk_b, chunk_c], window )?;