mirror of https://github.com/zcash/halo2.git
feat: public cells to allow for implementations of custom `Layouter` (#192)
* feat: public cells * Update mds.rs * Update mds.rs * Update single_pass.rs Co-authored-by: Han <tinghan0110@gmail.com> * bump toolchain to resolve errors * fix clippy errors for CI run * rustfmt post clippy * plz let it be the last lint * patch clippy lints in gadgets * clippy lints for sha256 bench * patch halo2proof benches * Update assigned.rs * Update halo2_gadgets/src/poseidon/primitives/mds.rs Co-authored-by: Han <tinghan0110@gmail.com> * Update halo2_gadgets/src/poseidon/primitives/mds.rs Co-authored-by: Han <tinghan0110@gmail.com> --------- Co-authored-by: Han <tinghan0110@gmail.com>
This commit is contained in:
dante
GitHub
parent
f3487575f0
commit
0f000478f4
|
|
@ -135,7 +135,7 @@ impl<const WIDTH: usize, const RATE: usize> Spec<Fp, WIDTH, RATE> for MySpec<WID
|
|||
}
|
||||
|
||||
fn sbox(val: Fp) -> Fp {
|
||||
val.pow_vartime(&[5])
|
||||
val.pow_vartime([5])
|
||||
}
|
||||
|
||||
fn secure_mds() -> usize {
|
||||
|
|
|
|||
|
|
@ -90,18 +90,18 @@ fn bench(name: &str, k: u32, c: &mut Criterion) {
|
|||
|
||||
// Initialize the polynomial commitment parameters
|
||||
let params_path = Path::new("./benches/sha256_assets/sha256_params");
|
||||
if File::open(¶ms_path).is_err() {
|
||||
if File::open(params_path).is_err() {
|
||||
let params: ParamsIPA<EqAffine> = ParamsIPA::new(k);
|
||||
let mut buf = Vec::new();
|
||||
|
||||
params.write(&mut buf).expect("Failed to write params");
|
||||
let mut file = File::create(¶ms_path).expect("Failed to create sha256_params");
|
||||
let mut file = File::create(params_path).expect("Failed to create sha256_params");
|
||||
|
||||
file.write_all(&buf[..])
|
||||
.expect("Failed to write params to file");
|
||||
}
|
||||
|
||||
let params_fs = File::open(¶ms_path).expect("couldn't load sha256_params");
|
||||
let params_fs = File::open(params_path).expect("couldn't load sha256_params");
|
||||
let params: ParamsIPA<EqAffine> =
|
||||
ParamsIPA::read::<_>(&mut BufReader::new(params_fs)).expect("Failed to read params");
|
||||
|
||||
|
|
@ -128,7 +128,7 @@ fn bench(name: &str, k: u32, c: &mut Criterion) {
|
|||
|
||||
// Create a proof
|
||||
let proof_path = Path::new("./benches/sha256_assets/sha256_proof");
|
||||
if File::open(&proof_path).is_err() {
|
||||
if File::open(proof_path).is_err() {
|
||||
let mut transcript = Blake2bWrite::<_, _, Challenge255<_>>::init(vec![]);
|
||||
create_proof::<IPACommitmentScheme<_>, ProverIPA<_>, _, _, _, _>(
|
||||
¶ms,
|
||||
|
|
@ -140,11 +140,11 @@ fn bench(name: &str, k: u32, c: &mut Criterion) {
|
|||
)
|
||||
.expect("proof generation should not fail");
|
||||
let proof: Vec<u8> = transcript.finalize();
|
||||
let mut file = File::create(&proof_path).expect("Failed to create sha256_proof");
|
||||
let mut file = File::create(proof_path).expect("Failed to create sha256_proof");
|
||||
file.write_all(&proof[..]).expect("Failed to write proof");
|
||||
}
|
||||
|
||||
let mut proof_fs = File::open(&proof_path).expect("couldn't load sha256_proof");
|
||||
let mut proof_fs = File::open(proof_path).expect("couldn't load sha256_proof");
|
||||
let mut proof = Vec::<u8>::new();
|
||||
proof_fs
|
||||
.read_to_end(&mut proof)
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ fn compute_window_table<C: CurveAffine>(base: C, num_windows: usize) -> Vec<[C;
|
|||
.map(|k| {
|
||||
// scalar = (k+2)*(8^w)
|
||||
let scalar = C::Scalar::from(k as u64 + 2)
|
||||
* C::Scalar::from(H as u64).pow(&[w as u64, 0, 0, 0]);
|
||||
* C::Scalar::from(H as u64).pow([w as u64, 0, 0, 0]);
|
||||
(base * scalar).to_affine()
|
||||
})
|
||||
.collect::<ArrayVec<C, H>>()
|
||||
|
|
@ -62,14 +62,14 @@ fn compute_window_table<C: CurveAffine>(base: C, num_windows: usize) -> Vec<[C;
|
|||
// For the last window, we compute [k * (2^3)^w - sum]B, where sum is defined
|
||||
// as sum = \sum_{j = 0}^{`num_windows - 2`} 2^{3j+1}
|
||||
let sum = (0..(num_windows - 1)).fold(C::Scalar::ZERO, |acc, j| {
|
||||
acc + C::Scalar::from(2).pow(&[FIXED_BASE_WINDOW_SIZE as u64 * j as u64 + 1, 0, 0, 0])
|
||||
acc + C::Scalar::from(2).pow([FIXED_BASE_WINDOW_SIZE as u64 * j as u64 + 1, 0, 0, 0])
|
||||
});
|
||||
window_table.push(
|
||||
(0..H)
|
||||
.map(|k| {
|
||||
// scalar = k * (2^3)^w - sum, where w = `num_windows - 1`
|
||||
let scalar = C::Scalar::from(k as u64)
|
||||
* C::Scalar::from(H as u64).pow(&[(num_windows - 1) as u64, 0, 0, 0])
|
||||
* C::Scalar::from(H as u64).pow([(num_windows - 1) as u64, 0, 0, 0])
|
||||
- sum;
|
||||
(base * scalar).to_affine()
|
||||
})
|
||||
|
|
@ -197,7 +197,7 @@ pub fn test_lagrange_coeffs<C: CurveAffine>(base: C, num_windows: usize) {
|
|||
// Compute the actual x-coordinate of the multiple [(k+2)*(8^w)]B.
|
||||
let point = base
|
||||
* C::Scalar::from(bits as u64 + 2)
|
||||
* C::Scalar::from(H as u64).pow(&[idx as u64, 0, 0, 0]);
|
||||
* C::Scalar::from(H as u64).pow([idx as u64, 0, 0, 0]);
|
||||
let x = *point.to_affine().coordinates().unwrap().x();
|
||||
|
||||
// Check that the interpolated x-coordinate matches the actual one.
|
||||
|
|
@ -214,10 +214,10 @@ pub fn test_lagrange_coeffs<C: CurveAffine>(base: C, num_windows: usize) {
|
|||
// Compute the actual x-coordinate of the multiple [k * (8^84) - offset]B,
|
||||
// where offset = \sum_{j = 0}^{83} 2^{3j+1}
|
||||
let offset = (0..(num_windows - 1)).fold(C::Scalar::ZERO, |acc, w| {
|
||||
acc + C::Scalar::from(2).pow(&[FIXED_BASE_WINDOW_SIZE as u64 * w as u64 + 1, 0, 0, 0])
|
||||
acc + C::Scalar::from(2).pow([FIXED_BASE_WINDOW_SIZE as u64 * w as u64 + 1, 0, 0, 0])
|
||||
});
|
||||
let scalar = C::Scalar::from(bits as u64)
|
||||
* C::Scalar::from(H as u64).pow(&[(num_windows - 1) as u64, 0, 0, 0])
|
||||
* C::Scalar::from(H as u64).pow([(num_windows - 1) as u64, 0, 0, 0])
|
||||
- offset;
|
||||
let point = base * scalar;
|
||||
let x = *point.to_affine().coordinates().unwrap().x();
|
||||
|
|
|
|||
|
|
@ -372,7 +372,7 @@ impl<FixedPoints: super::FixedPoints<pallas::Affine>> Config<FixedPoints> {
|
|||
base: &F,
|
||||
) -> Result<NonIdentityEccPoint, Error> {
|
||||
// `scalar = [(k_w + 2) ⋅ 8^w]
|
||||
let scalar = k.map(|k| (k + *TWO_SCALAR) * (*H_SCALAR).pow(&[w as u64, 0, 0, 0]));
|
||||
let scalar = k.map(|k| (k + *TWO_SCALAR) * (*H_SCALAR).pow([w as u64, 0, 0, 0]));
|
||||
|
||||
self.process_window::<_, NUM_WINDOWS>(region, offset, w, k_usize, scalar, base)
|
||||
}
|
||||
|
|
@ -389,12 +389,12 @@ impl<FixedPoints: super::FixedPoints<pallas::Affine>> Config<FixedPoints> {
|
|||
|
||||
// offset_acc = \sum_{j = 0}^{NUM_WINDOWS - 2} 2^{FIXED_BASE_WINDOW_SIZE*j + 1}
|
||||
let offset_acc = (0..(NUM_WINDOWS - 1)).fold(pallas::Scalar::zero(), |acc, w| {
|
||||
acc + (*TWO_SCALAR).pow(&[FIXED_BASE_WINDOW_SIZE as u64 * w as u64 + 1, 0, 0, 0])
|
||||
acc + (*TWO_SCALAR).pow([FIXED_BASE_WINDOW_SIZE as u64 * w as u64 + 1, 0, 0, 0])
|
||||
});
|
||||
|
||||
// `scalar = [k * 8^(NUM_WINDOWS - 1) - offset_acc]`.
|
||||
let scalar = scalar.windows_field()[scalar.windows_field().len() - 1]
|
||||
.map(|k| k * (*H_SCALAR).pow(&[(NUM_WINDOWS - 1) as u64, 0, 0, 0]) - offset_acc);
|
||||
.map(|k| k * (*H_SCALAR).pow([(NUM_WINDOWS - 1) as u64, 0, 0, 0]) - offset_acc);
|
||||
|
||||
self.process_window::<_, NUM_WINDOWS>(
|
||||
region,
|
||||
|
|
@ -490,7 +490,7 @@ impl ScalarFixed {
|
|||
.by_vals()
|
||||
.take(FIXED_BASE_WINDOW_SIZE)
|
||||
.rev()
|
||||
.fold(0, |acc, b| 2 * acc + if b { 1 } else { 0 })
|
||||
.fold(0, |acc, b| 2 * acc + usize::from(b))
|
||||
})
|
||||
})
|
||||
.collect::<Vec<_>>()
|
||||
|
|
|
|||
|
|
@ -444,7 +444,7 @@ impl<F: Field, const WIDTH: usize> Pow5State<F, WIDTH> {
|
|||
.value()
|
||||
.map(|v| *v + config.round_constants[round][idx])
|
||||
});
|
||||
let r: Value<Vec<F>> = q.map(|q| q.map(|q| q.pow(&config.alpha))).collect();
|
||||
let r: Value<Vec<F>> = q.map(|q| q.map(|q| q.pow(config.alpha))).collect();
|
||||
let m = &config.m_reg;
|
||||
let state = m.iter().map(|m_i| {
|
||||
r.as_ref().map(|r| {
|
||||
|
|
@ -470,7 +470,7 @@ impl<F: Field, const WIDTH: usize> Pow5State<F, WIDTH> {
|
|||
let p: Value<Vec<_>> = self.0.iter().map(|word| word.0.value().cloned()).collect();
|
||||
|
||||
let r: Value<Vec<_>> = p.map(|p| {
|
||||
let r_0 = (p[0] + config.round_constants[round][0]).pow(&config.alpha);
|
||||
let r_0 = (p[0] + config.round_constants[round][0]).pow(config.alpha);
|
||||
let r_i = p[1..]
|
||||
.iter()
|
||||
.enumerate()
|
||||
|
|
@ -510,7 +510,7 @@ impl<F: Field, const WIDTH: usize> Pow5State<F, WIDTH> {
|
|||
}
|
||||
|
||||
let r_mid: Value<Vec<_>> = p_mid.map(|p| {
|
||||
let r_0 = (p[0] + config.round_constants[round + 1][0]).pow(&config.alpha);
|
||||
let r_0 = (p[0] + config.round_constants[round + 1][0]).pow(config.alpha);
|
||||
let r_i = p[1..]
|
||||
.iter()
|
||||
.enumerate()
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ impl Spec<Fp, 3, 2> for P128Pow5T3 {
|
|||
}
|
||||
|
||||
fn sbox(val: Fp) -> Fp {
|
||||
val.pow_vartime(&[5])
|
||||
val.pow_vartime([5])
|
||||
}
|
||||
|
||||
fn secure_mds() -> usize {
|
||||
|
|
@ -48,7 +48,7 @@ impl Spec<Fq, 3, 2> for P128Pow5T3 {
|
|||
}
|
||||
|
||||
fn sbox(val: Fq) -> Fq {
|
||||
val.pow_vartime(&[5])
|
||||
val.pow_vartime([5])
|
||||
}
|
||||
|
||||
fn secure_mds() -> usize {
|
||||
|
|
|
|||
|
|
@ -23,11 +23,10 @@ fn rand_poly_par(mut rng: ChaCha20Rng, domain: usize) -> Vec<Scalar> {
|
|||
// Sample a random polynomial of degree n - 1
|
||||
let n_threads = current_num_threads();
|
||||
let n = 1usize << domain;
|
||||
let n_chunks = n_threads + if n % n_threads != 0 { 1 } else { 0 };
|
||||
let n_chunks = n_threads + usize::from(n % n_threads != 0);
|
||||
let mut rand_vec = vec![Scalar::zero(); n];
|
||||
|
||||
let mut thread_seeds: Vec<ChaCha20Rng> = (0..n_chunks)
|
||||
.into_iter()
|
||||
.map(|_| {
|
||||
let mut seed = [0u8; 32];
|
||||
rng.fill_bytes(&mut seed);
|
||||
|
|
|
|||
|
|
@ -195,7 +195,7 @@ pub fn best_fft<Scalar: Field, G: FftGroup<Scalar>>(a: &mut [G], omega: Scalar,
|
|||
|
||||
let threads = multicore::current_num_threads();
|
||||
let log_threads = log2_floor(threads);
|
||||
let n = a.len() as usize;
|
||||
let n = a.len();
|
||||
assert_eq!(n, 1 << log_n);
|
||||
|
||||
for k in 0..n {
|
||||
|
|
@ -206,7 +206,7 @@ pub fn best_fft<Scalar: Field, G: FftGroup<Scalar>>(a: &mut [G], omega: Scalar,
|
|||
}
|
||||
|
||||
// precompute twiddle factors
|
||||
let twiddles: Vec<_> = (0..(n / 2) as usize)
|
||||
let twiddles: Vec<_> = (0..(n / 2))
|
||||
.scan(Scalar::ONE, |w, _| {
|
||||
let tw = *w;
|
||||
*w *= ω
|
||||
|
|
@ -216,7 +216,7 @@ pub fn best_fft<Scalar: Field, G: FftGroup<Scalar>>(a: &mut [G], omega: Scalar,
|
|||
|
||||
if log_n <= log_threads {
|
||||
let mut chunk = 2_usize;
|
||||
let mut twiddle_chunk = (n / 2) as usize;
|
||||
let mut twiddle_chunk = n / 2;
|
||||
for _ in 0..log_n {
|
||||
a.chunks_mut(chunk).for_each(|coeffs| {
|
||||
let (left, right) = coeffs.split_at_mut(chunk / 2);
|
||||
|
|
@ -290,7 +290,7 @@ pub fn recursive_butterfly_arithmetic<Scalar: Field, G: FftGroup<Scalar>>(
|
|||
|
||||
/// Convert coefficient bases group elements to lagrange basis by inverse FFT.
|
||||
pub fn g_to_lagrange<C: CurveAffine>(g_projective: Vec<C::Curve>, k: u32) -> Vec<C> {
|
||||
let n_inv = C::Scalar::TWO_INV.pow_vartime(&[k as u64, 0, 0, 0]);
|
||||
let n_inv = C::Scalar::TWO_INV.pow_vartime([k as u64, 0, 0, 0]);
|
||||
let mut omega_inv = C::Scalar::ROOT_OF_UNITY_INV;
|
||||
for _ in k..C::Scalar::S {
|
||||
omega_inv = omega_inv.square();
|
||||
|
|
@ -335,7 +335,7 @@ pub fn eval_polynomial<F: Field>(poly: &[F], point: F) -> F {
|
|||
{
|
||||
scope.spawn(move |_| {
|
||||
let start = chunk_idx * chunk_size;
|
||||
out[0] = evaluate(poly, point) * point.pow_vartime(&[start as u64, 0, 0, 0]);
|
||||
out[0] = evaluate(poly, point) * point.pow_vartime([start as u64, 0, 0, 0]);
|
||||
});
|
||||
}
|
||||
});
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ pub use value::Value;
|
|||
|
||||
pub mod floor_planner;
|
||||
pub use floor_planner::single_pass::SimpleFloorPlanner;
|
||||
pub use floor_planner::single_pass::SimpleTableLayouter;
|
||||
|
||||
pub mod layouter;
|
||||
|
||||
|
|
@ -87,11 +88,11 @@ impl std::ops::Deref for RegionStart {
|
|||
#[derive(Clone, Copy, Debug)]
|
||||
pub struct Cell {
|
||||
/// Identifies the region in which this cell resides.
|
||||
region_index: RegionIndex,
|
||||
pub region_index: RegionIndex,
|
||||
/// The relative offset of this cell within its region.
|
||||
row_offset: usize,
|
||||
pub row_offset: usize,
|
||||
/// The column of this cell.
|
||||
column: Column<Any>,
|
||||
pub column: Column<Any>,
|
||||
}
|
||||
|
||||
/// An assigned cell.
|
||||
|
|
|
|||
|
|
@ -398,11 +398,12 @@ impl<'r, 'a, F: Field, CS: Assignment<F> + 'a + SyncDeps> RegionLayouter<F>
|
|||
/// witnesses or not.
|
||||
type DefaultTableValue<F> = Option<Value<Assigned<F>>>;
|
||||
|
||||
pub(crate) struct SimpleTableLayouter<'r, 'a, F: Field, CS: Assignment<F> + 'a> {
|
||||
/// A table layouter that can be used to assign values to a table.
|
||||
pub struct SimpleTableLayouter<'r, 'a, F: Field, CS: Assignment<F> + 'a> {
|
||||
cs: &'a mut CS,
|
||||
used_columns: &'r [TableColumn],
|
||||
// maps from a fixed column to a pair (default value, vector saying which rows are assigned)
|
||||
pub(crate) default_and_assigned: HashMap<TableColumn, (DefaultTableValue<F>, Vec<bool>)>,
|
||||
/// maps from a fixed column to a pair (default value, vector saying which rows are assigned)
|
||||
pub default_and_assigned: HashMap<TableColumn, (DefaultTableValue<F>, Vec<bool>)>,
|
||||
}
|
||||
|
||||
impl<'r, 'a, F: Field, CS: Assignment<F> + 'a> fmt::Debug for SimpleTableLayouter<'r, 'a, F, CS> {
|
||||
|
|
@ -415,7 +416,8 @@ impl<'r, 'a, F: Field, CS: Assignment<F> + 'a> fmt::Debug for SimpleTableLayoute
|
|||
}
|
||||
|
||||
impl<'r, 'a, F: Field, CS: Assignment<F> + 'a> SimpleTableLayouter<'r, 'a, F, CS> {
|
||||
pub(crate) fn new(cs: &'a mut CS, used_columns: &'r [TableColumn]) -> Self {
|
||||
/// Returns a new SimpleTableLayouter
|
||||
pub fn new(cs: &'a mut CS, used_columns: &'r [TableColumn]) -> Self {
|
||||
SimpleTableLayouter {
|
||||
cs,
|
||||
used_columns,
|
||||
|
|
|
|||
|
|
@ -81,8 +81,8 @@ impl FloorPlanner for V1 {
|
|||
|
||||
// - Determine how many rows our planned circuit will require.
|
||||
let first_unassigned_row = column_allocations
|
||||
.iter()
|
||||
.map(|(_, a)| a.unbounded_interval_start())
|
||||
.values()
|
||||
.map(|a| a.unbounded_interval_start())
|
||||
.max()
|
||||
.unwrap_or(0);
|
||||
|
||||
|
|
|
|||
|
|
@ -797,11 +797,7 @@ impl<F: FromUniformBytes<64> + Ord> MockProver<F> {
|
|||
.flat_map(|(gate_index, gate)| {
|
||||
let blinding_rows =
|
||||
(self.n as usize - (self.cs.blinding_factors() + 1))..(self.n as usize);
|
||||
(gate_row_ids
|
||||
.clone()
|
||||
.into_iter()
|
||||
.chain(blinding_rows.into_iter()))
|
||||
.flat_map(move |row| {
|
||||
(gate_row_ids.clone().chain(blinding_rows.into_iter())).flat_map(move |row| {
|
||||
let row = row as i32 + n;
|
||||
gate.polynomials().iter().enumerate().filter_map(
|
||||
move |(poly_index, poly)| match poly.evaluate_lazy(
|
||||
|
|
@ -955,7 +951,6 @@ impl<F: FromUniformBytes<64> + Ord> MockProver<F> {
|
|||
|
||||
let mut inputs: Vec<(Vec<_>, usize)> = lookup_input_row_ids
|
||||
.clone()
|
||||
.into_iter()
|
||||
.filter_map(|input_row| {
|
||||
let t = lookup
|
||||
.input_expressions
|
||||
|
|
@ -1026,7 +1021,6 @@ impl<F: FromUniformBytes<64> + Ord> MockProver<F> {
|
|||
let mut input_rows: Vec<(Vec<Value<F>>, usize)> = self
|
||||
.usable_rows
|
||||
.clone()
|
||||
.into_iter()
|
||||
.map(|input_row| {
|
||||
let t = shuffle
|
||||
.input_expressions
|
||||
|
|
@ -1449,7 +1443,6 @@ impl<F: FromUniformBytes<64> + Ord> MockProver<F> {
|
|||
let mut input_rows: Vec<(Vec<Value<F>>, usize)> = self
|
||||
.usable_rows
|
||||
.clone()
|
||||
.into_iter()
|
||||
.map(|input_row| {
|
||||
let t = shuffle
|
||||
.input_expressions
|
||||
|
|
|
|||
|
|
@ -184,7 +184,7 @@ impl CircuitLayout {
|
|||
|
||||
root.draw(&Rectangle::new(
|
||||
[(0, 0), (total_columns, view_bottom)],
|
||||
&BLACK,
|
||||
BLACK,
|
||||
))?;
|
||||
|
||||
let draw_region = |root: &DrawingArea<_, _>, top_left, bottom_right| {
|
||||
|
|
@ -200,7 +200,7 @@ impl CircuitLayout {
|
|||
[top_left, bottom_right],
|
||||
ShapeStyle::from(&GREEN.mix(0.2)).filled(),
|
||||
))?;
|
||||
root.draw(&Rectangle::new([top_left, bottom_right], &BLACK))?;
|
||||
root.draw(&Rectangle::new([top_left, bottom_right], BLACK))?;
|
||||
Ok(())
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ where
|
|||
.map(|mut selector| {
|
||||
let mut selector_bytes = vec![0u8; (selector.len() + 7) / 8];
|
||||
reader.read_exact(&mut selector_bytes)?;
|
||||
for (bits, byte) in selector.chunks_mut(8).into_iter().zip(selector_bytes) {
|
||||
for (bits, byte) in selector.chunks_mut(8).zip(selector_bytes) {
|
||||
crate::helpers::unpack(byte, bits);
|
||||
}
|
||||
Ok(selector)
|
||||
|
|
|
|||
|
|
@ -613,7 +613,7 @@ mod proptests {
|
|||
// Ensure that:
|
||||
// - we have at least one value to apply unary operators to.
|
||||
// - we can apply every binary operator pairwise sequentially.
|
||||
cmp::max(if num_unary > 0 { 1 } else { 0 }, num_binary + 1)),
|
||||
cmp::max(usize::from(num_unary > 0), num_binary + 1)),
|
||||
operations in arb_operators(num_unary, num_binary).prop_shuffle(),
|
||||
) -> (Vec<Assigned<Fp>>, Vec<Operator>) {
|
||||
(values, operations)
|
||||
|
|
|
|||
|
|
@ -577,7 +577,8 @@ pub struct TableColumn {
|
|||
}
|
||||
|
||||
impl TableColumn {
|
||||
pub(crate) fn inner(&self) -> Column<Fixed> {
|
||||
/// Returns inner column
|
||||
pub fn inner(&self) -> Column<Fixed> {
|
||||
self.inner
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -411,7 +411,7 @@ impl<C: CurveAffine> Evaluator<C> {
|
|||
|
||||
// Permutation constraints
|
||||
parallelize(&mut values, |values, start| {
|
||||
let mut beta_term = extended_omega.pow_vartime(&[start as u64, 0, 0, 0]);
|
||||
let mut beta_term = extended_omega.pow_vartime([start as u64, 0, 0, 0]);
|
||||
for (i, value) in values.iter_mut().enumerate() {
|
||||
let idx = start + i;
|
||||
let r_next = get_rotation_idx(idx, 1, rot_scale, isize);
|
||||
|
|
|
|||
|
|
@ -443,7 +443,7 @@ fn permute_expression_pair<'params, C: CurveAffine, P: Params<'params, C>, R: Rn
|
|||
// Populate permuted table at unfilled rows with leftover table elements
|
||||
for (coeff, count) in leftover_table_map.iter() {
|
||||
for _ in 0..*count {
|
||||
permuted_table_coeffs[repeated_input_rows.pop().unwrap() as usize] = *coeff;
|
||||
permuted_table_coeffs[repeated_input_rows.pop().unwrap()] = *coeff;
|
||||
}
|
||||
}
|
||||
assert!(repeated_input_rows.is_empty());
|
||||
|
|
|
|||
|
|
@ -327,7 +327,7 @@ pub(crate) fn build_pk<'params, C: CurveAffine, P: Params<'params, C>>(
|
|||
{
|
||||
let omega = domain.get_omega();
|
||||
parallelize(&mut omega_powers, |o, start| {
|
||||
let mut cur = omega.pow_vartime(&[start as u64]);
|
||||
let mut cur = omega.pow_vartime([start as u64]);
|
||||
for v in o.iter_mut() {
|
||||
*v = cur;
|
||||
cur *= ω
|
||||
|
|
@ -339,7 +339,7 @@ pub(crate) fn build_pk<'params, C: CurveAffine, P: Params<'params, C>>(
|
|||
let mut deltaomega = vec![omega_powers; p.columns.len()];
|
||||
{
|
||||
parallelize(&mut deltaomega, |o, start| {
|
||||
let mut cur = C::Scalar::DELTA.pow_vartime(&[start as u64]);
|
||||
let mut cur = C::Scalar::DELTA.pow_vartime([start as u64]);
|
||||
for omega_powers in o.iter_mut() {
|
||||
for v in omega_powers {
|
||||
*v *= &cur;
|
||||
|
|
@ -403,7 +403,7 @@ pub(crate) fn build_vk<'params, C: CurveAffine, P: Params<'params, C>>(
|
|||
{
|
||||
let omega = domain.get_omega();
|
||||
parallelize(&mut omega_powers, |o, start| {
|
||||
let mut cur = omega.pow_vartime(&[start as u64]);
|
||||
let mut cur = omega.pow_vartime([start as u64]);
|
||||
for v in o.iter_mut() {
|
||||
*v = cur;
|
||||
cur *= ω
|
||||
|
|
@ -415,7 +415,7 @@ pub(crate) fn build_vk<'params, C: CurveAffine, P: Params<'params, C>>(
|
|||
let mut deltaomega = vec![omega_powers; p.columns.len()];
|
||||
{
|
||||
parallelize(&mut deltaomega, |o, start| {
|
||||
let mut cur = C::Scalar::DELTA.pow_vartime(&[start as u64]);
|
||||
let mut cur = C::Scalar::DELTA.pow_vartime([start as u64]);
|
||||
for omega_powers in o.iter_mut() {
|
||||
for v in omega_powers {
|
||||
*v *= &cur;
|
||||
|
|
|
|||
|
|
@ -127,7 +127,7 @@ impl Argument {
|
|||
Any::Instance => instance,
|
||||
};
|
||||
parallelize(&mut modified_values, |modified_values, start| {
|
||||
let mut deltaomega = deltaomega * &omega.pow_vartime(&[start as u64, 0, 0, 0]);
|
||||
let mut deltaomega = deltaomega * &omega.pow_vartime([start as u64, 0, 0, 0]);
|
||||
for (modified_values, value) in modified_values
|
||||
.iter_mut()
|
||||
.zip(values[column.index()][start..].iter())
|
||||
|
|
|
|||
|
|
@ -179,7 +179,7 @@ impl<C: CurveAffine> Evaluated<C> {
|
|||
let mut right = set.permutation_product_eval;
|
||||
let mut current_delta = (*beta * &*x)
|
||||
* &(<C::Scalar as PrimeField>::DELTA
|
||||
.pow_vartime(&[(chunk_index * chunk_len) as u64]));
|
||||
.pow_vartime([(chunk_index * chunk_len) as u64]));
|
||||
for eval in columns.iter().map(|&column| match column.column_type() {
|
||||
Any::Advice(_) => {
|
||||
advice_evals[vk.cs.get_any_query_index(column, Rotation::cur())]
|
||||
|
|
|
|||
|
|
@ -554,7 +554,7 @@ where
|
|||
let vanishing = vanishing.construct(params, domain, h_poly, &mut rng, transcript)?;
|
||||
|
||||
let x: ChallengeX<_> = transcript.squeeze_challenge_scalar();
|
||||
let xn = x.pow(&[params.n() as u64, 0, 0, 0]);
|
||||
let xn = x.pow([params.n(), 0, 0, 0]);
|
||||
|
||||
if P::QUERY_INSTANCE {
|
||||
// Compute and hash instance evals for each circuit instance
|
||||
|
|
@ -677,8 +677,8 @@ where
|
|||
}),
|
||||
)
|
||||
.chain(permutation.open(pk, x))
|
||||
.chain(lookups.iter().flat_map(move |p| p.open(pk, x)).into_iter())
|
||||
.chain(shuffles.iter().flat_map(move |p| p.open(pk, x)).into_iter())
|
||||
.chain(lookups.iter().flat_map(move |p| p.open(pk, x)))
|
||||
.chain(shuffles.iter().flat_map(move |p| p.open(pk, x)))
|
||||
})
|
||||
.chain(
|
||||
pk.vk
|
||||
|
|
|
|||
|
|
@ -55,7 +55,6 @@ impl<C: CurveAffine> Argument<C> {
|
|||
let mut rand_vec = vec![C::Scalar::ZERO; n];
|
||||
|
||||
let mut thread_seeds: Vec<ChaCha20Rng> = (0..num_chunks)
|
||||
.into_iter()
|
||||
.map(|_| {
|
||||
let mut seed = [0u8; 32];
|
||||
rng.fill_bytes(&mut seed);
|
||||
|
|
|
|||
|
|
@ -188,7 +188,7 @@ where
|
|||
})
|
||||
.collect::<Result<Vec<_>, _>>()?
|
||||
} else {
|
||||
let xn = x.pow(&[params.n() as u64, 0, 0, 0]);
|
||||
let xn = x.pow([params.n(), 0, 0, 0]);
|
||||
let (min_rotation, max_rotation) =
|
||||
vk.cs
|
||||
.instance_queries
|
||||
|
|
@ -267,7 +267,7 @@ where
|
|||
// commitments open to the correct values.
|
||||
let vanishing = {
|
||||
// x^n
|
||||
let xn = x.pow(&[params.n() as u64, 0, 0, 0]);
|
||||
let xn = x.pow([params.n(), 0, 0, 0]);
|
||||
|
||||
let blinding_factors = vk.cs.blinding_factors();
|
||||
let l_evals = vk
|
||||
|
|
@ -325,47 +325,39 @@ where
|
|||
gamma,
|
||||
x,
|
||||
))
|
||||
.chain(
|
||||
lookups
|
||||
.iter()
|
||||
.zip(vk.cs.lookups.iter())
|
||||
.flat_map(move |(p, argument)| {
|
||||
p.expressions(
|
||||
l_0,
|
||||
l_last,
|
||||
l_blind,
|
||||
argument,
|
||||
theta,
|
||||
beta,
|
||||
gamma,
|
||||
advice_evals,
|
||||
fixed_evals,
|
||||
instance_evals,
|
||||
challenges,
|
||||
)
|
||||
})
|
||||
.into_iter(),
|
||||
)
|
||||
.chain(
|
||||
shuffles
|
||||
.iter()
|
||||
.zip(vk.cs.shuffles.iter())
|
||||
.flat_map(move |(p, argument)| {
|
||||
p.expressions(
|
||||
l_0,
|
||||
l_last,
|
||||
l_blind,
|
||||
argument,
|
||||
theta,
|
||||
gamma,
|
||||
advice_evals,
|
||||
fixed_evals,
|
||||
instance_evals,
|
||||
challenges,
|
||||
)
|
||||
})
|
||||
.into_iter(),
|
||||
)
|
||||
.chain(lookups.iter().zip(vk.cs.lookups.iter()).flat_map(
|
||||
move |(p, argument)| {
|
||||
p.expressions(
|
||||
l_0,
|
||||
l_last,
|
||||
l_blind,
|
||||
argument,
|
||||
theta,
|
||||
beta,
|
||||
gamma,
|
||||
advice_evals,
|
||||
fixed_evals,
|
||||
instance_evals,
|
||||
challenges,
|
||||
)
|
||||
},
|
||||
))
|
||||
.chain(shuffles.iter().zip(vk.cs.shuffles.iter()).flat_map(
|
||||
move |(p, argument)| {
|
||||
p.expressions(
|
||||
l_0,
|
||||
l_last,
|
||||
l_blind,
|
||||
argument,
|
||||
theta,
|
||||
gamma,
|
||||
advice_evals,
|
||||
fixed_evals,
|
||||
instance_evals,
|
||||
challenges,
|
||||
)
|
||||
},
|
||||
))
|
||||
},
|
||||
);
|
||||
|
||||
|
|
@ -419,18 +411,8 @@ where
|
|||
},
|
||||
))
|
||||
.chain(permutation.queries(vk, x))
|
||||
.chain(
|
||||
lookups
|
||||
.iter()
|
||||
.flat_map(move |p| p.queries(vk, x))
|
||||
.into_iter(),
|
||||
)
|
||||
.chain(
|
||||
shuffles
|
||||
.iter()
|
||||
.flat_map(move |p| p.queries(vk, x))
|
||||
.into_iter(),
|
||||
)
|
||||
.chain(lookups.iter().flat_map(move |p| p.queries(vk, x)))
|
||||
.chain(shuffles.iter().flat_map(move |p| p.queries(vk, x)))
|
||||
},
|
||||
)
|
||||
.chain(
|
||||
|
|
|
|||
|
|
@ -88,8 +88,8 @@ impl<F: WithSmallOrderMulGroup<3>> EvaluationDomain<F> {
|
|||
{
|
||||
// Compute the evaluations of t(X) = X^n - 1 in the coset evaluation domain.
|
||||
// We don't have to compute all of them, because it will repeat.
|
||||
let orig = F::ZETA.pow_vartime(&[n as u64, 0, 0, 0]);
|
||||
let step = extended_omega.pow_vartime(&[n as u64, 0, 0, 0]);
|
||||
let orig = F::ZETA.pow_vartime([n, 0, 0, 0]);
|
||||
let step = extended_omega.pow_vartime([n, 0, 0, 0]);
|
||||
let mut cur = orig;
|
||||
loop {
|
||||
t_evaluations.push(cur);
|
||||
|
|
@ -396,11 +396,11 @@ impl<F: WithSmallOrderMulGroup<3>> EvaluationDomain<F> {
|
|||
pub fn rotate_omega(&self, value: F, rotation: Rotation) -> F {
|
||||
let mut point = value;
|
||||
if rotation.0 >= 0 {
|
||||
point *= &self.get_omega().pow_vartime(&[rotation.0 as u64]);
|
||||
point *= &self.get_omega().pow_vartime([rotation.0 as u64]);
|
||||
} else {
|
||||
point *= &self
|
||||
.get_omega_inv()
|
||||
.pow_vartime(&[(rotation.0 as i64).unsigned_abs()]);
|
||||
.pow_vartime([(rotation.0 as i64).unsigned_abs()]);
|
||||
}
|
||||
point
|
||||
}
|
||||
|
|
@ -537,7 +537,7 @@ fn test_l_i() {
|
|||
let mut l = vec![];
|
||||
let mut points = vec![];
|
||||
for i in 0..8 {
|
||||
points.push(domain.omega.pow(&[i, 0, 0, 0]));
|
||||
points.push(domain.omega.pow([i, 0, 0, 0]));
|
||||
}
|
||||
for i in 0..8 {
|
||||
let mut l_i = vec![Scalar::zero(); 8];
|
||||
|
|
@ -547,7 +547,7 @@ fn test_l_i() {
|
|||
}
|
||||
|
||||
let x = Scalar::random(OsRng);
|
||||
let xn = x.pow(&[8, 0, 0, 0]);
|
||||
let xn = x.pow([8, 0, 0, 0]);
|
||||
|
||||
let evaluations = domain.l_i_range(x, xn, -7..=7);
|
||||
for i in 0..8 {
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ where
|
|||
let mut g_projective = vec![E::G1::identity(); n as usize];
|
||||
parallelize(&mut g_projective, |g, start| {
|
||||
let mut current_g: E::G1 = g1.into();
|
||||
current_g *= s.pow_vartime(&[start as u64]);
|
||||
current_g *= s.pow_vartime([start as u64]);
|
||||
for g in g.iter_mut() {
|
||||
*g = current_g;
|
||||
current_g *= s;
|
||||
|
|
@ -97,11 +97,11 @@ where
|
|||
}
|
||||
let n_inv = Option::<E::Scalar>::from(E::Scalar::from(n).invert())
|
||||
.expect("inversion should be ok for n = 1<<k");
|
||||
let multiplier = (s.pow_vartime(&[n as u64]) - E::Scalar::ONE) * n_inv;
|
||||
let multiplier = (s.pow_vartime([n]) - E::Scalar::ONE) * n_inv;
|
||||
parallelize(&mut g_lagrange_projective, |g, start| {
|
||||
for (idx, g) in g.iter_mut().enumerate() {
|
||||
let offset = start + idx;
|
||||
let root_pow = root.pow_vartime(&[offset as u64]);
|
||||
let root_pow = root.pow_vartime([offset as u64]);
|
||||
let scalar = multiplier * root_pow * (s - root_pow).invert().unwrap();
|
||||
*g = g1 * scalar;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -250,12 +250,12 @@ where
|
|||
C::Scalar: FromUniformBytes<64>,
|
||||
{
|
||||
fn squeeze_challenge(&mut self) -> Challenge255<C> {
|
||||
self.state.update(&[KECCAK256_PREFIX_CHALLENGE]);
|
||||
self.state.update([KECCAK256_PREFIX_CHALLENGE]);
|
||||
|
||||
let mut state_lo = self.state.clone();
|
||||
let mut state_hi = self.state.clone();
|
||||
state_lo.update(&[KECCAK256_PREFIX_CHALLENGE_LO]);
|
||||
state_hi.update(&[KECCAK256_PREFIX_CHALLENGE_HI]);
|
||||
state_lo.update([KECCAK256_PREFIX_CHALLENGE_LO]);
|
||||
state_hi.update([KECCAK256_PREFIX_CHALLENGE_HI]);
|
||||
let result_lo: [u8; 32] = state_lo.finalize().as_slice().try_into().unwrap();
|
||||
let result_hi: [u8; 32] = state_hi.finalize().as_slice().try_into().unwrap();
|
||||
|
||||
|
|
@ -267,7 +267,7 @@ where
|
|||
}
|
||||
|
||||
fn common_point(&mut self, point: C) -> io::Result<()> {
|
||||
self.state.update(&[KECCAK256_PREFIX_POINT]);
|
||||
self.state.update([KECCAK256_PREFIX_POINT]);
|
||||
let coords: Coordinates<C> = Option::from(point.coordinates()).ok_or_else(|| {
|
||||
io::Error::new(
|
||||
io::ErrorKind::Other,
|
||||
|
|
@ -281,7 +281,7 @@ where
|
|||
}
|
||||
|
||||
fn common_scalar(&mut self, scalar: C::Scalar) -> io::Result<()> {
|
||||
self.state.update(&[KECCAK256_PREFIX_SCALAR]);
|
||||
self.state.update([KECCAK256_PREFIX_SCALAR]);
|
||||
self.state.update(scalar.to_repr().as_ref());
|
||||
|
||||
Ok(())
|
||||
|
|
@ -424,12 +424,12 @@ where
|
|||
C::Scalar: FromUniformBytes<64>,
|
||||
{
|
||||
fn squeeze_challenge(&mut self) -> Challenge255<C> {
|
||||
self.state.update(&[KECCAK256_PREFIX_CHALLENGE]);
|
||||
self.state.update([KECCAK256_PREFIX_CHALLENGE]);
|
||||
|
||||
let mut state_lo = self.state.clone();
|
||||
let mut state_hi = self.state.clone();
|
||||
state_lo.update(&[KECCAK256_PREFIX_CHALLENGE_LO]);
|
||||
state_hi.update(&[KECCAK256_PREFIX_CHALLENGE_HI]);
|
||||
state_lo.update([KECCAK256_PREFIX_CHALLENGE_LO]);
|
||||
state_hi.update([KECCAK256_PREFIX_CHALLENGE_HI]);
|
||||
let result_lo: [u8; 32] = state_lo.finalize().as_slice().try_into().unwrap();
|
||||
let result_hi: [u8; 32] = state_hi.finalize().as_slice().try_into().unwrap();
|
||||
|
||||
|
|
@ -441,7 +441,7 @@ where
|
|||
}
|
||||
|
||||
fn common_point(&mut self, point: C) -> io::Result<()> {
|
||||
self.state.update(&[KECCAK256_PREFIX_POINT]);
|
||||
self.state.update([KECCAK256_PREFIX_POINT]);
|
||||
let coords: Coordinates<C> = Option::from(point.coordinates()).ok_or_else(|| {
|
||||
io::Error::new(
|
||||
io::ErrorKind::Other,
|
||||
|
|
@ -455,7 +455,7 @@ where
|
|||
}
|
||||
|
||||
fn common_scalar(&mut self, scalar: C::Scalar) -> io::Result<()> {
|
||||
self.state.update(&[KECCAK256_PREFIX_SCALAR]);
|
||||
self.state.update([KECCAK256_PREFIX_SCALAR]);
|
||||
self.state.update(scalar.to_repr().as_ref());
|
||||
|
||||
Ok(())
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
1.64.0
|
||||
1.65.0
|
||||
|
|
|
|||
Loading…
Reference in New Issue