mirror of https://github.com/zcash/halo2.git
Add names to some nameless constraints
This commit is contained in:
parent
8454f86d42
commit
16e9076080
|
@ -60,7 +60,8 @@ impl Config {
|
||||||
// (y_r + y_q)(x_p − x_q) − (y_p − y_q)(x_q − x_r) = 0
|
// (y_r + y_q)(x_p − x_q) − (y_p − y_q)(x_q − x_r) = 0
|
||||||
let poly2 = (y_r + y_q.clone()) * (x_p - x_q.clone()) - (y_p - y_q) * (x_q - x_r);
|
let poly2 = (y_r + y_q.clone()) * (x_p - x_q.clone()) - (y_p - y_q) * (x_q - x_r);
|
||||||
|
|
||||||
array::IntoIter::new([poly1, poly2]).map(move |poly| q_add_incomplete.clone() * poly)
|
array::IntoIter::new([("x_r", poly1), ("y_r", poly2)])
|
||||||
|
.map(move |(name, poly)| (name, q_add_incomplete.clone() * poly))
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -118,8 +118,12 @@ impl Config {
|
||||||
let lsb_x = (lsb.clone() * x_p.clone()) + one_minus_lsb.clone() * (x_p - base_x);
|
let lsb_x = (lsb.clone() * x_p.clone()) + one_minus_lsb.clone() * (x_p - base_x);
|
||||||
let lsb_y = (lsb * y_p.clone()) + one_minus_lsb * (y_p + base_y);
|
let lsb_y = (lsb * y_p.clone()) + one_minus_lsb * (y_p + base_y);
|
||||||
|
|
||||||
std::array::IntoIter::new([bool_check, lsb_x, lsb_y])
|
std::array::IntoIter::new([
|
||||||
.map(move |poly| q_mul_lsb.clone() * poly)
|
("bool_check", bool_check),
|
||||||
|
("lsb_x", lsb_x),
|
||||||
|
("lsb_y", lsb_y),
|
||||||
|
])
|
||||||
|
.map(move |(name, poly)| (name, q_mul_lsb.clone() * poly))
|
||||||
});
|
});
|
||||||
|
|
||||||
self.hi_config.create_gate(meta);
|
self.hi_config.create_gate(meta);
|
||||||
|
|
|
@ -81,12 +81,12 @@ impl Config {
|
||||||
let canonicity = (one.clone() - k_254) * (one - z_130 * eta) * s_minus_lo_130;
|
let canonicity = (one.clone() - k_254) * (one - z_130 * eta) * s_minus_lo_130;
|
||||||
|
|
||||||
iter::empty()
|
iter::empty()
|
||||||
.chain(Some(s_check))
|
.chain(Some(("s_check", s_check)))
|
||||||
.chain(Some(recovery))
|
.chain(Some(("recovery", recovery)))
|
||||||
.chain(Some(lo_zero))
|
.chain(Some(("lo_zero", lo_zero)))
|
||||||
.chain(Some(s_minus_lo_130_check))
|
.chain(Some(("s_minus_lo_130_check", s_minus_lo_130_check)))
|
||||||
.chain(Some(canonicity))
|
.chain(Some(("canonicity", canonicity)))
|
||||||
.map(|poly| q_mul_overflow.clone() * poly)
|
.map(|(name, poly)| (name, q_mul_overflow.clone() * poly))
|
||||||
.collect::<Vec<_>>()
|
.collect::<Vec<_>>()
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
@ -45,8 +45,8 @@ impl Config {
|
||||||
- Expression::Constant(pallas::Affine::b());
|
- Expression::Constant(pallas::Affine::b());
|
||||||
|
|
||||||
vec![
|
vec![
|
||||||
q_point.clone() * x * curve_eqn.clone(),
|
("x == 0 ∨ on_curve", q_point.clone() * x * curve_eqn.clone()),
|
||||||
q_point * y * curve_eqn,
|
("y == 0 ∨ on_curve", q_point * y * curve_eqn),
|
||||||
]
|
]
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
@ -110,10 +110,14 @@ impl<F: FieldExt> Pow5T3Chip<F> {
|
||||||
- next[next_idx].clone())
|
- next[next_idx].clone())
|
||||||
};
|
};
|
||||||
|
|
||||||
vec![full_round(0), full_round(1), full_round(2)]
|
vec![
|
||||||
|
("state[0]", full_round(0)),
|
||||||
|
("state[1]", full_round(1)),
|
||||||
|
("state[2]", full_round(2)),
|
||||||
|
]
|
||||||
});
|
});
|
||||||
|
|
||||||
meta.create_gate("partial round", |meta| {
|
meta.create_gate("partial rounds", |meta| {
|
||||||
let cur_0 = meta.query_advice(state[0], Rotation::cur());
|
let cur_0 = meta.query_advice(state[0], Rotation::cur());
|
||||||
let cur_1 = meta.query_advice(state[1], Rotation::cur());
|
let cur_1 = meta.query_advice(state[1], Rotation::cur());
|
||||||
let cur_2 = meta.query_advice(state[2], Rotation::cur());
|
let cur_2 = meta.query_advice(state[2], Rotation::cur());
|
||||||
|
@ -143,7 +147,12 @@ impl<F: FieldExt> Pow5T3Chip<F> {
|
||||||
};
|
};
|
||||||
|
|
||||||
vec![
|
vec![
|
||||||
|
(
|
||||||
|
"state[0] round a",
|
||||||
s_partial.clone() * (pow_5(cur_0 + rc_a0) - mid_0.clone()),
|
s_partial.clone() * (pow_5(cur_0 + rc_a0) - mid_0.clone()),
|
||||||
|
),
|
||||||
|
(
|
||||||
|
"state[0] round b",
|
||||||
s_partial.clone()
|
s_partial.clone()
|
||||||
* (pow_5(
|
* (pow_5(
|
||||||
mid_0.clone() * m_reg[0][0]
|
mid_0.clone() * m_reg[0][0]
|
||||||
|
@ -153,8 +162,9 @@ impl<F: FieldExt> Pow5T3Chip<F> {
|
||||||
) - (next_0.clone() * m_inv[0][0]
|
) - (next_0.clone() * m_inv[0][0]
|
||||||
+ next_1.clone() * m_inv[0][1]
|
+ next_1.clone() * m_inv[0][1]
|
||||||
+ next_2.clone() * m_inv[0][2])),
|
+ next_2.clone() * m_inv[0][2])),
|
||||||
partial_round_linear(1, rc_b1),
|
),
|
||||||
partial_round_linear(2, rc_b2),
|
("state[1]", partial_round_linear(1, rc_b1)),
|
||||||
|
("state[2]", partial_round_linear(2, rc_b2)),
|
||||||
]
|
]
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -177,10 +187,19 @@ impl<F: FieldExt> Pow5T3Chip<F> {
|
||||||
};
|
};
|
||||||
|
|
||||||
vec![
|
vec![
|
||||||
|
(
|
||||||
|
"state[0]",
|
||||||
pad_and_add(initial_state_0, input_0, output_state_0),
|
pad_and_add(initial_state_0, input_0, output_state_0),
|
||||||
|
),
|
||||||
|
(
|
||||||
|
"state[1]",
|
||||||
pad_and_add(initial_state_1, input_1, output_state_1),
|
pad_and_add(initial_state_1, input_1, output_state_1),
|
||||||
|
),
|
||||||
// The capacity element is never altered by the input.
|
// The capacity element is never altered by the input.
|
||||||
|
(
|
||||||
|
"state[2]",
|
||||||
s_pad_and_add * (initial_state_2 - output_state_2),
|
s_pad_and_add * (initial_state_2 - output_state_2),
|
||||||
|
),
|
||||||
]
|
]
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -159,10 +159,10 @@ impl CommitIvkConfig {
|
||||||
};
|
};
|
||||||
|
|
||||||
std::iter::empty()
|
std::iter::empty()
|
||||||
.chain(Some(b0_canon_check))
|
.chain(Some(("b0_canon_check", b0_canon_check)))
|
||||||
.chain(Some(z13_a_check))
|
.chain(Some(("z13_a_check", z13_a_check)))
|
||||||
.chain(Some(a_prime_check))
|
.chain(Some(("a_prime_check", a_prime_check)))
|
||||||
.chain(Some(z13_a_prime))
|
.chain(Some(("z13_a_prime", z13_a_prime)))
|
||||||
};
|
};
|
||||||
|
|
||||||
// nk = b_2 (5 bits) || c (240 bits) || d_0 (9 bits) || d_1 (1 bit)
|
// nk = b_2 (5 bits) || c (240 bits) || d_0 (9 bits) || d_1 (1 bit)
|
||||||
|
@ -197,22 +197,22 @@ impl CommitIvkConfig {
|
||||||
};
|
};
|
||||||
|
|
||||||
std::iter::empty()
|
std::iter::empty()
|
||||||
.chain(Some(c0_canon_check))
|
.chain(Some(("c0_canon_check", c0_canon_check)))
|
||||||
.chain(Some(z13_c_check))
|
.chain(Some(("z13_c_check", z13_c_check)))
|
||||||
.chain(Some(b2_c_prime_check))
|
.chain(Some(("b2_c_prime_check", b2_c_prime_check)))
|
||||||
.chain(Some(z14_b2_c_prime))
|
.chain(Some(("z14_b2_c_prime", z14_b2_c_prime)))
|
||||||
};
|
};
|
||||||
|
|
||||||
std::iter::empty()
|
std::iter::empty()
|
||||||
.chain(Some(b1_bool_check))
|
.chain(Some(("b1_bool_check", b1_bool_check)))
|
||||||
.chain(Some(d1_bool_check))
|
.chain(Some(("d1_bool_check", d1_bool_check)))
|
||||||
.chain(Some(b_decomposition_check))
|
.chain(Some(("b_decomposition_check", b_decomposition_check)))
|
||||||
.chain(Some(d_decomposition_check))
|
.chain(Some(("d_decomposition_check", d_decomposition_check)))
|
||||||
.chain(Some(ak_decomposition_check))
|
.chain(Some(("ak_decomposition_check", ak_decomposition_check)))
|
||||||
.chain(Some(nk_decomposition_check))
|
.chain(Some(("nk_decomposition_check", nk_decomposition_check)))
|
||||||
.chain(ak_canonicity_checks)
|
.chain(ak_canonicity_checks)
|
||||||
.chain(nk_canonicity_checks)
|
.chain(nk_canonicity_checks)
|
||||||
.map(move |poly| q_commit_ivk.clone() * poly)
|
.map(move |(name, poly)| (name, q_commit_ivk.clone() * poly))
|
||||||
});
|
});
|
||||||
|
|
||||||
config
|
config
|
||||||
|
|
Loading…
Reference in New Issue