From 1eb2a36086186af9d3b0e72ea7535bbacd9a23c6 Mon Sep 17 00:00:00 2001 From: therealyingtong Date: Sun, 13 Sep 2020 23:10:06 +0800 Subject: [PATCH] Return MSM from PLONK verifier --- src/plonk.rs | 5 ++++- src/plonk/verifier.rs | 14 +++++++------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/src/plonk.rs b/src/plonk.rs index 7db922db..e62409fa 100644 --- a/src/plonk.rs +++ b/src/plonk.rs @@ -346,6 +346,9 @@ fn test_proving() { .expect("proof generation should not fail"); let msm_default = params.empty_msm(); - assert!(proof.verify::, DummyHash>(¶ms, &srs, msm_default)); + let msm = proof + .verify::, DummyHash>(¶ms, &srs, msm_default) + .unwrap(); + assert!(msm.is_zero()) } } diff --git a/src/plonk/verifier.rs b/src/plonk/verifier.rs index 7ba9103c..5197acd9 100644 --- a/src/plonk/verifier.rs +++ b/src/plonk/verifier.rs @@ -1,4 +1,4 @@ -use super::{hash_point, Proof, SRS}; +use super::{hash_point, Error, Proof, SRS}; use crate::arithmetic::{get_challenge_scalar, Challenge, Curve, CurveAffine, Field}; use crate::poly::{ commitment::{Params, MSM}, @@ -6,14 +6,14 @@ use crate::poly::{ }; use crate::transcript::Hasher; -impl Proof { +impl<'a, C: CurveAffine> Proof { /// Returns a boolean indicating whether or not the proof is valid pub fn verify, HScalar: Hasher>( &self, - params: &Params, + params: &'a Params, srs: &SRS, - msm: MSM, - ) -> bool { + msm: MSM<'a, C>, + ) -> Result, Error> { // Create a transcript for obtaining Fiat-Shamir challenges. let mut transcript = HBase::init(C::Base::one()); @@ -137,7 +137,7 @@ impl Proof { } if h_eval != (expected_h_eval * &(x_3n - &C::Scalar::one())) { - return false; + return Err(Error::ConstraintSystemFailure); } // We are now convinced the circuit is satisfied so long as the @@ -279,6 +279,6 @@ impl Proof { let msm_challenges = guard.use_challenges(); - msm_challenges.is_zero() + Ok(msm_challenges) } }