zec
/
halo2
mirror of https://github.com/zcash/halo2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update `halo2curves` to 0.5.0

This commit is contained in:
kilic 2023-12-29 01:42:33 +03:00
parent 687590ad79
commit 36492ddc17
10 changed files with 150 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
halo2_proofs/Cargo.toml
View File

@ -51,7 +51,7 @@ harness = false
backtrace = { version = "0.3", optional = true }
ff = "0.13"
group = "0.13"
halo2curves = { version = "0.1.0" }
halo2curves = { version = "0.5.0" }
rand_core = { version = "0.6", default-features = false }
tracing = "0.1"
blake2b_simd = "1" # MSRV 1.66.0

6
halo2_proofs/src/dev/cost.rs
View File

@ -102,11 +102,11 @@ impl Layout {
total_rows: 0,
total_advice_rows: 0,
total_fixed_rows: 0,
/// Any cells assigned outside of a region.
// Any cells assigned outside of a region.
loose_cells: vec![],
/// Pairs of cells between which we have equality constraints.
// Pairs of cells between which we have equality constraints.
equality: vec![],
/// Selector assignments used for optimization pass
// Selector assignments used for optimization pass
selectors: vec![vec![false; n]; num_selectors],
}
}

48
halo2_proofs/src/poly/kzg/commitment.rs
View File

@ -7,6 +7,7 @@ use crate::SerdeFormat;
use ff::{Field, PrimeField};
use group::{prime::PrimeCurveAffine, Curve, Group};
use halo2curves::pairing::Engine;
use halo2curves::CurveExt;
use rand_core::{OsRng, RngCore};
use std::fmt::Debug;
use std::marker::PhantomData;
@ -34,11 +35,11 @@ pub struct KZGCommitmentScheme<E: Engine> {
impl<E: Engine + Debug> CommitmentScheme for KZGCommitmentScheme<E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type Scalar = E::Scalar;
type Scalar = E::Fr;
type Curve = E::G1Affine;
type ParamsProver = ParamsKZG<E>;
@ -55,19 +56,20 @@ where
impl<E: Engine + Debug> ParamsKZG<E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
/// Initializes parameters for the curve, draws toxic secret from given rng.
/// MUST NOT be used in production.
pub fn setup<R: RngCore>(k: u32, rng: R) -> Self {
// Largest root of unity exponent of the Engine is `2^E::Scalar::S`, so we can
// only support FFTs of polynomials below degree `2^E::Scalar::S`.
assert!(k <= E::Scalar::S);
// Largest root of unity exponent of the Engine is `2^E::Fr::S`, so we can
// only support FFTs of polynomials below degree `2^E::Fr::S`.
assert!(k <= E::Fr::S);
let n: u64 = 1 << k;
// Calculate g = [G1, [s] G1, [s^2] G1, ..., [s^(n-1)] G1] in parallel.
let g1 = E::G1Affine::generator();
let s = <E::Scalar>::random(rng);
let s = <E::Fr>::random(rng);
let mut g_projective = vec![E::G1::identity(); n as usize];
parallelize(&mut g_projective, |g, start| {
@ -88,14 +90,14 @@ where
};
let mut g_lagrange_projective = vec![E::G1::identity(); n as usize];
let mut root = E::Scalar::ROOT_OF_UNITY;
for _ in k..E::Scalar::S {
let mut root = E::Fr::ROOT_OF_UNITY;
for _ in k..E::Fr::S {
root = root.square();
}
let n_inv = E::Scalar::from(n)
let n_inv = E::Fr::from(n)
.invert()
.expect("inversion should be ok for n = 1<<k");
let multiplier = (s.pow_vartime([n]) - E::Scalar::ONE) * n_inv;
let multiplier = (s.pow_vartime([n]) - E::Fr::ONE) * n_inv;
parallelize(&mut g_lagrange_projective, |g, start| {
for (idx, g) in g.iter_mut().enumerate() {
let offset = start + idx;
@ -164,7 +166,6 @@ where
/// Writes parameters to buffer
pub fn write_custom<W: io::Write>(&self, writer: &mut W, format: SerdeFormat) -> io::Result<()>
where
E::G1Affine: SerdeCurveAffine,
E::G2Affine: SerdeCurveAffine,
{
writer.write_all(&self.k.to_le_bytes())?;
@ -182,7 +183,6 @@ where
/// Reads params from a buffer.
pub fn read_custom<R: io::Read>(reader: &mut R, format: SerdeFormat) -> io::Result<Self>
where
E::G1Affine: SerdeCurveAffine,
E::G2Affine: SerdeCurveAffine,
{
let mut k = [0u8; 4];
@ -274,8 +274,8 @@ pub type ParamsVerifierKZG<C> = ParamsKZG<C>;
impl<'params, E: Engine + Debug> Params<'params, E::G1Affine> for ParamsKZG<E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type MSM = MSMKZG<E>;
@ -302,11 +302,7 @@ where
MSMKZG::new()
}
fn commit_lagrange(
&self,
poly: &Polynomial<E::Scalar, LagrangeCoeff>,
_: Blind<E::Scalar>,
) -> E::G1 {
fn commit_lagrange(&self, poly: &Polynomial<E::Fr, LagrangeCoeff>, _: Blind<E::Fr>) -> E::G1 {
let mut scalars = Vec::with_capacity(poly.len());
scalars.extend(poly.iter());
let bases = &self.g_lagrange;
@ -328,16 +324,16 @@ where
impl<'params, E: Engine + Debug> ParamsVerifier<'params, E::G1Affine> for ParamsKZG<E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
}
impl<'params, E: Engine + Debug> ParamsProver<'params, E::G1Affine> for ParamsKZG<E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type ParamsVerifier = ParamsVerifierKZG<E>;
@ -350,7 +346,7 @@ where
Self::setup(k, OsRng)
}
fn commit(&self, poly: &Polynomial<E::Scalar, Coeff>, _: Blind<E::Scalar>) -> E::G1 {
fn commit(&self, poly: &Polynomial<E::Fr, Coeff>, _: Blind<E::Fr>) -> E::G1 {
let mut scalars = Vec::with_capacity(poly.len());
scalars.extend(poly.iter());
let bases = &self.g;

67
halo2_proofs/src/poly/kzg/msm.rs
View File

@ -6,16 +6,27 @@ use crate::{
poly::commitment::MSM,
};
use group::{Curve, Group};
use halo2curves::pairing::{Engine, MillerLoopResult, MultiMillerLoop};
use halo2curves::{
pairing::{Engine, MillerLoopResult, MultiMillerLoop},
CurveAffine, CurveExt,
};
/// A multiscalar multiplication in the polynomial commitment scheme
#[derive(Clone, Default, Debug)]
pub struct MSMKZG<E: Engine> {
pub(crate) scalars: Vec<E::Scalar>,
pub struct MSMKZG<E: Engine>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
pub(crate) scalars: Vec<E::Fr>,
pub(crate) bases: Vec<E::G1>,
}
impl<E: Engine> MSMKZG<E> {
impl<E: Engine> MSMKZG<E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
/// Create an empty MSM instance
pub fn new() -> Self {
MSMKZG {
@ -25,9 +36,9 @@ impl<E: Engine> MSMKZG<E> {
}
/// Prepares all scalars in the MSM to linear combination
pub fn combine_with_base(&mut self, base: E::Scalar) {
pub fn combine_with_base(&mut self, base: E::Fr) {
use ff::Field;
let mut acc = E::Scalar::ONE;
let mut acc = E::Fr::ONE;
if !self.scalars.is_empty() {
for scalar in self.scalars.iter_mut().rev() {
*scalar *= &acc;
@ -37,8 +48,12 @@ impl<E: Engine> MSMKZG<E> {
}
}
impl<E: Engine + Debug> MSM<E::G1Affine> for MSMKZG<E> {
fn append_term(&mut self, scalar: E::Scalar, point: E::G1) {
impl<E: Engine + Debug> MSM<E::G1Affine> for MSMKZG<E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
fn append_term(&mut self, scalar: E::Fr, point: E::G1) {
self.scalars.push(scalar);
self.bases.push(point);
}
@ -48,7 +63,7 @@ impl<E: Engine + Debug> MSM<E::G1Affine> for MSMKZG<E> {
self.bases.extend(other.bases().iter());
}
fn scale(&mut self, factor: E::Scalar) {
fn scale(&mut self, factor: E::Fr) {
if !self.scalars.is_empty() {
parallelize(&mut self.scalars, |scalars, _| {
for other_scalar in scalars {
@ -73,18 +88,26 @@ impl<E: Engine + Debug> MSM<E::G1Affine> for MSMKZG<E> {
self.bases.clone()
}
fn scalars(&self) -> Vec<E::Scalar> {
fn scalars(&self) -> Vec<E::Fr> {
self.scalars.clone()
}
}
/// A projective point collector
#[derive(Debug, Clone)]
pub(crate) struct PreMSM<E: Engine> {
pub(crate) struct PreMSM<E: Engine>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
projectives_msms: Vec<MSMKZG<E>>,
}
impl<E: Engine + Debug> PreMSM<E> {
impl<E: Engine + Debug> PreMSM<E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
pub(crate) fn new() -> Self {
PreMSM {
projectives_msms: vec![],
@ -109,7 +132,11 @@ impl<E: Engine + Debug> PreMSM<E> {
}
}
impl<'params, E: MultiMillerLoop + Debug> From<&'params ParamsKZG<E>> for DualMSM<'params, E> {
impl<'params, E: MultiMillerLoop + Debug> From<&'params ParamsKZG<E>> for DualMSM<'params, E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
fn from(params: &'params ParamsKZG<E>) -> Self {
DualMSM::new(params)
}
@ -117,13 +144,21 @@ impl<'params, E: MultiMillerLoop + Debug> From<&'params ParamsKZG<E>> for DualMS
/// Two channel MSM accumulator
#[derive(Debug, Clone)]
pub struct DualMSM<'a, E: Engine> {
pub struct DualMSM<'a, E: Engine>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
pub(crate) params: &'a ParamsKZG<E>,
pub(crate) left: MSMKZG<E>,
pub(crate) right: MSMKZG<E>,
}
impl<'a, E: MultiMillerLoop + Debug> DualMSM<'a, E> {
impl<'a, E: MultiMillerLoop + Debug> DualMSM<'a, E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
/// Create a new two channel MSM accumulator instance
pub fn new(params: &'a ParamsKZG<E>) -> Self {
Self {
@ -134,7 +169,7 @@ impl<'a, E: MultiMillerLoop + Debug> DualMSM<'a, E> {
}
/// Scale all scalars in the MSM by some scaling factor
pub fn scale(&mut self, e: E::Scalar) {
pub fn scale(&mut self, e: E::Fr) {
self.left.scale(e);
self.right.scale(e);
}

6
halo2_proofs/src/poly/kzg/multiopen/gwc/prover.rs
View File

@ -8,9 +8,9 @@ use crate::poly::query::ProverQuery;
use crate::poly::{commitment::Blind, Polynomial};
use crate::transcript::{EncodedChallenge, TranscriptWrite};
use ff::PrimeField;
use group::Curve;
use halo2curves::pairing::Engine;
use halo2curves::CurveExt;
use rand_core::RngCore;
use std::fmt::Debug;
use std::io;
@ -25,8 +25,8 @@ pub struct ProverGWC<'params, E: Engine> {
/// Create a multi-opening proof
impl<'params, E: Engine + Debug> Prover<'params, KZGCommitmentScheme<E>> for ProverGWC<'params, E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
const QUERY_INSTANCE: bool = false;

9
halo2_proofs/src/poly/kzg/multiopen/gwc/verifier.rs
View File

@ -13,8 +13,9 @@ use crate::poly::query::{CommitmentReference, VerifierQuery};
use crate::poly::Error;
use crate::transcript::{EncodedChallenge, TranscriptRead};
use ff::{Field, PrimeField};
use ff::Field;
use halo2curves::pairing::{Engine, MultiMillerLoop};
use halo2curves::CurveExt;
#[derive(Debug)]
/// Concrete KZG verifier with GWC variant
@ -25,8 +26,8 @@ pub struct VerifierGWC<'params, E: Engine> {
impl<'params, E> Verifier<'params, KZGCommitmentScheme<E>> for VerifierGWC<'params, E>
where
E: MultiMillerLoop + Debug,
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type Guard = GuardKZG<'params, E>;
@ -63,7 +64,7 @@ where
let u: ChallengeU<_> = transcript.squeeze_challenge_scalar();
let mut commitment_multi = MSMKZG::<E>::new();
let mut eval_multi = E::Scalar::ZERO;
let mut eval_multi = E::Fr::ZERO;
let mut witness = MSMKZG::<E>::new();
let mut witness_with_aux = MSMKZG::<E>::new();

22
halo2_proofs/src/poly/kzg/multiopen/shplonk/prover.rs
View File

@ -13,9 +13,10 @@ use crate::poly::{Coeff, Polynomial};
use crate::transcript::{EncodedChallenge, TranscriptWrite};
use crate::multicore::IntoParallelIterator;
use ff::{Field, PrimeField};
use ff::Field;
use group::Curve;
use halo2curves::pairing::Engine;
use halo2curves::CurveExt;
use rand_core::RngCore;
use std::fmt::Debug;
use std::io;
@ -107,8 +108,9 @@ impl<'a, E: Engine> ProverSHPLONK<'a, E> {
impl<'params, E: Engine + Debug> Prover<'params, KZGCommitmentScheme<E>>
for ProverSHPLONK<'params, E>
where
E::Scalar: Ord + PrimeField,
E::G1Affine: SerdeCurveAffine,
E::Fr: Ord,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
const QUERY_INSTANCE: bool = false;
@ -166,7 +168,7 @@ where
// Q_i(X) = N_i(X) / Z_i(X) where
// Z_i(X) = (x - r_i_0) * (x - r_i_1) * ...
let mut poly = div_by_vanishing(n_x, points);
poly.resize(self.params.n as usize, E::Scalar::ZERO);
poly.resize(self.params.n as usize, E::Fr::ZERO);
Polynomial {
values: poly,
@ -202,7 +204,7 @@ where
.map(quotient_contribution)
.collect::<Vec<_>>();
let h_x: Polynomial<E::Scalar, Coeff> = quotient_polynomials
let h_x: Polynomial<E::Fr, Coeff> = quotient_polynomials
.into_iter()
.zip(powers(*v))
.map(|(poly, power_of_v)| poly * power_of_v)
@ -240,7 +242,7 @@ where
// and combine polynomials with same evaluation point set
// L_i(X) = linear_combination(y, L_i_j(X))
// where y is random scalar to combine inner contributors
let l_x: Polynomial<E::Scalar, Coeff> = inner_contributions
let l_x: Polynomial<E::Fr, Coeff> = inner_contributions
.into_iter()
.zip(powers(*y))
.map(|(poly, power_of_y)| poly * power_of_y)
@ -253,14 +255,14 @@ where
#[allow(clippy::type_complexity)]
let (linearisation_contributions, z_diffs): (
Vec<Polynomial<E::Scalar, Coeff>>,
Vec<E::Scalar>,
Vec<Polynomial<E::Fr, Coeff>>,
Vec<E::Fr>,
) = rotation_sets
.into_par_iter()
.map(linearisation_contribution)
.unzip();
let l_x: Polynomial<E::Scalar, Coeff> = linearisation_contributions
let l_x: Polynomial<E::Fr, Coeff> = linearisation_contributions
.into_iter()
.zip(powers(*v))
.map(|(poly, power_of_v)| poly * power_of_v)
@ -275,7 +277,7 @@ where
#[cfg(debug_assertions)]
{
let must_be_zero = eval_polynomial(&l_x.values[..], *u);
assert_eq!(must_be_zero, E::Scalar::ZERO);
assert_eq!(must_be_zero, E::Fr::ZERO);
}
let mut h_x = div_by_vanishing(l_x, &[*u]);

18
halo2_proofs/src/poly/kzg/multiopen/shplonk/verifier.rs
View File

@ -15,8 +15,9 @@ use crate::poly::kzg::strategy::GuardKZG;
use crate::poly::query::{CommitmentReference, VerifierQuery};
use crate::poly::Error;
use crate::transcript::{EncodedChallenge, TranscriptRead};
use ff::{Field, PrimeField};
use ff::Field;
use halo2curves::pairing::{Engine, MultiMillerLoop};
use halo2curves::CurveExt;
use std::ops::MulAssign;
/// Concrete KZG multiopen verifier with SHPLONK variant
@ -28,8 +29,9 @@ pub struct VerifierSHPLONK<'params, E: Engine> {
impl<'params, E> Verifier<'params, KZGCommitmentScheme<E>> for VerifierSHPLONK<'params, E>
where
E: MultiMillerLoop + Debug,
E::Scalar: PrimeField + Ord,
E::G1Affine: SerdeCurveAffine,
E::Fr: Ord,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type Guard = GuardKZG<'params, E>;
@ -69,10 +71,10 @@ where
let u: ChallengeU<_> = transcript.squeeze_challenge_scalar();
let h2 = transcript.read_point().map_err(|_| Error::SamplingError)?;
let (mut z_0_diff_inverse, mut z_0) = (E::Scalar::ZERO, E::Scalar::ZERO);
let (mut outer_msm, mut r_outer_acc) = (PreMSM::<E>::new(), E::Scalar::ZERO);
let (mut z_0_diff_inverse, mut z_0) = (E::Fr::ZERO, E::Fr::ZERO);
let (mut outer_msm, mut r_outer_acc) = (PreMSM::<E>::new(), E::Fr::ZERO);
for (i, (rotation_set, power_of_v)) in rotation_sets.iter().zip(powers(*v)).enumerate() {
let diffs: Vec<E::Scalar> = super_point_set
let diffs: Vec<E::Fr> = super_point_set
.iter()
.filter(|point| !rotation_set.points.contains(point))
.copied()
@ -83,7 +85,7 @@ where
if i == 0 {
z_0 = evaluate_vanishing_polynomial(&rotation_set.points[..], *u);
z_0_diff_inverse = z_diff_i.invert().unwrap();
z_diff_i = E::Scalar::ONE;
z_diff_i = E::Fr::ONE;
} else {
z_diff_i.mul_assign(z_0_diff_inverse);
}
@ -129,7 +131,7 @@ where
outer_msm.append_term(-z_0, h1.into());
outer_msm.append_term(*u, h2.into());
msm_accumulator.left.append_term(E::Scalar::ONE, h2.into());
msm_accumulator.left.append_term(E::Fr::ONE, h2.into());
msm_accumulator.right.add_msm(&outer_msm);

57
halo2_proofs/src/poly/kzg/strategy.rs
View File

@ -10,30 +10,41 @@ use crate::{
strategy::{Guard, VerificationStrategy},
},
};
use ff::{Field, PrimeField};
use halo2curves::pairing::{Engine, MultiMillerLoop};
use ff::Field;
use halo2curves::{
pairing::{Engine, MultiMillerLoop},
CurveAffine, CurveExt,
};
use rand_core::OsRng;
use std::fmt::Debug;
/// Wrapper for linear verification accumulator
#[derive(Debug, Clone)]
pub struct GuardKZG<'params, E: MultiMillerLoop + Debug> {
pub struct GuardKZG<'params, E: MultiMillerLoop + Debug>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
pub(crate) msm_accumulator: DualMSM<'params, E>,
}
/// Define accumulator type as `DualMSM`
impl<'params, E> Guard<KZGCommitmentScheme<E>> for GuardKZG<'params, E>
where
E::Scalar: PrimeField,
E: MultiMillerLoop + Debug,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type MSMAccumulator = DualMSM<'params, E>;
}
/// KZG specific operations
impl<'params, E: MultiMillerLoop + Debug> GuardKZG<'params, E> {
impl<'params, E: MultiMillerLoop + Debug> GuardKZG<'params, E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
pub(crate) fn new(msm_accumulator: DualMSM<'params, E>) -> Self {
Self { msm_accumulator }
}
@ -41,11 +52,19 @@ impl<'params, E: MultiMillerLoop + Debug> GuardKZG<'params, E> {
/// A verifier that checks multiple proofs in a batch
#[derive(Clone, Debug)]
pub struct AccumulatorStrategy<'params, E: Engine> {
pub struct AccumulatorStrategy<'params, E: Engine>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
pub(crate) msm_accumulator: DualMSM<'params, E>,
}
impl<'params, E: MultiMillerLoop + Debug> AccumulatorStrategy<'params, E> {
impl<'params, E: MultiMillerLoop + Debug> AccumulatorStrategy<'params, E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
/// Constructs an empty batch verifier
pub fn new(params: &'params ParamsKZG<E>) -> Self {
AccumulatorStrategy {
@ -61,11 +80,19 @@ impl<'params, E: MultiMillerLoop + Debug> AccumulatorStrategy<'params, E> {
/// A verifier that checks a single proof
#[derive(Clone, Debug)]
pub struct SingleStrategy<'params, E: Engine> {
pub struct SingleStrategy<'params, E: Engine>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
pub(crate) msm: DualMSM<'params, E>,
}
impl<'params, E: MultiMillerLoop + Debug> SingleStrategy<'params, E> {
impl<'params, E: MultiMillerLoop + Debug> SingleStrategy<'params, E>
where
E::G1Affine: CurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
{
/// Constructs an empty batch verifier
pub fn new(params: &'params ParamsKZG<E>) -> Self {
SingleStrategy {
@ -85,8 +112,8 @@ impl<
>,
> VerificationStrategy<'params, KZGCommitmentScheme<E>, V> for AccumulatorStrategy<'params, E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type Output = Self;
@ -99,7 +126,7 @@ where
mut self,
f: impl FnOnce(V::MSMAccumulator) -> Result<V::Guard, Error>,
) -> Result<Self::Output, Error> {
self.msm_accumulator.scale(E::Scalar::random(OsRng));
self.msm_accumulator.scale(E::Fr::random(OsRng));
// Guard is updated with new msm contributions
let guard = f(self.msm_accumulator)?;
@ -124,8 +151,8 @@ impl<
>,
> VerificationStrategy<'params, KZGCommitmentScheme<E>, V> for SingleStrategy<'params, E>
where
E::Scalar: PrimeField,
E::G1Affine: SerdeCurveAffine,
E::G1Affine: SerdeCurveAffine<ScalarExt = <E as Engine>::Fr, CurveExt = <E as Engine>::G1>,
E::G1: CurveExt<AffineExt = E::G1Affine>,
E::G2Affine: SerdeCurveAffine,
{
type Output = ();

2
rust-toolchain
View File

@ -1 +1 @@
1.66.0
1.67.0