mul::overflow: Refactor overflow::Config.

This is only used in chip::mul::Config. In a subsequent commit, this will be configured from mul::Config instead of from ecc::chip::Config. This commit does not result in circuit changes.
2021-11-30 14:47:47 -05:00 · 2021-11-30 14:47:47 -05:00 · 440cd14dbb
parent 931d61a863
commit 440cd14dbb
3 changed files with 33 additions and 27 deletions
--- a/src/circuit/gadget/ecc/chip.rs
+++ b/src/circuit/gadget/ecc/chip.rs
@ -16,6 +16,8 @@ use halo2::{
 };
 use pasta_curves::{arithmetic::CurveAffine, pallas};

+use std::convert::TryInto;
+
 pub(super) mod add;
 pub(super) mod add_incomplete;
 pub(super) mod mul;
@ -153,7 +155,7 @@ pub struct EccConfig {
    /// Selector used to enforce switching logic on LSB in variable-base scalar mul
    pub q_mul_lsb: Selector,
    /// Variable-base scalar multiplication (overflow check)
-    pub q_mul_overflow: Selector,
+    pub mul_overflow: mul::overflow::Config,

    /// Fixed-base full-width scalar multiplication
    pub q_mul_fixed_full: Selector,
@ -221,9 +223,6 @@ impl EccChip {
        // mul_fixed::base_field_element::Config:
        // - [advices[6], advices[7], advices[8]]: canon_advices
        //
-        // mul::overflow::Config:
-        // - [advices[0], advices[1], advices[2]]: advices
-        //
        // mul::incomplete::Config
        // - advices[4]: lambda1
        // - advices[9]: z
@ -259,6 +258,8 @@ impl EccChip {
            meta, advices[6], advices[7], advices[0], advices[1], advices[8], advices[2],
        );
        let mul_complete = mul::complete::Config::configure(meta, advices[9], add);
+        let mul_overflow =
+            mul::overflow::Config::configure(meta, range_check, advices[6..9].try_into().unwrap());

        let config = EccConfig {
            advices,
@ -269,7 +270,7 @@ impl EccChip {
            mul_hi,
            mul_lo,
            mul_complete,
-            q_mul_overflow: meta.selector(),
+            mul_overflow,
            q_mul_lsb: meta.selector(),
            q_mul_fixed_full: meta.selector(),
            q_mul_fixed_short: meta.selector(),
--- a/src/circuit/gadget/ecc/chip/mul.rs
+++ b/src/circuit/gadget/ecc/chip/mul.rs
@ -20,7 +20,8 @@ use pasta_curves::pallas;
 pub(crate) mod complete;
 // TODO: Undo this pub(crate).
 pub(crate) mod incomplete;
-mod overflow;
+// TODO: Undo this pub(crate).
+pub(crate) mod overflow;

 /// Number of bits for which complete addition needs to be used in variable-base
 /// scalar multiplication
@ -69,7 +70,7 @@ impl From<&EccConfig> for Config {
            hi_config: ecc_config.mul_hi,
            lo_config: ecc_config.mul_lo,
            complete_config: ecc_config.mul_complete,
-            overflow_config: ecc_config.into(),
+            overflow_config: ecc_config.mul_overflow,
        };

        assert_eq!(
@ -112,8 +113,6 @@ impl From<&EccConfig> for Config {

 impl Config {
    pub(super) fn create_gate(&self, meta: &mut ConstraintSystem<pallas::Base>) {
-        self.overflow_config.create_gate(meta);
-
        // If `lsb` is 0, (x, y) = (x_p, -y_p). If `lsb` is 1, (x, y) = (0,0).
        meta.create_gate("LSB check", |meta| {
            let q_mul_lsb = meta.query_selector(self.q_mul_lsb);
--- a/src/circuit/gadget/ecc/chip/mul/overflow.rs
+++ b/src/circuit/gadget/ecc/chip/mul/overflow.rs
@ -1,4 +1,4 @@
-use super::super::{copy, CellValue, EccConfig, Var};
+use super::super::{copy, CellValue, Var};
 use super::Z;
 use crate::{
    circuit::gadget::utilities::lookup_range_check::LookupRangeCheckConfig, constants::T_Q,
@ -15,6 +15,7 @@ use pasta_curves::{arithmetic::FieldExt, pallas};

 use std::iter;

+#[derive(Copy, Clone, Debug, Eq, PartialEq)]
 pub struct Config {
    // Selector to check z_0 = alpha + t_q (mod p)
    q_mul_overflow: Selector,
@ -24,24 +25,29 @@ pub struct Config {
    advices: [Column<Advice>; 3],
 }

-impl From<&EccConfig> for Config {
-    fn from(ecc_config: &EccConfig) -> Self {
-        Self {
-            q_mul_overflow: ecc_config.q_mul_overflow,
-            lookup_config: ecc_config.lookup_config,
-            // Use advice columns that don't conflict with the either the incomplete
-            // additions in fixed-base scalar mul, or the lookup range checks.
-            advices: [
-                ecc_config.advices[6],
-                ecc_config.advices[7],
-                ecc_config.advices[8],
-            ],
-        }
-    }
+impl Config {
+    // TODO: Make this pub(super).
+    pub(crate) fn configure(
+        meta: &mut ConstraintSystem<pallas::Base>,
+        lookup_config: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>,
+        advices: [Column<Advice>; 3],
+    ) -> Self {
+        for advice in advices.iter() {
+            meta.enable_equality((*advice).into());
        }

-impl Config {
-    pub(super) fn create_gate(&self, meta: &mut ConstraintSystem<pallas::Base>) {
+        let config = Self {
+            q_mul_overflow: meta.selector(),
+            lookup_config,
+            advices,
+        };
+
+        config.create_gate(meta);
+
+        config
+    }
+
+    fn create_gate(&self, meta: &mut ConstraintSystem<pallas::Base>) {
        meta.create_gate("overflow checks", |meta| {
            let q_mul_overflow = meta.query_selector(self.q_mul_overflow);