Relocate x_5 challenge sampling location to simplify logic.

src/poly/multiopen/prover.rs

@@ -32,6 +32,7 @@ impl<C: CurveAffine> Proof<C> {
         I: IntoIterator<Item = ProverQuery<'a, C>> + Clone,
     {
         let x_4: C::Scalar = get_challenge_scalar(Challenge(transcript.squeeze().get_lower_128()));
+        let x_5: C::Scalar = get_challenge_scalar(Challenge(transcript.squeeze().get_lower_128()));
 
         let (poly_map, point_sets) = construct_intermediate_sets(queries);
 
@@ -77,8 +78,6 @@ impl<C: CurveAffine> Proof<C> {
             }
         }
 
-        let x_5: C::Scalar = get_challenge_scalar(Challenge(transcript.squeeze().get_lower_128()));
-
         let f_poly = point_sets
             .iter()
             .zip(q_eval_sets.iter())

src/poly/multiopen/verifier.rs

@@ -34,9 +34,13 @@ impl<C: CurveAffine> Proof<C> {
         // with it to make it true, with high probability.
         msm.scale(C::Scalar::random());
 
-        // Sample x_4 for compressing openings at the same points together
+        // Sample x_4 for compressing openings at the same point sets together
         let x_4: C::Scalar = get_challenge_scalar(Challenge(transcript.squeeze().get_lower_128()));
 
+        // Sample a challenge x_5 for keeping the multi-point quotient
+        // polynomial terms linearly independent.
+        let x_5: C::Scalar = get_challenge_scalar(Challenge(transcript.squeeze().get_lower_128()));
+
         let (commitment_map, point_sets) = construct_intermediate_sets(queries);
 
         // Compress the commitments and expected evaluations at x_3 together.
@@ -70,10 +74,6 @@ impl<C: CurveAffine> Proof<C> {
             }
         }
 
-        // Sample a challenge x_5 for keeping the multi-point quotient
-        // polynomial terms linearly independent.
-        let x_5: C::Scalar = get_challenge_scalar(Challenge(transcript.squeeze().get_lower_128()));
-
         // Obtain the commitment to the multi-point quotient polynomial f(X).
         hash_point(transcript, &self.f_commitment).unwrap();