Switch to domain prefix based on what is suggested in #182 by @daira.

2021-02-22 16:13:11 -07:00 · 2021-02-22 16:13:11 -07:00 · 75bb8121fb
parent 1078f854e3
commit 75bb8121fb
2 changed files with 23 additions and 21 deletions
--- a/src/plonk.rs
+++ b/src/plonk.rs
@ -946,28 +946,28 @@ fn test_proving() {
        ],
    },
    fixed_commitments: [
-        (0x2792aa28c75a1516a39a4637de0775e5ec6b6530f516c08d68a5bbb46e84a1de, 0x0281cd4163b0ee3ab6bf8f2268cd54cf9bea66af5cad9dc36e606141943ba936),
-        (0x3cdb6aad229646e50f3f51c2011c771db056b05b1c59082b8281efd84c8a2ff3, 0x1af67237dfbf81ec144a8ec6eb894138ae74f42b2d42e5d004b16a604079f243),
-        (0x30929fec22a98cfc1643aca048fbfa2347df388499de0e491c0aef036615e41a, 0x369f53ee6b760e2d1636e31aef89a9a8a8abcf8eae7749468b0a1a0c9f14c65a),
-        (0x30929fec22a98cfc1643aca048fbfa2347df388499de0e491c0aef036615e41a, 0x369f53ee6b760e2d1636e31aef89a9a8a8abcf8eae7749468b0a1a0c9f14c65a),
-        (0x2dc1809e1a657ba12ddf038a75600ce2ee002400e5dd4ee5818dcb2f72225b81, 0x0e2cf3c5b0865a3433b0c9ffca1d9af9f5cc9ea1c746c6bb8137f43a146a64af),
-        (0x009891864ebb1288d28749f2ec16554b8f11fb0d73b024fb6fbb6bdbf9370716, 0x140268076a1d9e17e6332a3846208a1693046ba6d3fafe36987e418b6ab4cbb6),
-        (0x220abc4c01a23a50aba33a9b725adc1ced28d4aeec2adb852da0783e6b11f086, 0x2f888fc3d5253867cb2374e44a04ae6a4a301b000c12c080a856d777b30c93ea),
-        (0x0477d75521867d384452ee0883397838dbd576614ab8fe0019a65f0c570dbc26, 0x33835efa7bc0855a8c2e0644051b75b2404568ef44cebd4accdbcdfec042839b),
+        (0x046711bb0579a337420e33de9d54438e7c3a9cc47b6728b873d1fd0214d7eb58, 0x2416b30fadfacd828cf76891a2a5f0fe90d7ae0e5a8df947e98660ffbebf72e4),
+        (0x241db4dcb35d3977d45a57a9c5053e8f2c2310fa98738feb48430254034e42bc, 0x3e9545f6b9aa955ce50450eb1b37fb69d5891bca9b5193e6e8288675abded312),
+        (0x15a0f4deb421ccdfb7cebd60fe7055d406e8f24e9bf37d304327b2adb53e2f7a, 0x1811c4a5f95dc72b15e780bb76d5d0e91dc315c0726a361712bdcb7afd11dc6c),
+        (0x15a0f4deb421ccdfb7cebd60fe7055d406e8f24e9bf37d304327b2adb53e2f7a, 0x1811c4a5f95dc72b15e780bb76d5d0e91dc315c0726a361712bdcb7afd11dc6c),
+        (0x2c1e1e702ea5a876188a2e2d1f7fcbee31e5fba48ccd1d7d8dc000393da5b6cb, 0x302338ba3f31351e080311442a59fc9fd9cc30700ce33f4775741d6888df63ea),
+        (0x3e6b7c66782b06e0e7cd5bd7930b0204dee22b44a25d7c405909d4ca4eb604a7, 0x19b69444de257eb1dd99020a8c615fdc6bed7308ea63b1d4b3c0430f15e71568),
+        (0x05dfc2fbe7800a57610e7b61e4cd7e96f96026cc192a92750e50e9c35c2d262d, 0x3b2c6101d9a2bbf8982f84e2bd818952ea1d53c5a815c7a4d900cc27f67da390),
+        (0x318668190ba5ac1d3a1f93b13dd611e4dd3d68b1ea2ae1fe15b99bfc0858cc94, 0x18edacbf7ad8d4b3e43d9cab81c696cb3671ac3a9007610a5c949d85f9790841),
    ],
    permutations: [
        VerifyingKey {
            commitments: [
-                (0x31e37d7bdde8c02fb8a3b84d1dc30b730bc5ee4fda7973f00cbaa5ecb3d1b3ae, 0x1af12066de65c315fe51c44459bef9624e74f2b2d92c9ee1bf07715038dad56a),
-                (0x3a77fc054e01378e69fc4bc01417600ad8adce317ea572b24e978353e93466c8, 0x0e68c78cc93a71ba2dcd2c8d0f38d5b60333a29db6ed238e83641504f54f218d),
-                (0x2a4a0739f4cb19c2a3316dc8e1e8bc86bc0a7f218cfa0af78788802e93a3b683, 0x08052016a9c440afea08a5b4f78c92e09f52d642be4a9013605ec2f4f199c69e),
+                (0x02d8dce08483e705f124b2e3db76a8065bfd8d893a1de76fd4ba586acb8e2cd0, 0x1456b7e28d96b5f90f885d21fde2ed00d1774cdebc358a95383b95302a87e09d),
+                (0x1d8a9751a63cbdf4c87787424b9c4a347483d5138943470dd1a73e1d1fd336b1, 0x2b1f6a54bff445799b6abf5bb0ed734d1cabdb46b4966556e753097ed87cef1b),
+                (0x1592b59a2a90b155420abde2bcf6fb822d80a11e1b44306dc07fc45025f214e5, 0x3802666ef284d7db51cbd2f9be20014e19f0f6a22e1a4d3a0db124b7bdd7fa1b),
            ],
        },
        VerifyingKey {
            commitments: [
-                (0x31e37d7bdde8c02fb8a3b84d1dc30b730bc5ee4fda7973f00cbaa5ecb3d1b3ae, 0x1af12066de65c315fe51c44459bef9624e74f2b2d92c9ee1bf07715038dad56a),
-                (0x3a77fc054e01378e69fc4bc01417600ad8adce317ea572b24e978353e93466c8, 0x0e68c78cc93a71ba2dcd2c8d0f38d5b60333a29db6ed238e83641504f54f218d),
-                (0x2a4a0739f4cb19c2a3316dc8e1e8bc86bc0a7f218cfa0af78788802e93a3b683, 0x08052016a9c440afea08a5b4f78c92e09f52d642be4a9013605ec2f4f199c69e),
+                (0x02d8dce08483e705f124b2e3db76a8065bfd8d893a1de76fd4ba586acb8e2cd0, 0x1456b7e28d96b5f90f885d21fde2ed00d1774cdebc358a95383b95302a87e09d),
+                (0x1d8a9751a63cbdf4c87787424b9c4a347483d5138943470dd1a73e1d1fd336b1, 0x2b1f6a54bff445799b6abf5bb0ed734d1cabdb46b4966556e753097ed87cef1b),
+                (0x1592b59a2a90b155420abde2bcf6fb822d80a11e1b44306dc07fc45025f214e5, 0x3802666ef284d7db51cbd2f9be20014e19f0f6a22e1a4d3a0db124b7bdd7fa1b),
            ],
        },
    ],
--- a/src/poly/commitment.rs
+++ b/src/poly/commitment.rs
@ -49,15 +49,16 @@ impl<C: CurveAffine> Params<C> {
            let mut g = Vec::with_capacity(n as usize);
            g.resize(n as usize, C::Curve::identity());

-            let domain_prefix = format!("Halo2-G-{}", n);
-
            parallelize(&mut g, move |g, start| {
-                let hasher = C::CurveExt::hash_to_curve(&domain_prefix);
+                let hasher = C::CurveExt::hash_to_curve("Halo2-Parameters");

                for (i, g) in g.iter_mut().enumerate() {
-                    let i = (i + start) as u64;
+                    let i = (i + start) as u32;

-                    *g = hasher(&(i.to_le_bytes())[..]);
+                    let mut message = [0u8; 5];
+                    message[1..5].copy_from_slice(&i.to_le_bytes());
+
+                    *g = hasher(&message);
                }
            });

@ -99,8 +100,9 @@ impl<C: CurveAffine> Params<C> {
            g_lagrange
        };

-        let h = C::CurveExt::hash_to_curve("Halo2-H")(&[]).to_affine();
-        let u = C::CurveExt::hash_to_curve("Halo2-U")(&[]).to_affine();
+        let hasher = C::CurveExt::hash_to_curve("Halo2-Parameters");
+        let h = hasher(&[1]).to_affine();
+        let u = hasher(&[2]).to_affine();

        Params {
            k,