From a5a6e78d425c37879658589e60cc3f0177b409e3 Mon Sep 17 00:00:00 2001
From: therealyingtong <yingtong@z.cash>
Date: Mon, 27 Sep 2021 10:51:57 +0200
Subject: [PATCH] src/circuit.rs: Use NonIdentityPoint for all witnessed
 points.

The witnessed points are cm_old, g_d_old, pk_d_old, ak.

g_d_new and pk_d_new are currently also witnessed as affine points,
which diverges from the spec.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
---
 src/circuit.rs | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/circuit.rs b/src/circuit.rs
index 2315bead..179c7099 100644
--- a/src/circuit.rs
+++ b/src/circuit.rs
@@ -38,7 +38,7 @@ use crate::{
 use gadget::{
     ecc::{
         chip::{EccChip, EccConfig},
-        FixedPoint, FixedPointBaseField, FixedPointShort, Point,
+        FixedPoint, FixedPointBaseField, FixedPointShort, NonIdentityPoint,
     },
     poseidon::{
         Hash as PoseidonHash, Pow5T3Chip as PoseidonChip, Pow5T3Config as PoseidonConfig,
@@ -349,14 +349,14 @@ impl plonk::Circuit<pallas::Base> for Circuit {
             )?;
 
             // Witness cm_old
-            let cm_old = Point::new(
+            let cm_old = NonIdentityPoint::new(
                 ecc_chip.clone(),
                 layouter.namespace(|| "cm_old"),
                 self.cm_old.as_ref().map(|cm| cm.inner().to_affine()),
             )?;
 
             // Witness g_d_old
-            let g_d_old = Point::new(
+            let g_d_old = NonIdentityPoint::new(
                 ecc_chip.clone(),
                 layouter.namespace(|| "gd_old"),
                 self.g_d_old.as_ref().map(|gd| gd.to_affine()),
@@ -364,7 +364,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
 
             // Witness ak.
             let ak: Option<pallas::Point> = self.ak.as_ref().map(|ak| ak.into());
-            let ak = Point::new(
+            let ak = NonIdentityPoint::new(
                 ecc_chip.clone(),
                 layouter.namespace(|| "ak"),
                 ak.map(|ak| ak.to_affine()),
@@ -621,7 +621,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
                 g_d_old.mul(layouter.namespace(|| "[ivk] g_d_old"), ivk.inner())?;
 
             // Constrain derived pk_d_old to equal witnessed pk_d_old
-            let pk_d_old = Point::new(
+            let pk_d_old = NonIdentityPoint::new(
                 ecc_chip.clone(),
                 layouter.namespace(|| "witness pk_d_old"),
                 self.pk_d_old.map(|pk_d_old| pk_d_old.inner().to_affine()),
@@ -666,7 +666,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
                 let g_d_new = self
                     .g_d_new_star
                     .map(|bytes| pallas::Affine::from_bytes(&bytes).unwrap());
-                Point::new(
+                NonIdentityPoint::new(
                     ecc_chip.clone(),
                     layouter.namespace(|| "witness g_d_new_star"),
                     g_d_new,
@@ -678,7 +678,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
                 let pk_d_new = self
                     .pk_d_new_star
                     .map(|bytes| pallas::Affine::from_bytes(&bytes).unwrap());
-                Point::new(
+                NonIdentityPoint::new(
                     ecc_chip,
                     layouter.namespace(|| "witness pk_d_new"),
                     pk_d_new,