mirror of https://github.com/zcash/halo2.git
chip::mul_fixed: Move running_sum_config into mul_fixed::Config.
This commit is contained in:
parent
1a7e832ed4
commit
f472a16b32
|
@ -1,8 +1,7 @@
|
||||||
use super::EccInstructions;
|
use super::EccInstructions;
|
||||||
use crate::{
|
use crate::{
|
||||||
circuit::gadget::utilities::{
|
circuit::gadget::utilities::{
|
||||||
copy, decompose_running_sum::RunningSumConfig, lookup_range_check::LookupRangeCheckConfig,
|
copy, lookup_range_check::LookupRangeCheckConfig, CellValue, UtilitiesInstructions, Var,
|
||||||
CellValue, UtilitiesInstructions, Var,
|
|
||||||
},
|
},
|
||||||
constants::{self, NullifierK, OrchardFixedBasesFull, ValueCommitV},
|
constants::{self, NullifierK, OrchardFixedBasesFull, ValueCommitV},
|
||||||
primitives::sinsemilla,
|
primitives::sinsemilla,
|
||||||
|
@ -151,17 +150,12 @@ pub struct EccConfig {
|
||||||
pub q_mul_fixed_short: Selector,
|
pub q_mul_fixed_short: Selector,
|
||||||
/// Canonicity checks on base field element used as scalar in fixed-base mul
|
/// Canonicity checks on base field element used as scalar in fixed-base mul
|
||||||
pub q_mul_fixed_base_field: Selector,
|
pub q_mul_fixed_base_field: Selector,
|
||||||
/// Running sum decomposition of a scalar used in fixed-base mul. This is used
|
|
||||||
/// when the scalar is a signed short exponent or a base-field element.
|
|
||||||
pub q_mul_fixed_running_sum: Selector,
|
|
||||||
|
|
||||||
/// Witness point
|
/// Witness point
|
||||||
witness_point: witness_point::Config,
|
witness_point: witness_point::Config,
|
||||||
|
|
||||||
/// Lookup range check using 10-bit lookup table
|
/// Lookup range check using 10-bit lookup table
|
||||||
pub lookup_config: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>,
|
pub lookup_config: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>,
|
||||||
/// Running sum decomposition.
|
|
||||||
pub running_sum_config: RunningSumConfig<pallas::Base, { constants::FIXED_BASE_WINDOW_SIZE }>,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A chip implementing EccInstructions
|
/// A chip implementing EccInstructions
|
||||||
|
@ -213,10 +207,6 @@ impl EccChip {
|
||||||
meta.enable_equality((*column).into());
|
meta.enable_equality((*column).into());
|
||||||
}
|
}
|
||||||
|
|
||||||
let q_mul_fixed_running_sum = meta.selector();
|
|
||||||
let running_sum_config =
|
|
||||||
RunningSumConfig::configure(meta, q_mul_fixed_running_sum, advices[4]);
|
|
||||||
|
|
||||||
// Create witness point gate
|
// Create witness point gate
|
||||||
let witness_point = witness_point::Config::configure(meta, advices[0], advices[1]);
|
let witness_point = witness_point::Config::configure(meta, advices[0], advices[1]);
|
||||||
// Create incomplete point addition gate
|
// Create incomplete point addition gate
|
||||||
|
@ -236,7 +226,6 @@ impl EccChip {
|
||||||
// fixed-base scalar mul.
|
// fixed-base scalar mul.
|
||||||
let mul_fixed = mul_fixed::Config::configure(
|
let mul_fixed = mul_fixed::Config::configure(
|
||||||
meta,
|
meta,
|
||||||
q_mul_fixed_running_sum,
|
|
||||||
lagrange_coeffs,
|
lagrange_coeffs,
|
||||||
advices[4],
|
advices[4],
|
||||||
advices[0],
|
advices[0],
|
||||||
|
@ -255,10 +244,8 @@ impl EccChip {
|
||||||
q_mul_fixed_full: meta.selector(),
|
q_mul_fixed_full: meta.selector(),
|
||||||
q_mul_fixed_short: meta.selector(),
|
q_mul_fixed_short: meta.selector(),
|
||||||
q_mul_fixed_base_field: meta.selector(),
|
q_mul_fixed_base_field: meta.selector(),
|
||||||
q_mul_fixed_running_sum,
|
|
||||||
witness_point,
|
witness_point,
|
||||||
lookup_config: range_check,
|
lookup_config: range_check,
|
||||||
running_sum_config,
|
|
||||||
};
|
};
|
||||||
|
|
||||||
// Create gate that is only used in full-width fixed-base scalar mul.
|
// Create gate that is only used in full-width fixed-base scalar mul.
|
||||||
|
|
|
@ -2,6 +2,7 @@ use super::{
|
||||||
add, add_incomplete, CellValue, EccBaseFieldElemFixed, EccScalarFixed, EccScalarFixedShort,
|
add, add_incomplete, CellValue, EccBaseFieldElemFixed, EccScalarFixed, EccScalarFixedShort,
|
||||||
NonIdentityEccPoint, Var,
|
NonIdentityEccPoint, Var,
|
||||||
};
|
};
|
||||||
|
use crate::circuit::gadget::utilities::decompose_running_sum::RunningSumConfig;
|
||||||
use crate::constants::{
|
use crate::constants::{
|
||||||
self,
|
self,
|
||||||
load::{NullifierK, OrchardFixedBase, OrchardFixedBasesFull, ValueCommitV, WindowUs},
|
load::{NullifierK, OrchardFixedBase, OrchardFixedBasesFull, ValueCommitV, WindowUs},
|
||||||
|
@ -77,7 +78,7 @@ impl OrchardFixedBases {
|
||||||
|
|
||||||
#[derive(Clone, Copy, Debug, Eq, PartialEq)]
|
#[derive(Clone, Copy, Debug, Eq, PartialEq)]
|
||||||
pub struct Config {
|
pub struct Config {
|
||||||
q_mul_fixed_running_sum: Selector,
|
running_sum_config: RunningSumConfig<pallas::Base, { constants::FIXED_BASE_WINDOW_SIZE }>,
|
||||||
// The fixed Lagrange interpolation coefficients for `x_p`.
|
// The fixed Lagrange interpolation coefficients for `x_p`.
|
||||||
lagrange_coeffs: [Column<Fixed>; constants::H],
|
lagrange_coeffs: [Column<Fixed>; constants::H],
|
||||||
// The fixed `z` for each window such that `y + z = u^2`.
|
// The fixed `z` for each window such that `y + z = u^2`.
|
||||||
|
@ -101,7 +102,6 @@ impl Config {
|
||||||
#[allow(clippy::too_many_arguments)]
|
#[allow(clippy::too_many_arguments)]
|
||||||
pub(super) fn configure(
|
pub(super) fn configure(
|
||||||
meta: &mut ConstraintSystem<pallas::Base>,
|
meta: &mut ConstraintSystem<pallas::Base>,
|
||||||
q_mul_fixed_running_sum: Selector,
|
|
||||||
lagrange_coeffs: [Column<Fixed>; constants::H],
|
lagrange_coeffs: [Column<Fixed>; constants::H],
|
||||||
window: Column<Advice>,
|
window: Column<Advice>,
|
||||||
x_p: Column<Advice>,
|
x_p: Column<Advice>,
|
||||||
|
@ -113,8 +113,11 @@ impl Config {
|
||||||
meta.enable_equality(window.into());
|
meta.enable_equality(window.into());
|
||||||
meta.enable_equality(u.into());
|
meta.enable_equality(u.into());
|
||||||
|
|
||||||
|
let q_running_sum = meta.selector();
|
||||||
|
let running_sum_config = RunningSumConfig::configure(meta, q_running_sum, window);
|
||||||
|
|
||||||
let config = Self {
|
let config = Self {
|
||||||
q_mul_fixed_running_sum,
|
running_sum_config,
|
||||||
lagrange_coeffs,
|
lagrange_coeffs,
|
||||||
fixed_z: meta.fixed_column(),
|
fixed_z: meta.fixed_column(),
|
||||||
window,
|
window,
|
||||||
|
@ -171,7 +174,8 @@ impl Config {
|
||||||
/// via a running sum.
|
/// via a running sum.
|
||||||
fn running_sum_coords_gate(&self, meta: &mut ConstraintSystem<pallas::Base>) {
|
fn running_sum_coords_gate(&self, meta: &mut ConstraintSystem<pallas::Base>) {
|
||||||
meta.create_gate("Running sum coordinates check", |meta| {
|
meta.create_gate("Running sum coordinates check", |meta| {
|
||||||
let q_mul_fixed_running_sum = meta.query_selector(self.q_mul_fixed_running_sum);
|
let q_mul_fixed_running_sum =
|
||||||
|
meta.query_selector(self.running_sum_config.q_range_check);
|
||||||
|
|
||||||
let z_cur = meta.query_advice(self.window, Rotation::cur());
|
let z_cur = meta.query_advice(self.window, Rotation::cur());
|
||||||
let z_next = meta.query_advice(self.window, Rotation::next());
|
let z_next = meta.query_advice(self.window, Rotation::next());
|
||||||
|
|
|
@ -3,8 +3,8 @@ use super::H_BASE;
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
circuit::gadget::utilities::{
|
circuit::gadget::utilities::{
|
||||||
bitrange_subset, copy, decompose_running_sum::RunningSumConfig,
|
bitrange_subset, copy, lookup_range_check::LookupRangeCheckConfig, range_check, CellValue,
|
||||||
lookup_range_check::LookupRangeCheckConfig, range_check, CellValue, Var,
|
Var,
|
||||||
},
|
},
|
||||||
constants::{self, T_P},
|
constants::{self, T_P},
|
||||||
primitives::sinsemilla,
|
primitives::sinsemilla,
|
||||||
|
@ -19,22 +19,18 @@ use pasta_curves::{arithmetic::FieldExt, pallas};
|
||||||
use std::convert::TryInto;
|
use std::convert::TryInto;
|
||||||
|
|
||||||
pub struct Config {
|
pub struct Config {
|
||||||
q_mul_fixed_running_sum: Selector,
|
|
||||||
q_mul_fixed_base_field: Selector,
|
q_mul_fixed_base_field: Selector,
|
||||||
canon_advices: [Column<Advice>; 3],
|
canon_advices: [Column<Advice>; 3],
|
||||||
lookup_config: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>,
|
lookup_config: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>,
|
||||||
running_sum_config: RunningSumConfig<pallas::Base, { constants::FIXED_BASE_WINDOW_SIZE }>,
|
|
||||||
super_config: super::Config,
|
super_config: super::Config,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl From<&EccConfig> for Config {
|
impl From<&EccConfig> for Config {
|
||||||
fn from(config: &EccConfig) -> Self {
|
fn from(config: &EccConfig) -> Self {
|
||||||
let config = Self {
|
let config = Self {
|
||||||
q_mul_fixed_running_sum: config.q_mul_fixed_running_sum,
|
|
||||||
q_mul_fixed_base_field: config.q_mul_fixed_base_field,
|
q_mul_fixed_base_field: config.q_mul_fixed_base_field,
|
||||||
canon_advices: [config.advices[6], config.advices[7], config.advices[8]],
|
canon_advices: [config.advices[6], config.advices[7], config.advices[8]],
|
||||||
lookup_config: config.lookup_config,
|
lookup_config: config.lookup_config,
|
||||||
running_sum_config: config.running_sum_config.clone(),
|
|
||||||
super_config: config.mul_fixed,
|
super_config: config.mul_fixed,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -46,8 +42,6 @@ impl From<&EccConfig> for Config {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
assert_eq!(config.running_sum_config.z, config.super_config.window);
|
|
||||||
|
|
||||||
config
|
config
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -166,7 +160,7 @@ impl Config {
|
||||||
|
|
||||||
// Decompose scalar
|
// Decompose scalar
|
||||||
let scalar = {
|
let scalar = {
|
||||||
let running_sum = self.running_sum_config.copy_decompose(
|
let running_sum = self.super_config.running_sum_config.copy_decompose(
|
||||||
&mut region,
|
&mut region,
|
||||||
offset,
|
offset,
|
||||||
scalar,
|
scalar,
|
||||||
|
@ -187,7 +181,7 @@ impl Config {
|
||||||
offset,
|
offset,
|
||||||
&(&scalar).into(),
|
&(&scalar).into(),
|
||||||
base.into(),
|
base.into(),
|
||||||
self.q_mul_fixed_running_sum,
|
self.super_config.running_sum_config.q_range_check,
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
Ok((scalar, acc, mul_b))
|
Ok((scalar, acc, mul_b))
|
||||||
|
|
|
@ -124,13 +124,15 @@ impl Config {
|
||||||
|
|
||||||
let scalar = self.witness(&mut region, offset, scalar)?;
|
let scalar = self.witness(&mut region, offset, scalar)?;
|
||||||
|
|
||||||
let (acc, mul_b) = self.super_config.assign_region_inner::<NUM_WINDOWS>(
|
let (acc, mul_b) = self
|
||||||
&mut region,
|
.super_config
|
||||||
offset,
|
.assign_region_inner::<{ constants::NUM_WINDOWS }>(
|
||||||
&(&scalar).into(),
|
&mut region,
|
||||||
base.into(),
|
offset,
|
||||||
self.q_mul_fixed_full,
|
&(&scalar).into(),
|
||||||
)?;
|
base.into(),
|
||||||
|
self.q_mul_fixed_full,
|
||||||
|
)?;
|
||||||
|
|
||||||
Ok((scalar, acc, mul_b))
|
Ok((scalar, acc, mul_b))
|
||||||
},
|
},
|
||||||
|
|
|
@ -2,10 +2,8 @@ use std::{array, convert::TryInto};
|
||||||
|
|
||||||
use super::super::{EccConfig, EccPoint, EccScalarFixedShort};
|
use super::super::{EccConfig, EccPoint, EccScalarFixedShort};
|
||||||
use crate::{
|
use crate::{
|
||||||
circuit::gadget::utilities::{
|
circuit::gadget::utilities::{bool_check, copy, CellValue, Var},
|
||||||
bool_check, copy, decompose_running_sum::RunningSumConfig, CellValue, Var,
|
constants::{ValueCommitV, L_VALUE, NUM_WINDOWS_SHORT},
|
||||||
},
|
|
||||||
constants::{ValueCommitV, FIXED_BASE_WINDOW_SIZE, L_VALUE, NUM_WINDOWS_SHORT},
|
|
||||||
};
|
};
|
||||||
|
|
||||||
use halo2::{
|
use halo2::{
|
||||||
|
@ -19,8 +17,6 @@ use pasta_curves::pallas;
|
||||||
pub struct Config {
|
pub struct Config {
|
||||||
// Selector used for fixed-base scalar mul with short signed exponent.
|
// Selector used for fixed-base scalar mul with short signed exponent.
|
||||||
q_mul_fixed_short: Selector,
|
q_mul_fixed_short: Selector,
|
||||||
q_mul_fixed_running_sum: Selector,
|
|
||||||
running_sum_config: RunningSumConfig<pallas::Base, { FIXED_BASE_WINDOW_SIZE }>,
|
|
||||||
super_config: super::Config,
|
super_config: super::Config,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -28,8 +24,6 @@ impl From<&EccConfig> for Config {
|
||||||
fn from(config: &EccConfig) -> Self {
|
fn from(config: &EccConfig) -> Self {
|
||||||
Self {
|
Self {
|
||||||
q_mul_fixed_short: config.q_mul_fixed_short,
|
q_mul_fixed_short: config.q_mul_fixed_short,
|
||||||
q_mul_fixed_running_sum: config.q_mul_fixed_running_sum,
|
|
||||||
running_sum_config: config.running_sum_config.clone(),
|
|
||||||
super_config: config.mul_fixed,
|
super_config: config.mul_fixed,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -80,7 +74,7 @@ impl Config {
|
||||||
let (magnitude, sign) = magnitude_sign;
|
let (magnitude, sign) = magnitude_sign;
|
||||||
|
|
||||||
// Decompose magnitude
|
// Decompose magnitude
|
||||||
let running_sum = self.running_sum_config.copy_decompose(
|
let running_sum = self.super_config.running_sum_config.copy_decompose(
|
||||||
region,
|
region,
|
||||||
offset,
|
offset,
|
||||||
magnitude,
|
magnitude,
|
||||||
|
@ -115,7 +109,7 @@ impl Config {
|
||||||
offset,
|
offset,
|
||||||
&(&scalar).into(),
|
&(&scalar).into(),
|
||||||
base.clone().into(),
|
base.clone().into(),
|
||||||
self.q_mul_fixed_running_sum,
|
self.super_config.running_sum_config.q_range_check,
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
Ok((scalar, acc, mul_b))
|
Ok((scalar, acc, mul_b))
|
||||||
|
|
|
@ -44,9 +44,9 @@ impl<F: FieldExt + PrimeFieldBits> std::ops::Deref for RunningSum<F> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug, Clone, Eq, PartialEq)]
|
#[derive(Debug, Clone, Copy, Eq, PartialEq)]
|
||||||
pub struct RunningSumConfig<F: FieldExt + PrimeFieldBits, const WINDOW_NUM_BITS: usize> {
|
pub struct RunningSumConfig<F: FieldExt + PrimeFieldBits, const WINDOW_NUM_BITS: usize> {
|
||||||
q_range_check: Selector,
|
pub q_range_check: Selector,
|
||||||
pub z: Column<Advice>,
|
pub z: Column<Advice>,
|
||||||
_marker: PhantomData<F>,
|
_marker: PhantomData<F>,
|
||||||
}
|
}
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue