zec
/
halo2
mirror of https://github.com/zcash/halo2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
324 Commits 40 Branches 6 Tags 58 MiB
Commit Graph

324 Commits

Author SHA1 Message Date
therealyingtong 0e9726ae69 tree.rs: Use 2 as uncommitted leaf and check against test vectors. 2021-06-11 20:24:55 +08:00
therealyingtong 380128ed49 tree::MerklePath: Add postion() and auth_path() getters. 2021-06-10 16:55:49 +08:00
therealyingtong b3daeb0861 tree::testing: Fix and test arb_tree(). 2021-06-10 13:54:42 +08:00
therealyingtong 2d0afe9357 constants.rs: Introduce L_ORCHARD_MERKLE constant 
Also test that L_ORCHARD_BASE, L_ORCHARD_SCALAR, L_ORCHARD_MERKLE
are consistent with the Pallas curve.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-10 10:33:06 +08:00
therealyingtong e8e22886f4 tree.rs: MerklePath.root(): Fix missing bitmask in swap calculation 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-10 10:29:08 +08:00
therealyingtong 18535894d6 constants::util.rs: Factor out gen_fixed_array() method. 2021-06-10 10:03:15 +08:00
therealyingtong 7818291118 primitives::sinsemilla.rs: Optimize and test i2lebsp_k 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-09 23:50:59 +08:00
therealyingtong 8f8eff23d8 Update proptests to generate Merkle paths 2021-06-08 22:38:11 +08:00
therealyingtong b33248bdb0 src::tree.rs: Implement MerklePath.root() method. 
Co-authored-by: Kris Nuttycombe <kris@electriccoin.co>
 2021-06-08 22:31:24 +08:00
str4d e21f133862
Merge pull request #109 from zcash/halo2-bump 
Migrate to latest version of halo2
 2021-06-07 20:03:23 +01:00
Jack Grigg 94e730ad4c Migrate to latest version of halo2 
This brings in:
- Fixes and improvements to `MockProver`.
- Support for annotating constraints within gates.
- Removal of Selector rotations.
 2021-06-07 19:49:25 +01:00
str4d 2be13bfa80
Merge pull request #89 from zcash/utils-chip 
Chip for general utils
 2021-06-07 19:40:56 +01:00
str4d 3ff307f946
docs: Clarify EnableFlagInstructions::enable_flag 2021-06-07 19:34:48 +01:00
therealyingtong 54c8cfd1d0 Documentation improvements and minor refactors. 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-08 00:28:32 +08:00
therealyingtong 0f2dfc5508 Use UtilitiesInstructions::Var instead of internal associated type. 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-08 00:20:09 +08:00
str4d cd1e72bbcd
Merge pull request #106 from zcash/refactor-constants 
Refactor `constants` to add `constants::load`
 2021-06-05 13:42:16 +01:00
str4d 243f862617
Fix clippy lints 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-05 13:18:14 +01:00
str4d d3da71a4fd
Merge pull request #105 from zcash/constants-spend-auth-g 
Add SpendAuthG fixed base
 2021-06-05 12:09:51 +01:00
therealyingtong 40599144bf utilities::plonk: Remove assumption that fixed columns default to 1 2021-06-05 15:33:12 +08:00
therealyingtong 6603e996ed utilities::cond_swap: Directly witness swap bit 2021-06-05 15:32:43 +08:00
therealyingtong 9f27049c84 Add constants::load.rs 
This makes it easier to load constants into the ECC chip.
 2021-06-05 13:18:24 +08:00
therealyingtong 1d46a2d3e7 Add SpendAuthG fixed base. 
Used in spend authority randomization where rk = ak + [alpha]SpendAuthG.
 2021-06-05 13:16:56 +08:00
therealyingtong f31b9feba0 utilities::enable_flag: Directly witness flag 2021-06-05 09:42:23 +08:00
str4d 7f097b8599
Merge pull request #104 from nuttycom/fix_point_gen 
Avoid discards in arbitrary nullifier generation.
 2021-06-05 00:43:47 +01:00
Kris Nuttycombe 6f3ac2cdcc Avoid discards in arbitrary nullifier generation. 2021-06-04 17:36:50 -06:00
str4d 87a3d52641
Merge pull request #103 from zcash/bump-deps 
Migrate to bitvec 0.22, ff 0.10, group 0.10, pasta_curves 0.1
 2021-06-04 21:25:26 +01:00
Jack Grigg bea8a9b7ff Migrate to bitvec 0.22, ff 0.10, group 0.10, pasta_curves 0.1 2021-06-04 20:38:52 +01:00
therealyingtong fea88c814c Add enable flag chip 2021-06-04 18:08:59 +08:00
therealyingtong 4b0ea0be15 Add conditional swap chip 2021-06-04 18:08:59 +08:00
therealyingtong 4f87815262 Add standard PLONK chip 2021-06-04 18:08:59 +08:00
therealyingtong 4d8ae89aa9 Add Utilities chip 2021-06-04 18:08:59 +08:00
str4d c5aa41e2e4
Merge pull request #86 from zcash/patch-fixed-mul 
Update formula for fixed-base window tables.
 2021-06-03 13:33:00 +01:00
str4d 505e003842
Merge pull request #28 from zcash/poseidon 
Width-3 Poseidon chip
 2021-06-03 12:38:16 +01:00
str4d dc075e7971
Merge pull request #91 from zcash/key-component-test-vectors 
Add test vectors for key components
 2021-06-02 22:23:54 +01:00
therealyingtong fa9d8a992c Update constants 2021-06-02 22:51:37 +08:00
therealyingtong 0636a6f2ec Update window table formula. 
Previously, the window table M for fixed-base scalar multiplication
computed M[w][k] = [(k+1)*(2^3)^w]B for each window w, where k is a
3-bit chunk in the scalar decomposition in the range [0..8).

However, in the case k_0 = 7, k_1= 0, the window table entries would
evaluate to:
* M[0][k_0] = [(7+1)*(2^3)^0]B = [8]B,
* M[1][k_1] = [(0+1)*(2^3)^1]B = [8]B,
which means the first addition would require complete addition.

To avoid this, we alter the formula to M[w][k] = [(k+2)*(2^3)^w]B.

We make a corresponding change to the formula for the last window
W. Previously, we had:
M[W][k] = [k * (2^3)^W - \sum((2^3)^j)]B, for j in [0..W-1).

Now, we have:
M[W][k] = [k * (2^3)^W - \sum(2^(3j+1))]B, for j in [0..W-1).
 2021-06-02 22:51:37 +08:00
Jack Grigg 91db490e20 test: Add Poseidon test vectors 2021-06-01 18:36:11 +01:00
Daira Hopwood 5925852c7d Add Poseidon test vector generated by the reference code. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-01 18:36:11 +01:00
Jack Grigg f5a4cc3550 poseidon::Hash gadget 2021-06-01 18:36:11 +01:00
Jack Grigg 38dd7b791d PoseidonDuplexInstructions 2021-06-01 18:36:11 +01:00
Jack Grigg a69d76113f test: Rename MyCircuit to PermuteCircuit 2021-06-01 18:36:11 +01:00
Jack Grigg d1fe466812 Replace PoseidonInstructions::State with PoseidonInstructions::Word 2021-06-01 18:36:11 +01:00
Jack Grigg 01eb431f1f Remove "final" round logic from poseidon::Pow5T3Chip 
This was a bug in the Poseidon reference implementation, fixed in v1.1.
 2021-06-01 18:36:11 +01:00
Jack Grigg 40a19b429c Test that poseidon::Pow5T3Chip chip correctly implements Poseidon 2021-06-01 18:36:11 +01:00
Jack Grigg f1b8abfccb Arity-3 Poseidon chip 2021-06-01 18:36:11 +01:00
Jack Grigg 363e6944ec Poseidon instructions 2021-06-01 17:54:37 +01:00
str4d 5d57bee562
Merge pull request #97 from zcash/bump-halo2 
Migrate to latest revision of halo2
 2021-06-01 17:54:09 +01:00
Jack Grigg dfa3fbb19b Migrate to latest revision of halo2 2021-06-01 17:37:44 +01:00
str4d 803fc2bea3
Merge pull request #93 from zcash/prf_expand-domains 
Define explicit domains for PRF^expand
 2021-06-01 14:31:04 +01:00
Kris Nuttycombe 2f2b9e5891
Merge pull request #92 from zcash/fix-lints 
Fix lints
 2021-05-28 14:26:18 -06:00