ying tong
34b2e77a57
Merge pull request #467 from zcash/sha256-tweaks
...
SHA-256 chip tweaks
2022-05-25 12:51:16 +08:00
str4d
8075b216e8
Merge pull request #584 from trel/remove_dsstore
...
remove .DS_Store
2022-05-13 15:29:23 +01:00
Terrell Russell
076fa24390
remove .DS_Store
2022-05-13 09:18:59 -04:00
str4d
bf459804f6
Merge pull request #581 from zcash/release-0.1.0
...
Release `halo2_proofs` and `halo2_gadgets` 0.1.0
2022-05-10 23:27:30 +01:00
Jack Grigg
e36041d198
halo2_gadgets 0.1.0
...
Closes zcash/halo2#460 .
2022-05-10 22:05:30 +00:00
Jack Grigg
3bc0c598ef
halo2_proofs 0.1.0
...
Closes zcash/halo2#426 .
2022-05-10 22:01:21 +00:00
str4d
50921f95f7
Merge pull request #573 from zcash/str4d/chip-review
...
Changes from `halo2_gadgets` review
2022-05-10 22:54:45 +01:00
Jack Grigg
91e1106a1e
halo2_gadgets: Address review comments
2022-05-10 21:35:52 +00:00
Jack Grigg
4b802a7d07
halo2_gadgets: Documentation fixes
2022-05-10 20:31:35 +00:00
Jack Grigg
ac67b117ca
book: Document `EccChip` assumptions and general layout
2022-05-10 20:26:30 +00:00
Jack Grigg
a94a2bc552
halo2_gadgets: Various small code cleanups
...
Also documents a superfluous constraint, for removal in some future
breaking change.
2022-05-10 20:26:30 +00:00
Jack Grigg
ad51e4a2bd
book: Document var-mul constraints for complete addition and LSB
2022-05-10 20:26:30 +00:00
Jack Grigg
f57b93f8e0
book: Fix various small bugs and add some missing constraints
2022-05-10 20:26:30 +00:00
Jack Grigg
ff01e4a1f9
halo2_gadgets: Refactor `ScalarFixed::windows_usize`
...
It no longer relies on the `SqrtRatio::get_lower_32` method, which is
specific to that trait and not intended for external usage.
2022-05-10 20:26:30 +00:00
Jack Grigg
692fee099d
halo2_gadgets: Clean up `ecc::chip::mul_fixed::Config` logic
...
- We were redundantly storing the `x_p` and `y_p` columns.
- `Config::add_incomplete` was redundantly copying.
Co-authored-by: therealyingtong <yingtong@z.cash>
2022-05-10 20:04:30 +00:00
Jack Grigg
85b0b7c065
halo2_gadgets: Refactor `ecc::chip::mul_fixed::Config` word assignment logic
...
Co-authored-by: therealyingtong <yingtong@z.cash>
2022-05-10 20:04:30 +00:00
Jack Grigg
18edad5df6
halo2_gadgets: Use separate field names for var-mul incomplete selectors
...
The previous tuple was confusing because tuple indices are zero-indexed,
while the selector names are one-indexed.
2022-05-10 20:04:30 +00:00
Jack Grigg
56fc8960c6
halo2_gadgets: Extract a common `DoubleAndAdd` helper struct
...
Both variable-base scalar mul and Sinsemilla use double-and-add with
incomplete addition on a single row, but they do so in slightly
different ways. Some of these are intentional (needing to look up the
y-coordinate vs constrain it), while others are accidental (different
concrete signs in otherwise-identical constraints that make their ASTs
incompatible).
The new `DoubleAndAdd` helper struct extracts the logic that is common
to both implementations, specifically the helper definitions of `x_r`
and `Y_A`. In a future breaking change, we can refactor both gadgets to
share more of this logic, so we are defining the incomplete addition
logic in fewer places.
2022-05-10 20:04:30 +00:00
Daira Hopwood
bdf84a5bb5
Merge pull request #580 from zcash/book-patch-summary
...
[book] Add 'Selector combining' to SUMMARY.md
2022-05-10 05:21:29 -07:00
therealyingtong
e4e7821fc1
[book] Add 'Selector combining' to SUMMARY.md
2022-05-10 15:38:10 +08:00
Jack Grigg
88e189eebb
book: Add page for witnessing ECC points
2022-05-10 00:20:00 +00:00
Jack Grigg
17cd222979
book: Add explicit constraints table for incomplete addition
2022-05-10 00:20:00 +00:00
Jack Grigg
144d082528
halo2_gadgets: Refactor complete addition constraints
...
We also fix several typos in the constraint analysis on the complete
addition book page, and adjust the constraints table for readability.
2022-05-10 00:20:00 +00:00
Jack Grigg
342ebdd15e
halo2_gadgets: Fix return type of `ecc::chip::FixedPoint::u`
...
This trait method was previously preventing the trait to working with
fields that encode to more than 256 bits.
2022-05-10 00:20:00 +00:00
Jack Grigg
3486703bd2
halo2_gadgets: Refactor fixed-base scalar mul gadget APIs
...
The new `EccInstructions` instructions, and the corresponding changes to
existing instructions, enable chips to choose when to witness or constrain
the scalars, and simplify scalar reuse (though reuse is not implemented
for `EccChip` yet).
`FixedPoint::mul` and `FixedPointShort::mul` now has the same API style
as `NonIdentityPoint::mul`.
2022-05-09 15:48:55 +00:00
Jack Grigg
6145b1417c
halo2_gadgets: Move `primitives::*` to `*::primitives`
2022-05-09 05:43:34 +00:00
Jack Grigg
96d4a31d39
halo2_gadgets: Batch inversions in `SinsemillaChip::hash_to_point`
...
This saves around 3.7% in proving time for a 2-action Orchard bundle on
a Ryzen 9 5950X.
2022-05-08 03:28:34 +00:00
Jack Grigg
03697e2a7d
book: Rewrite Sinsemilla gadget page
...
The book now has enough detail for it to be obvious why there are
factors of 2 present in several equations.
2022-05-08 02:38:01 +00:00
Jack Grigg
dc2ec0308d
halo2_gadgets: Deduplicate some Sinsemilla chip expressions
2022-05-08 02:38:01 +00:00
Jack Grigg
6444ccc16f
halo2_gadgets: Tidy up and document MerkleCRH implementation
2022-05-08 02:38:01 +00:00
Jack Grigg
7ea240dbdf
book: Rewrite `MerkleCRH` gadget page
...
The page now follows the pattern of other chip-specifying pages in how
it documents constraints (in particular, giving the specific form of the
constraint to match the implemented AST).
Additionally, a typo in the decomposition constraint for `left` has been
fixed (the implementation was correct).
2022-05-08 02:20:42 +00:00
Jack Grigg
3bed5725e5
Use `MessagePiece::from_subpieces` in `MerkleChip::hash_layer`
...
Several structs now impl `PartialEq, Eq` due to requirements of the
`MessagePiece::from_subpieces` impl.
2022-05-08 02:20:42 +00:00
Jack Grigg
0d978f0fc4
halo2_gadgets: Generalise `MerklePath` beyond two `MerkleChip`s
2022-05-07 23:03:30 +00:00
str4d
30f92f3f4b
Merge pull request #522 from zcash/full-width-var-base-mul
...
[ECC gadget] Distinguish base field element case in variable-base scalar mul.
2022-05-06 19:53:57 +01:00
str4d
5a543f9318
Move `EccInstructions::ScalarVar` changelog entry to "Changed"
2022-05-06 19:06:06 +01:00
therealyingtong
3c6ffb66cf
Address comments from code review.
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
2022-05-06 23:28:20 +08:00
Kris Nuttycombe
6e762bdde4
Merge pull request #380 from 3for/main
...
[book] Fix errors and typos
2022-05-05 20:42:23 -06:00
Kris Nuttycombe
1791e693bb
Merge branch 'main' into main
2022-05-05 17:07:57 -06:00
ebfull
6fb622a1fc
Merge pull request #543 from NoCtrlZ/feat/fft-optimization
...
Optimize Fft
2022-05-05 14:05:13 -06:00
ebfull
a1d1371ce3
Merge pull request #563 from parazyd/clone-impls-keys
...
plonk: Derive Clone for VerifyingKey and ProvingKey.
2022-05-05 13:59:44 -06:00
Taylor Hornby
64e7efb0d4
Merge pull request #542 from zcash/relicense-mit-or-apache-2.0
...
Relicense Halo 2 crates as MIT OR Apache 2.0
2022-05-05 13:50:45 -06:00
therealyingtong
fdf516908b
Update changelog.
2022-05-05 21:34:30 +02:00
therealyingtong
5fd0834503
Introduce ScalarVar::new and ScalarVar::from_base gadget APIs.
2022-05-05 21:33:43 +02:00
therealyingtong
1c877f3caf
ecc::chip: Introduce ScalarVar enum.
2022-05-05 21:14:21 +02:00
therealyingtong
6f2fc57b3c
Rename FixedPoint::ScalarKind -> FixedPoint::FixedScalarKind.
2022-05-05 21:14:21 +02:00
therealyingtong
5ebfe91eee
Introduce ecc::BaseFitsInScalarInstructions trait.
2022-05-05 21:14:20 +02:00
therealyingtong
cbf3d6a7f6
EccInstructions: introduce witness_scalar_var() instruction.
2022-05-05 21:14:20 +02:00
therealyingtong
6d83db719e
EccInstructions::mul: take Self::ScalarVar instead of Chip::Var.
2022-05-05 21:14:20 +02:00
str4d
72ff677776
Merge pull request #511 from zcash/dependabot/github_actions/actions/checkout-3
...
Bump actions/checkout from 2 to 3
2022-05-05 16:08:26 +01:00
str4d
377de3998c
Merge pull request #554 from zcash/dependabot/github_actions/codecov/codecov-action-3.1.0
...
Bump codecov/codecov-action from 2.1.0 to 3.1.0
2022-05-05 16:07:57 +01:00