zec
/
halo2
mirror of https://github.com/zcash/halo2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
864 Commits 40 Branches 6 Tags 59 MiB
Commit Graph

270 Commits

Author SHA1 Message Date
therealyingtong 687e220c36 mul_fixed::short: Refactor short::Config. 
This commit does not result in circuit changes.
 2021-12-04 04:45:06 +00:00
therealyingtong 165c9b6941 mul_fixed::full_width: Refactor full_width::Config. 
This commit does not result in circuit changes.
 2021-12-04 04:45:06 +00:00
therealyingtong f472a16b32 chip::mul_fixed: Move running_sum_config into mul_fixed::Config. 2021-12-04 04:45:06 +00:00
therealyingtong 1a7e832ed4 chip::mul_fixed: Refactor mul_fixed::Config. 
This commit does not introduce circuit changes.
 2021-12-04 04:45:06 +00:00
therealyingtong a7dad1d611 chip::mul: Refactor mul::Config. 
This commit does not introduce additional circuit changes.
 2021-12-04 04:45:05 +00:00
therealyingtong 440cd14dbb mul::overflow: Refactor overflow::Config. 
This is only used in chip::mul::Config. In a subsequent commit,
this will be configured from mul::Config instead of from
ecc::chip::Config.

This commit does not result in circuit changes.
 2021-12-04 04:44:41 +00:00
therealyingtong 931d61a863 mul::complete: Refactor complete::Config. 
This is only used in chip::mul::Config. In a subsequent commit,
this will be configured from mul::Config instead of from
ecc::chip::Config.

This commit does not result in circuit changes.
 2021-12-04 04:41:52 +00:00
therealyingtong 22f57005a9 mul::incomplete: Refactor incomplete::Config. 
This is only used in chip::mul::Config. In a subsequent commit,
this will be configured from mul::Config instead of from
ecc::chip::Config.

This commit does not result in circuit changes.
 2021-12-04 04:39:41 +00:00
Jack Grigg 0ede6b2301 mul::Config: Reorder gate definitions 
We are about to extract the sub-configs from mul::Config and refactor
them. Doing so would have moved their gate definitions past the one gate
that isn't created in a sub-config. Reordering the definitions here will
make the subsequent refactor diffs simpler to review.
 2021-12-04 04:38:08 +00:00
therealyingtong 2ec480ef6b utilities::lookup_range_check: Derive Copy for LookupRangeCheckConfig. 2021-12-02 14:55:37 -05:00
therealyingtong 4fe6fb8bf2 chip::add: Refactor add::Config. 
This is also used in mul and mul_fixed.
 2021-12-02 14:55:36 -05:00
therealyingtong 13faedc7cc chip::add_incomplete: Refactor add_incomplete::Config. 
This is also used in mul_fixed.
 2021-12-02 14:54:13 -05:00
therealyingtong 9d8fee29c7 chip::witness_point: Refactor witness_point::Config. 2021-12-02 14:51:33 -05:00
therealyingtong 76c8bb9711 utilities::cond_swap: Use ternary helper in cond_swap. 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-11-30 20:36:13 -05:00
therealyingtong 1a7a1255c8 mul::complete.rs: Use ternary helper in complete addition part of variable-base scalar mul. 2021-11-30 13:02:25 -05:00
therealyingtong 9513efd6f3 ecc::chip::mul.rs: Use ternary helper in variable-base scalar mul. 2021-11-30 12:52:15 -05:00
therealyingtong ba75da27bb gadget::utilities: Introduce ternary expression helper. 2021-11-30 10:39:01 -05:00
therealyingtong 409bbf36a0 mul::complete: Replace k_minus_one with one_minus_k. 2021-11-29 21:45:49 -05:00
therealyingtong 303bdc3f65 Replace local bool_check expressions with utilities::bool_check(). 2021-11-29 21:45:48 -05:00
therealyingtong 4fb434f88d gadget::utilities: Use range_check in bool_check. 2021-11-29 20:50:31 -05:00
therealyingtong 36f1d18705 gadget::utilities: Use N - x in range_check. 2021-11-29 20:50:31 -05:00
Jack Grigg 99d03e0d25 Migrate to latest halo2 revision 2021-11-26 16:24:26 +00:00
therealyingtong 9bb29018ac poseidon::pow5: Undo circuit change. 
Co-authored-by: str4d <jack@electriccoin.co>
 2021-11-23 15:38:55 -05:00
ying tong 79123629da
Docfixes and minor refactors. 
Co-authored-by: str4d <jack@electriccoin.co>
 2021-11-23 15:29:56 -05:00
therealyingtong fe1bc97ab4 Generalise Pow5T3 chip to be generic over WIDTH, RATE. 2021-11-19 00:50:04 -05:00
therealyingtong 0417e233c3 poseidon: Return CellValue from squeeze() 2021-11-19 00:04:27 -05:00
therealyingtong de37248749 Allow passing CellValue as input word to Poseidon gadget. 
Update circuit description.
 2021-11-18 23:47:57 -05:00
therealyingtong 2c97e56da7 Add hash() and permute() test vectors for Poseidon over Fq. 2021-10-12 11:58:27 +02:00
therealyingtong 764c445a81 Rename poseidon::nullifier -> poseidon::p128pow5t3. 2021-10-12 11:58:27 +02:00
Jack Grigg 631182fb77 Update selector columns in expected-failure tests 
The addition of the non-identity selector caused the layouter to reorder
some of the selectors in the ECC gadget test circuit.
 2021-09-28 21:49:06 +01:00
Daira Hopwood d77cb82c8d
Apply suggestions from code review 
Co-authored-by: str4d <jack@electriccoin.co>
 2021-09-28 21:09:39 +01:00
Jack Grigg d0056d9050 Test that we can't witness the identity as a NonIdentityPoint 2021-09-28 21:00:29 +01:00
str4d aec3b1d52d Remove unnecessary clones in closure 2021-09-28 20:31:32 +01:00
therealyingtong 52f53f3425 Remove IsIdentity trait from public EccInstructions. 
We only need is_identity() in tests and can implement it on the
concrete EccPoint type. This method is flagged off by #[cfg(test)].

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 20:31:32 +01:00
therealyingtong b0de6afd7c Reintroduce Point::new() API and constraints. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 20:31:32 +01:00
Jack Grigg 751277cdb2 Remove `EccInstructions::NonIdentityPoint: TryFrom<Self::Point>` bound 
After the previous commit, this is no longer used anywhere. Additionally
it was not enforcing the conversion in the circuit, which could lead to
circuit implementation mistakes.
 2021-09-28 13:13:25 -06:00
Jack Grigg 97c27e3d5a Use complete addition in SinsemillaCommit 
This is necessary because the blinding factor r can be zero with greater
than negligible probability in an adversarial case, which with incomplete
addition would cause the circuit to compute a commitment that is not on
the curve.
 2021-09-28 13:13:25 -06:00
therealyingtong 8c8a12a8df Minor fixes. 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-09-28 13:13:25 -06:00
therealyingtong fa560d3aee Replace is_identity() instruction with IsIdentity trait. 2021-09-28 13:13:25 -06:00
therealyingtong 4a13ab4f6b Docfixes. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
Daira Hopwood 6b6b515232 `hash_to_point` should return `Result<(Self::NonIdentityPoint, Vec<Self::RunningSum>), Error>` 
because any exceptional case is treated as an error, and therefore the identity cannot be returned.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
therealyingtong 8ad3003e27 Remove Point::new() API and introduce is_identity() instruction. 
Also remove the q_point selector and gate from the circuit.
 2021-09-28 13:13:25 -06:00
therealyingtong ec27989b9b Clippy and formatting fixes. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
therealyingtong cdcfcbc0c2 gadget::sinsemilla: Propagate changes to the Sinsemilla gadget. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
therealyingtong 258fe5796b ecc::chip: Propagate changes to sub-chips. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
therealyingtong df26a6c674 chip::witness_point.rs: Constraints for non-identity point. 
The point_non_id() method returns an error if the given point is
the identity.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
therealyingtong 88eb762cf2 ecc::chip.rs: Introduce NonIdentityEccPoint struct. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
therealyingtong f5ed26790a gadget::ecc: Introduce NonIdentityPoint associated type and gadget. 
The add_incomplete() and mul() APIs have been removed from the
Point gadget, since we cannot perform incomplete addition or
variable-base scalar multiplication on the identity.

Co-authored-by: Daira Hopwood <daira@jacaranda.org>
 2021-09-28 13:13:25 -06:00
therealyingtong 58de805a13 sinsemilla::merkle.rs: Use tree::MerklePath::root in tests. 2021-09-16 15:36:24 +02:00
str4d 3dd2a1872a
Merge pull request #169 from zcash/circuit-constraint-refinements 
Circuit constraint refinements to reduce proof size
 2021-09-14 02:05:41 +01:00