zec
/
halo2
mirror of https://github.com/zcash/halo2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
553 Commits 40 Branches 6 Tags 58 MiB
Commit Graph

553 Commits

Author SHA1 Message Date
Kris Nuttycombe 78adc9c810 Anchor computation is partial. 2021-06-24 09:43:10 -06:00
str4d af335ff7de
Merge pull request #130 from nuttycom/use_value_commitment_constants 
Use constants for value commitment hash-to-curve.
 2021-06-24 01:21:25 +01:00
Kris Nuttycombe f22907a4d7 Use constants for value commitment hash-to-curve. 
Fixes #76
 2021-06-23 18:04:17 -06:00
Kris Nuttycombe 52394b8e8d Add test for incremental Merkle tree root calculation. 
Fix indexing in perfect subtree computation test for auth paths.
 2021-06-23 15:57:33 -06:00
Kris Nuttycombe 1b42ae707b Make proptest bundle size configurable. 2021-06-23 15:57:33 -06:00
Kris Nuttycombe c876f74ab1 Fix level/layer confusion. 2021-06-23 15:57:33 -06:00
Kris Nuttycombe 4888f0d16c Rename Level -> Altitude 2021-06-23 15:57:33 -06:00
Kris Nuttycombe e3abbf9a42 Add serde support for OrchardIncrementalTreeDigest 2021-06-23 15:57:33 -06:00
Kris Nuttycombe 7e79fd4b1c Add necessary trait impls for OrchardIncrementalTreeDigest 
Required to make the wrapper type usable for digests in
a serializable incremental merkle tree.
 2021-06-23 15:57:33 -06:00
Kris Nuttycombe ce4697aca5 Add construction of OrchardIncrementalTreeDigest 2021-06-22 18:14:27 -06:00
Kris Nuttycombe 4bb252eb0c Add Orchard incremental merkle tree digests. 2021-06-22 18:14:27 -06:00
str4d 71756cffda
Merge pull request #128 from zcash/bundle-dynamic-usage 
Add `Bundle<Authorized, _>::dynamic_usage` method
 2021-06-22 17:46:15 +01:00
str4d 66340e2655
Merge pull request #67 from zcash/sinsemilla-chip-config 
Sinsemilla chip with HashDomain
 2021-06-22 16:20:35 +01:00
Jack Grigg 06f7d7fbe0 Add `Bundle<Authorized, _>::dynamic_usage` method 
This will be used by `zcashd` as part of tracking the memory usage of
transactions.
 2021-06-22 16:06:49 +01:00
str4d a64a1cb951
Merge pull request #127 from daira/clippy-nightly-clean 
Make this crate clippy clean for warnings on nightly
 2021-06-21 18:48:38 +01:00
Daira Hopwood 81fb944997 Make this crate clippy clean for warnings on nightly. 
One .clone() removal; all of the other changes are removing needless borrows that are immediately
dereferenced: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-21 18:04:00 +01:00
Daira Hopwood 8af84479b3 Rename "Sinsemilla gate" constraint to "y check". 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-21 17:04:47 +01:00
str4d 93a7f1db22
Merge pull request #126 from zcash/proof-verification 
Add `Bundle<Authorized, _>::verify_proof` API
 2021-06-21 15:39:09 +01:00
Jack Grigg 62642fd804 Add `Bundle<Authorized, _>::verify_proof` API 2021-06-21 13:38:43 +01:00
therealyingtong bd08808566 SinsemillaChip::configure(): Merge "Initial y_q" gate with main gate 
This allows the MockProver to see the fixed_y_q query as semantically
connected to q_sinsemilla1.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-20 20:56:56 +08:00
Jack Grigg a01c2ee829 test: Print layout for Sinsemilla test circuit 2021-06-20 11:51:33 +01:00
str4d 5f5238f411
Doc comment fixes 2021-06-20 11:30:43 +01:00
therealyingtong 002596f6cd Docfixes and cleanups. 
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-20 12:11:01 +08:00
therealyingtong 744f3d1653 SinsemillaChip::configure(): Combine and label gates. 
The gates "Secant line" and "Sinsemilla gate" were using the same
selectors and could be combined.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-20 11:26:59 +08:00
therealyingtong eccd72fcd0 hash_piece(): Remove (correct) duplicate assignment of x_a. 
hash_piece() is an internal API, which means its caller hash_message()
is working in the same region. We rely on the caller to have already
assigned each piece's initial x_a at the correct offset before making
the call to hash_piece().

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-20 11:14:02 +08:00
therealyingtong 9ce29d9d4d hash_to_point(): Introduce final_piece boolean flag 
This toggles the assignment of q_s2 on the last row of each piece.
We assign q_s2 = 2 on the last row of the final piece, and q_s2 = 0
on the last row of other pieces.

This allows us to process the final_piece in the main loop together
with the other pieces.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-20 11:00:14 +08:00
therealyingtong 031bb0bc87 SinsemillaChip::configure(): Introduce closures for Y_A and x_r 
These expressions are derived multiple times in the gates.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-20 10:43:24 +08:00
therealyingtong 9072ed437d generator_table.rs: Fix bug in y_p lookup expression. 
Also, GeneratorTable::configure() was not being called in the main
SinsemillaChip::configure(), which meant the lookup argument had
not been activated. This has now been fixed.

Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-20 10:34:03 +08:00
Daira Hopwood 3543bab39d
Merge pull request #82 from zcash/book-sinsemilla-gadget 
[book] Add Sinsemilla gadget description
 2021-06-20 01:07:58 +01:00
therealyingtong 2f6ca9e6de generator_table.rs: Enforce z_n = 0 for the last message piece. 2021-06-19 22:39:19 +08:00
Daira Hopwood 9adeead975 [book] Make the order of advice columns for Sinsemilla the same as in the code. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-19 15:35:34 +01:00
Daira Hopwood 9dc909e842 [book] Formatting. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-19 13:37:07 +01:00
Daira Hopwood 2a8fe30fa8 [book] Clarify that x_Q, z_0, z'_0, etc. are copied in using equality constraints. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-19 13:32:11 +01:00
therealyingtong 158ab865f8 gadget::sinsemilla.rs: Add Sinsemilla test. 2021-06-19 18:17:11 +08:00
therealyingtong eba2172f4f chip::hash_to_point.rs: Implement hash_to_point instruction. 2021-06-19 18:17:10 +08:00
therealyingtong f122e481a7 sinsemilla::chip.rs: Configure Sinsemilla gates. 2021-06-19 18:17:09 +08:00
therealyingtong 7cddc9b587 sinsemilla::chip.rs: Implement witness_message_* APIs. 
witness_message() witnesses a full message given a bitstring.

The other two APIs, witness_message_piece_bitstring() and
witness_message_piece_field(), both witness a message piece, i.e.
part of a message that fits within a single base field element.

witness_message_piece_bitstring() takes in a bitstring, while
witness_message_piece_field() takes in a field element. In the
latter case, the number of words encoded must be specified.
 2021-06-19 18:14:22 +08:00
therealyingtong 74e617b46d chip::generator_table.rs: Load Sinsemilla generator lookup table. 
The 2^K table of generators used in the Sinsemilla hash. These
are loaded into a lookup table.
 2021-06-19 18:14:22 +08:00
therealyingtong ebb7dae063 sinsemilla::chip.rs: Add Sinsemilla chip. 
The chip that will implement SinsemillaInstructions.
 2021-06-19 18:14:22 +08:00
therealyingtong e2859df4eb sinsemilla::message.rs: Add message module. 
This defines a Sinsemilla message in terms of pieces and subpieces.
This is useful when decomposing field elements and packing them
into K-bit messages.
 2021-06-19 18:14:22 +08:00
therealyingtong af2ac762f4 gadget::sinsemilla.rs: Add Sinsemilla instructions. 
SinsemillaInstructions has two const generic parameters: K, which
is the number of bits in each word of the hash, and MAX_WORDS,
which is the maximum number of words the hash can process.

For Orchard, K = 10, MAX_WORDS = 253.
 2021-06-19 18:14:22 +08:00
therealyingtong 83eddd8857 ecc::chip.rs: Add Point::from_coordinates_unchecked() API 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-06-19 18:14:22 +08:00
Daira Hopwood 48573705dc [book] Adjust the definition of m_{i+1} so that the last z_n does not need to be constrained to 0. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-19 08:53:41 +01:00
Daira Hopwood 22036e9f41 [book] More formatting. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-18 22:49:46 +01:00
Daira Hopwood aac10b816f [book] Formatting. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-18 22:45:50 +01:00
Daira Hopwood dc021a2ef1 [book] Merge two similar paragraphs. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-18 22:20:09 +01:00
Daira Hopwood 82316b607b [book] Update the Sinsemilla constraints to handle the gap between field elements correctly. 
This also changes i to be zero-based, which is more consistent with the spec.

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-18 22:12:48 +01:00
Daira Hopwood 4cd0082294
Apply suggestions from code review 
Co-authored-by: str4d <jack@electriccoin.co>
 2021-06-18 21:27:55 +01:00
str4d 0b6bd66714
Merge pull request #120 from daira/fix-clippy-lints 
Fix clippy lints
 2021-06-16 20:24:02 +01:00
Daira Hopwood 1c19bea842 Fix clippy lints. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-06-16 19:13:40 +01:00