Jack Grigg
db930f706a
Add an issue template for improving the Halo 2 book
2021-01-29 20:57:50 +00:00
Daira Hopwood
723ea8feac
Clarifications for background, from pairing with Kris.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-29 19:51:48 +00:00
str4d
963a91464a
Merge pull request #120 from daira/sqrt_ratio
...
Add sqrt_ratio implementation.
2021-01-24 07:58:14 +13:00
ebfull
d9ff25048d
Merge pull request #146 from zcash/init-changelog
...
Initialize the changelog
2021-01-23 11:24:28 -07:00
ebfull
e56373fa33
Merge pull request #110 from nuttycom/remove_cs_rotations
...
Remove rotations from ConstraintSystem & use Rotation instead of i32 for circuit methods.
2021-01-23 11:22:13 -07:00
Jack Grigg
d4a76edee5
Initialize the changelog
2021-01-22 23:54:31 +00:00
str4d
dee884dc12
Merge pull request #142 from daira/concepts-update
...
Make terminology more consistent with the ZKProof reference and Sean's usage
2021-01-22 12:58:20 +13:00
Daira Hopwood
c7a12ee178
Add documentation of perfect hash parameters.
2021-01-17 02:24:09 +00:00
Daira Hopwood
adc3c9c2ea
Fix incorrect variable name in a comment.
...
Co-authored-by: str4d <thestr4d@gmail.com>
2021-01-17 01:52:49 +00:00
Daira Hopwood
847c41d5c8
Make terminology more consistent with the ZKProof reference and Sean's usage.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-16 15:48:43 +00:00
Kris Nuttycombe
94dd9cc421
Fix doctests.
2021-01-14 13:31:48 -07:00
Kris Nuttycombe
74b2aa715f
Require Rotation instead of i32 for relative rows in circuits.
...
Co-authored-by: str4d <thestr4d@gmail.com>
2021-01-14 11:57:32 -07:00
Kris Nuttycombe
483cb1139f
Remove rotations from ConstraintSystem
2021-01-14 11:35:23 -07:00
ebfull
968ac8b0d4
Merge pull request #141 from zcash/more-clippy-lints
...
More clippy lint fixes
2021-01-14 09:11:01 -07:00
Sean Bowe
e4dac4f621
clippy: remove unnecessarily explicit lifetimes and return types
2021-01-14 08:53:19 -07:00
ebfull
daf54ddec9
Merge pull request #140 from zcash/clippy-lints
...
Fix clippy lints
2021-01-14 08:51:00 -07:00
Jack Grigg
d95e4e4724
clippy: Remove unnecessary Result
2021-01-14 08:46:25 -07:00
Jack Grigg
ec8c925587
doc: Fix broken intra-doc link
2021-01-14 08:46:25 -07:00
Jack Grigg
95314d0f69
clippy: Add type definitions for complex types
2021-01-14 08:46:23 -07:00
Jack Grigg
75915f67ed
clippy: Small cleanups
2021-01-14 08:43:25 -07:00
Jack Grigg
6dd7595438
clippy: Remove useless actions
...
- Dropping a reference does nothing.
- Dropping a Copy type drops a copy.
- No need to clone the last usage of a variable.
2021-01-14 08:43:25 -07:00
Jack Grigg
6983bd1bbc
clippy: Use Option::ok_or_else to construct errors from functions
2021-01-14 08:43:25 -07:00
ebfull
6c6b30dde4
Merge pull request #139 from zcash/remove-eval-from-multiopen-prover
...
Remove eval from ProverQuery in multiopen
2021-01-14 08:33:54 -07:00
Daira Hopwood
288a21ef1e
Replace the Tonelli-Shanks sqrt algorithm with the table-based one.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-14 02:34:43 +00:00
Daira Hopwood
c5e48fdd06
Address @ebfull's review comments.
...
Co-authored-by: Sean Bowe <sean@electriccoin.co>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-14 02:34:43 +00:00
Daira Hopwood
af9834d68c
Implement `sqrt_alt`, a more efficient way of doing `sqrt_ratio(num, one())`.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-14 02:34:43 +00:00
Daira Hopwood
806748fbc4
Use addition chains for powering by (T-1)/2.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-14 02:34:43 +00:00
Daira Hopwood
227025b7b3
Avoid exposing implementation details of the square root implementation.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-14 02:34:43 +00:00
Daira Hopwood
e13ee2c8ff
Add sqrt_ratio implementation.
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-14 02:34:43 +00:00
Sean Bowe
ec2d8db8cb
Multiopen prover never needed evals to be specified.
...
The Lagrange interpolation we were doing was pointless. kate_division sheds the constant
term off each time it is invoked because the quotient polynomial isn't affected by it.
This means we were modifying coefficients that end up getting discarded anyway; the
quotient polynomial coefficients are already determined exactly by the leading coefficients
and the fact that a root exists at each of the points.
2021-01-13 17:22:32 -07:00
ebfull
ccca639591
Merge pull request #111 from zcash/transcript-api-2
...
New Transcript API (and modified commitment scheme)
2021-01-13 16:50:47 -07:00
Sean Bowe
1f510016d8
Simplifications to some logic.
...
Co-authored-by: Jack Grigg <jack@electriccoin.co>
2021-01-13 15:51:48 -07:00
Sean Bowe
775151a67d
Change absorb_ to read_ in subprotocols.
2021-01-13 15:47:35 -07:00
Sean Bowe
9a26ef1acd
Refactor the Committed structure.
2021-01-13 15:44:37 -07:00
Sean Bowe
cc6b0bb7f2
Rename blind to \xi for consistency.
2021-01-13 15:24:44 -07:00
Sean Bowe
47d021ceb3
Add reference to issue in TODO comment.
2021-01-13 08:41:14 -07:00
Daira Hopwood
5413049a10
Merge pull request #130 from daira/fix-w-numbering
...
[Book] Fix W numbering in SHA-256 table16 doc.
2021-01-13 12:15:28 +00:00
Daira Hopwood
adf1c2f451
Merge pull request #113 from zcash/avoid-square-challenges
...
Avoid square challenges in inner product argument
2021-01-13 12:14:36 +00:00
Daira Hopwood
0caf66b261
[Book] Fix W numbering in SHA-256 table16 doc.
...
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2021-01-12 21:50:24 +00:00
ebfull
1e4b449934
Merge pull request #125 from zcash/circuit-traits
...
Circuit component traits
2021-01-12 09:23:21 -07:00
Sean Bowe
e1a772d6e1
Remove transcript forking API.
2021-01-12 07:40:31 -07:00
Sean Bowe
f308eb969c
Remove deterministic square root calculation as it's no longer needed.
2021-01-12 07:40:26 -07:00
Sean Bowe
98c1d80c90
Avoid square challenges and forking in inner product argument
...
This modifies the scheme to be almost identical to the construction
outlined in Appenix A.2 of "Proof-Carrying Data from Accumulation
Schemes" (https://eprint.iacr.org/2020/499 ). The only remaining
difference is that we do not compute [v] U but instead subtract
[v] G_0 from the commitment before opening.
2021-01-12 07:40:20 -07:00
str4d
8ed9bb7bf3
Merge pull request #134 from zcash/book-design-sections
...
book: Reorganize design subsections
2021-01-12 10:32:34 +13:00
Jack Grigg
afdb4a8981
book: Add design notes about implementation of proofs
...
Adapted from https://github.com/zcash/halo2/pull/111
2021-01-11 21:21:05 +00:00
Jack Grigg
fb411b12e8
book: Reorganize design subsections
2021-01-11 21:07:45 +00:00
str4d
6d7e9afdb7
Merge pull request #133 from zcash/eli15
...
book: Add background material
2021-01-12 09:50:56 +13:00
Jack Grigg
f8c5c2e28e
book: Add background material
...
Co-authored-by: Sean Bowe <ewillbefull@gmail.com>
Co-authored-by: Daira Hopwood <daira@jacaranda.org>
Co-authored-by: ying tong <yingtong@z.cash>
2021-01-11 20:44:53 +00:00
ying tong
1b4b5a301b
Merge pull request #132 from zcash/book-patch-compression-2
...
[book] SHA-256: add compression digest gate
2021-01-11 23:57:07 +08:00
therealyingtong
d23fcd1ccd
[book] SHA-256: add compression digest gate
2021-01-11 23:56:23 +08:00