diff --git a/Cargo.lock b/Cargo.lock index 3bc3137ce..670966e5e 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -57,16 +57,20 @@ name = "bellman" version = "0.1.0" dependencies = [ "bit-vec 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", + "blake2s_simd 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)", "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "crossbeam 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "ff 0.4.0", "futures 0.1.28 (registry+https://github.com/rust-lang/crates.io-index)", "futures-cpupool 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)", "group 0.1.0", + "hex-literal 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)", "num_cpus 1.10.1 (registry+https://github.com/rust-lang/crates.io-index)", "pairing 0.14.2", "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", "rand_core 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand_xorshift 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", + "sha2 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] diff --git a/bellman/Cargo.toml b/bellman/Cargo.toml index b15671e97..70521e7fb 100644 --- a/bellman/Cargo.toml +++ b/bellman/Cargo.toml @@ -10,6 +10,7 @@ version = "0.1.0" [dependencies] bit-vec = "0.4.4" +blake2s_simd = "0.5" ff = { path = "../ff" } futures = "0.1" futures-cpupool = { version = "0.1", optional = true } @@ -21,7 +22,10 @@ rand_core = "0.5" byteorder = "1" [dev-dependencies] +hex-literal = "0.1" rand = "0.7" +rand_xorshift = "0.2" +sha2 = "0.8" [features] groth16 = ["pairing"] diff --git a/sapling-crypto/src/circuit/mod.rs b/bellman/src/gadgets.rs similarity index 97% rename from sapling-crypto/src/circuit/mod.rs rename to bellman/src/gadgets.rs index 016f33e22..6c4b09cff 100644 --- a/sapling-crypto/src/circuit/mod.rs +++ b/bellman/src/gadgets.rs @@ -9,7 +9,7 @@ pub mod lookup; pub mod multipack; pub mod sha256; -use bellman::{ +use crate::{ SynthesisError }; diff --git a/sapling-crypto/src/circuit/blake2s.rs b/bellman/src/gadgets/blake2s.rs similarity index 99% rename from sapling-crypto/src/circuit/blake2s.rs rename to bellman/src/gadgets/blake2s.rs index 8627dc06a..cef50ebb1 100644 --- a/sapling-crypto/src/circuit/blake2s.rs +++ b/bellman/src/gadgets/blake2s.rs @@ -2,7 +2,7 @@ use pairing::{ Engine, }; -use bellman::{ +use crate::{ SynthesisError, ConstraintSystem }; @@ -325,10 +325,10 @@ mod test { use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; - use ::circuit::boolean::{Boolean, AllocatedBit}; - use ::circuit::test::TestConstraintSystem; + use crate::gadgets::boolean::{Boolean, AllocatedBit}; + use crate::gadgets::test::TestConstraintSystem; use super::blake2s; - use bellman::{ConstraintSystem}; + use crate::{ConstraintSystem}; #[test] fn test_blank_hash() { diff --git a/sapling-crypto/src/circuit/boolean.rs b/bellman/src/gadgets/boolean.rs similarity index 99% rename from sapling-crypto/src/circuit/boolean.rs rename to bellman/src/gadgets/boolean.rs index 2fe6ef182..f6c11b69e 100644 --- a/sapling-crypto/src/circuit/boolean.rs +++ b/bellman/src/gadgets/boolean.rs @@ -1,7 +1,7 @@ use ff::{BitIterator, Field, PrimeField}; use pairing::Engine; -use bellman::{ +use crate::{ ConstraintSystem, SynthesisError, LinearCombination, @@ -801,10 +801,10 @@ impl From for Boolean { #[cfg(test)] mod test { - use bellman::{ConstraintSystem}; + use crate::{ConstraintSystem}; use ff::{Field, PrimeField}; use pairing::bls12_381::{Bls12, Fr}; - use ::circuit::test::*; + use crate::gadgets::test::*; use super::{ AllocatedBit, Boolean, diff --git a/sapling-crypto/src/circuit/lookup.rs b/bellman/src/gadgets/lookup.rs similarity index 98% rename from sapling-crypto/src/circuit/lookup.rs rename to bellman/src/gadgets/lookup.rs index d57f17ce8..86ab10fff 100644 --- a/sapling-crypto/src/circuit/lookup.rs +++ b/bellman/src/gadgets/lookup.rs @@ -7,7 +7,7 @@ use super::num::{ Num }; use super::boolean::Boolean; -use bellman::{ +use crate::{ ConstraintSystem }; @@ -197,8 +197,8 @@ pub fn lookup3_xy_with_conditional_negation( #[cfg(test)] mod test { use super::*; - use ::circuit::test::*; - use ::circuit::boolean::{Boolean, AllocatedBit}; + use crate::gadgets::test::*; + use crate::gadgets::boolean::{Boolean, AllocatedBit}; use pairing::bls12_381::{Bls12, Fr}; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; diff --git a/sapling-crypto/src/circuit/multieq.rs b/bellman/src/gadgets/multieq.rs similarity index 99% rename from sapling-crypto/src/circuit/multieq.rs rename to bellman/src/gadgets/multieq.rs index 4cfc3b84a..b1dfd7c01 100644 --- a/sapling-crypto/src/circuit/multieq.rs +++ b/bellman/src/gadgets/multieq.rs @@ -1,7 +1,7 @@ use ff::{Field, PrimeField}; use pairing::Engine; -use bellman::{ +use crate::{ SynthesisError, ConstraintSystem, LinearCombination, diff --git a/sapling-crypto/src/circuit/multipack.rs b/bellman/src/gadgets/multipack.rs similarity index 96% rename from sapling-crypto/src/circuit/multipack.rs rename to bellman/src/gadgets/multipack.rs index fdecd345c..b9b587778 100644 --- a/sapling-crypto/src/circuit/multipack.rs +++ b/bellman/src/gadgets/multipack.rs @@ -1,6 +1,6 @@ use ff::{Field, PrimeField}; use pairing::Engine; -use bellman::{ConstraintSystem, SynthesisError}; +use crate::{ConstraintSystem, SynthesisError}; use super::boolean::{Boolean}; use super::num::Num; use super::Assignment; @@ -80,12 +80,12 @@ pub fn compute_multipacking( #[test] fn test_multipacking() { - use bellman::{ConstraintSystem}; + use crate::{ConstraintSystem}; use pairing::bls12_381::{Bls12}; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; - use ::circuit::test::*; + use crate::gadgets::test::*; use super::boolean::{AllocatedBit, Boolean}; let mut rng = XorShiftRng::from_seed([ diff --git a/sapling-crypto/src/circuit/num.rs b/bellman/src/gadgets/num.rs similarity index 99% rename from sapling-crypto/src/circuit/num.rs rename to bellman/src/gadgets/num.rs index 1cdfe225e..077301f87 100644 --- a/sapling-crypto/src/circuit/num.rs +++ b/bellman/src/gadgets/num.rs @@ -1,7 +1,7 @@ use ff::{BitIterator, Field, PrimeField, PrimeFieldRepr}; use pairing::Engine; -use bellman::{ +use crate::{ SynthesisError, ConstraintSystem, LinearCombination, @@ -455,13 +455,13 @@ impl Num { #[cfg(test)] mod test { - use bellman::{ConstraintSystem}; + use crate::{ConstraintSystem}; use ff::{BitIterator, Field, PrimeField}; use pairing::bls12_381::{Bls12, Fr}; use rand_core::SeedableRng; use rand_xorshift::XorShiftRng; - use ::circuit::test::*; + use crate::gadgets::test::*; use super::{AllocatedNum, Boolean}; #[test] diff --git a/sapling-crypto/src/circuit/sha256.rs b/bellman/src/gadgets/sha256.rs similarity index 98% rename from sapling-crypto/src/circuit/sha256.rs rename to bellman/src/gadgets/sha256.rs index 3b32282e9..2e4669e75 100644 --- a/sapling-crypto/src/circuit/sha256.rs +++ b/bellman/src/gadgets/sha256.rs @@ -1,7 +1,7 @@ use super::uint32::UInt32; use super::multieq::MultiEq; use super::boolean::Boolean; -use bellman::{ConstraintSystem, SynthesisError}; +use crate::{ConstraintSystem, SynthesisError}; use pairing::Engine; const ROUND_CONSTANTS: [u32; 64] = [ @@ -305,9 +305,9 @@ fn sha256_compression_function( #[cfg(test)] mod test { use super::*; - use circuit::boolean::AllocatedBit; + use crate::gadgets::boolean::AllocatedBit; use pairing::bls12_381::Bls12; - use circuit::test::TestConstraintSystem; + use crate::gadgets::test::TestConstraintSystem; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; diff --git a/sapling-crypto/src/circuit/test/mod.rs b/bellman/src/gadgets/test/mod.rs similarity index 99% rename from sapling-crypto/src/circuit/test/mod.rs rename to bellman/src/gadgets/test/mod.rs index 79d128a53..dc6adbfdc 100644 --- a/sapling-crypto/src/circuit/test/mod.rs +++ b/bellman/src/gadgets/test/mod.rs @@ -1,7 +1,7 @@ use ff::{Field, PrimeField, PrimeFieldRepr}; use pairing::Engine; -use bellman::{ +use crate::{ LinearCombination, SynthesisError, ConstraintSystem, diff --git a/sapling-crypto/src/circuit/uint32.rs b/bellman/src/gadgets/uint32.rs similarity index 99% rename from sapling-crypto/src/circuit/uint32.rs rename to bellman/src/gadgets/uint32.rs index 939b544bd..90f8d7e45 100644 --- a/sapling-crypto/src/circuit/uint32.rs +++ b/bellman/src/gadgets/uint32.rs @@ -1,7 +1,7 @@ use ff::{Field, PrimeField}; use pairing::Engine; -use bellman::{ +use crate::{ SynthesisError, ConstraintSystem, LinearCombination @@ -409,13 +409,13 @@ impl UInt32 { #[cfg(test)] mod test { - use ::circuit::boolean::{Boolean}; + use crate::gadgets::boolean::{Boolean}; use super::{UInt32}; use ff::Field; use pairing::bls12_381::{Bls12}; - use ::circuit::test::*; - use bellman::{ConstraintSystem}; - use circuit::multieq::MultiEq; + use crate::gadgets::test::*; + use crate::{ConstraintSystem}; + use crate::gadgets::multieq::MultiEq; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; diff --git a/bellman/src/lib.rs b/bellman/src/lib.rs index bf9a4e14e..ee6bb8861 100644 --- a/bellman/src/lib.rs +++ b/bellman/src/lib.rs @@ -6,6 +6,7 @@ extern crate rand_core; extern crate futures; extern crate bit_vec; +extern crate blake2s_simd; extern crate byteorder; #[cfg(feature = "multicore")] @@ -15,9 +16,20 @@ extern crate futures_cpupool; #[cfg(feature = "multicore")] extern crate num_cpus; +#[cfg(test)] +#[macro_use] +extern crate hex_literal; + #[cfg(test)] extern crate rand; +#[cfg(test)] +extern crate rand_xorshift; + +#[cfg(test)] +extern crate sha2; + +pub mod gadgets; pub mod multicore; mod multiexp; pub mod domain; diff --git a/librustzcash/src/rustzcash.rs b/librustzcash/src/rustzcash.rs index 92f8d0416..a05d8efe8 100644 --- a/librustzcash/src/rustzcash.rs +++ b/librustzcash/src/rustzcash.rs @@ -17,7 +17,6 @@ use ff::{PrimeField, PrimeFieldRepr}; use pairing::bls12_381::{Bls12, Fr, FrRepr}; use sapling_crypto::{ - circuit::multipack, constants::CRH_IVK_PERSONALIZATION, jubjub::{ edwards, @@ -29,6 +28,7 @@ use sapling_crypto::{ use zcash_proofs::circuit::sapling::TREE_DEPTH as SAPLING_TREE_DEPTH; use zcash_proofs::circuit::sprout::{self, TREE_DEPTH as SPROUT_TREE_DEPTH}; +use bellman::gadgets::multipack; use bellman::groth16::{ create_random_proof, verify_proof, Parameters, PreparedVerifyingKey, Proof, }; diff --git a/sapling-crypto/src/lib.rs b/sapling-crypto/src/lib.rs index 36626292b..4e944e098 100644 --- a/sapling-crypto/src/lib.rs +++ b/sapling-crypto/src/lib.rs @@ -19,7 +19,6 @@ extern crate sha2; pub mod jubjub; pub mod group_hash; -pub mod circuit; pub mod pedersen_hash; pub mod primitives; pub mod constants; diff --git a/zcash_proofs/src/circuit/ecc.rs b/zcash_proofs/src/circuit/ecc.rs index e6cba96ff..cb11eb6c9 100644 --- a/zcash_proofs/src/circuit/ecc.rs +++ b/zcash_proofs/src/circuit/ecc.rs @@ -6,11 +6,11 @@ use bellman::{ ConstraintSystem }; -use sapling_crypto::circuit::{ +use bellman::gadgets::{ Assignment }; -use sapling_crypto::circuit::num::{ +use bellman::gadgets::num::{ AllocatedNum, Num }; @@ -22,11 +22,11 @@ use sapling_crypto::jubjub::{ FixedGenerators }; -use sapling_crypto::circuit::lookup::{ +use bellman::gadgets::lookup::{ lookup3_xy }; -use sapling_crypto::circuit::boolean::Boolean; +use bellman::gadgets::boolean::Boolean; #[derive(Clone)] pub struct EdwardsPoint { @@ -753,7 +753,7 @@ mod test { use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; - use sapling_crypto::circuit::test::*; + use bellman::gadgets::test::*; use sapling_crypto::jubjub::{ montgomery, edwards, @@ -769,7 +769,7 @@ mod test { AllocatedNum, fixed_base_multiplication }; - use sapling_crypto::circuit::boolean::{ + use bellman::gadgets::boolean::{ Boolean, AllocatedBit }; diff --git a/zcash_proofs/src/circuit/pedersen_hash.rs b/zcash_proofs/src/circuit/pedersen_hash.rs index bbaf99965..30a948f44 100644 --- a/zcash_proofs/src/circuit/pedersen_hash.rs +++ b/zcash_proofs/src/circuit/pedersen_hash.rs @@ -2,12 +2,12 @@ use super::ecc::{ MontgomeryPoint, EdwardsPoint }; -use sapling_crypto::circuit::boolean::Boolean; +use bellman::gadgets::boolean::Boolean; use sapling_crypto::jubjub::*; use bellman::{ ConstraintSystem, SynthesisError }; -use sapling_crypto::circuit::lookup::*; +use bellman::gadgets::lookup::*; pub use sapling_crypto::pedersen_hash::Personalization; fn get_constant_bools(person: &Personalization) -> Vec { @@ -110,8 +110,8 @@ pub fn pedersen_hash( #[cfg(test)] mod test { use super::*; - use sapling_crypto::circuit::test::*; - use sapling_crypto::circuit::boolean::{Boolean, AllocatedBit}; + use bellman::gadgets::test::*; + use bellman::gadgets::boolean::{Boolean, AllocatedBit}; use sapling_crypto::pedersen_hash; use ff::PrimeField; use pairing::bls12_381::{Bls12, Fr}; diff --git a/zcash_proofs/src/circuit/sapling.rs b/zcash_proofs/src/circuit/sapling.rs index 1fc6e6ce6..e38124091 100644 --- a/zcash_proofs/src/circuit/sapling.rs +++ b/zcash_proofs/src/circuit/sapling.rs @@ -19,13 +19,13 @@ use sapling_crypto::primitives::{ PaymentAddress }; -use sapling_crypto::circuit::Assignment; -use sapling_crypto::circuit::boolean; +use bellman::gadgets::Assignment; +use bellman::gadgets::boolean; use super::ecc; use super::pedersen_hash; -use sapling_crypto::circuit::blake2s; -use sapling_crypto::circuit::num; -use sapling_crypto::circuit::multipack; +use bellman::gadgets::blake2s; +use bellman::gadgets::num; +use bellman::gadgets::multipack; pub const TREE_DEPTH: usize = zcash_primitives::sapling::SAPLING_COMMITMENT_TREE_DEPTH; @@ -598,12 +598,12 @@ impl<'a, E: JubjubEngine> Circuit for Output<'a, E> { #[test] fn test_input_circuit_with_bls12_381() { + use bellman::gadgets::test::*; use ff::{BitIterator, Field}; use pairing::bls12_381::*; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; use sapling_crypto::{ - circuit::test::*, jubjub::{JubjubBls12, fs, edwards}, pedersen_hash, primitives::{Diversifier, Note, ProofGenerationKey}, @@ -742,12 +742,12 @@ fn test_input_circuit_with_bls12_381() { #[test] fn test_output_circuit_with_bls12_381() { + use bellman::gadgets::test::*; use ff::Field; use pairing::bls12_381::*; use rand_core::{RngCore, SeedableRng}; use rand_xorshift::XorShiftRng; use sapling_crypto::{ - circuit::test::*, jubjub::{JubjubBls12, fs, edwards}, primitives::{Diversifier, ProofGenerationKey}, }; diff --git a/zcash_proofs/src/circuit/sprout/commitment.rs b/zcash_proofs/src/circuit/sprout/commitment.rs index 4d9f00b6f..ba889a383 100644 --- a/zcash_proofs/src/circuit/sprout/commitment.rs +++ b/zcash_proofs/src/circuit/sprout/commitment.rs @@ -1,9 +1,9 @@ use pairing::{Engine}; use bellman::{ConstraintSystem, SynthesisError}; -use sapling_crypto::circuit::sha256::{ +use bellman::gadgets::sha256::{ sha256 }; -use sapling_crypto::circuit::boolean::{ +use bellman::gadgets::boolean::{ Boolean }; diff --git a/zcash_proofs/src/circuit/sprout/input.rs b/zcash_proofs/src/circuit/sprout/input.rs index e12723a1d..a84e3a634 100644 --- a/zcash_proofs/src/circuit/sprout/input.rs +++ b/zcash_proofs/src/circuit/sprout/input.rs @@ -1,9 +1,9 @@ use pairing::{Engine}; use bellman::{ConstraintSystem, SynthesisError}; -use sapling_crypto::circuit::sha256::{ +use bellman::gadgets::sha256::{ sha256_block_no_padding }; -use sapling_crypto::circuit::boolean::{ +use bellman::gadgets::boolean::{ AllocatedBit, Boolean }; diff --git a/zcash_proofs/src/circuit/sprout/mod.rs b/zcash_proofs/src/circuit/sprout/mod.rs index db2ea0df4..c28b8d7eb 100644 --- a/zcash_proofs/src/circuit/sprout/mod.rs +++ b/zcash_proofs/src/circuit/sprout/mod.rs @@ -1,11 +1,11 @@ use ff::Field; use pairing::Engine; use bellman::{ConstraintSystem, SynthesisError, Circuit, LinearCombination}; -use sapling_crypto::circuit::boolean::{ +use bellman::gadgets::boolean::{ AllocatedBit, Boolean }; -use sapling_crypto::circuit::multipack::pack_into_inputs; +use bellman::gadgets::multipack::pack_into_inputs; mod prfs; mod commitment; @@ -355,7 +355,7 @@ fn witness_u252( #[test] fn test_sprout_constraints() { use pairing::bls12_381::{Bls12}; - use sapling_crypto::circuit::test::*; + use bellman::gadgets::test::*; use byteorder::{WriteBytesExt, ReadBytesExt, LittleEndian}; @@ -479,7 +479,7 @@ fn test_sprout_constraints() { expected_inputs.write_u64::(vpub_old.unwrap()).unwrap(); expected_inputs.write_u64::(vpub_new.unwrap()).unwrap(); - use sapling_crypto::circuit::multipack; + use bellman::gadgets::multipack; let expected_inputs = multipack::bytes_to_bits(&expected_inputs); let expected_inputs = multipack::compute_multipacking::(&expected_inputs); diff --git a/zcash_proofs/src/circuit/sprout/output.rs b/zcash_proofs/src/circuit/sprout/output.rs index 65bcd4905..f2e504aa2 100644 --- a/zcash_proofs/src/circuit/sprout/output.rs +++ b/zcash_proofs/src/circuit/sprout/output.rs @@ -1,6 +1,6 @@ use pairing::{Engine}; use bellman::{ConstraintSystem, SynthesisError}; -use sapling_crypto::circuit::boolean::{Boolean}; +use bellman::gadgets::boolean::{Boolean}; use super::*; use super::prfs::*; diff --git a/zcash_proofs/src/circuit/sprout/prfs.rs b/zcash_proofs/src/circuit/sprout/prfs.rs index 53f65a060..0b3e42ce3 100644 --- a/zcash_proofs/src/circuit/sprout/prfs.rs +++ b/zcash_proofs/src/circuit/sprout/prfs.rs @@ -1,9 +1,9 @@ use pairing::{Engine}; use bellman::{ConstraintSystem, SynthesisError}; -use sapling_crypto::circuit::sha256::{ +use bellman::gadgets::sha256::{ sha256_block_no_padding }; -use sapling_crypto::circuit::boolean::{ +use bellman::gadgets::boolean::{ Boolean }; diff --git a/zcash_proofs/src/sapling/prover.rs b/zcash_proofs/src/sapling/prover.rs index 78958ad93..7ca8bcede 100644 --- a/zcash_proofs/src/sapling/prover.rs +++ b/zcash_proofs/src/sapling/prover.rs @@ -1,11 +1,13 @@ -use bellman::groth16::{ - create_random_proof, verify_proof, Parameters, PreparedVerifyingKey, Proof, +use bellman::{ + gadgets::multipack, + groth16::{ + create_random_proof, verify_proof, Parameters, PreparedVerifyingKey, Proof, + }, }; use ff::Field; use pairing::bls12_381::{Bls12, Fr}; use rand_os::OsRng; use sapling_crypto::{ - circuit::multipack, jubjub::{edwards, fs::Fs, FixedGenerators, JubjubBls12, Unknown}, primitives::{Diversifier, Note, PaymentAddress, ProofGenerationKey, ValueCommitment}, }; diff --git a/zcash_proofs/src/sapling/verifier.rs b/zcash_proofs/src/sapling/verifier.rs index ac4f3f784..01cba0c53 100644 --- a/zcash_proofs/src/sapling/verifier.rs +++ b/zcash_proofs/src/sapling/verifier.rs @@ -1,10 +1,10 @@ -use bellman::groth16::{verify_proof, PreparedVerifyingKey, Proof}; +use bellman::{ + gadgets::multipack, + groth16::{verify_proof, PreparedVerifyingKey, Proof}, +}; use ff::Field; use pairing::bls12_381::{Bls12, Fr}; -use sapling_crypto::{ - circuit::multipack, - jubjub::{edwards, FixedGenerators, JubjubBls12, Unknown}, -}; +use sapling_crypto::jubjub::{edwards, FixedGenerators, JubjubBls12, Unknown}; use zcash_primitives::{ redjubjub::{PublicKey, Signature}, transaction::components::Amount,