mirror of https://github.com/zcash/orchard.git
Circuit: move mux functionality into CondSwap chip (#94)
In halo2 repository, the mux functionality has been moved into the CondSwap chip.
This commit is contained in:
parent
f38d6b9e4c
commit
0ee75f5ea7
|
@ -60,8 +60,8 @@ use halo2_gadgets::{
|
||||||
},
|
},
|
||||||
utilities::{
|
utilities::{
|
||||||
bool_check,
|
bool_check,
|
||||||
|
cond_swap::{CondSwapChip, CondSwapConfig},
|
||||||
lookup_range_check::LookupRangeCheckConfig,
|
lookup_range_check::LookupRangeCheckConfig,
|
||||||
mux::{MuxChip, MuxConfig},
|
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -103,7 +103,7 @@ pub struct Config {
|
||||||
commit_ivk_config: CommitIvkConfig,
|
commit_ivk_config: CommitIvkConfig,
|
||||||
old_note_commit_config: NoteCommitConfig,
|
old_note_commit_config: NoteCommitConfig,
|
||||||
new_note_commit_config: NoteCommitConfig,
|
new_note_commit_config: NoteCommitConfig,
|
||||||
mux_config: MuxConfig,
|
cond_swap_config: CondSwapConfig,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// The Orchard Action circuit.
|
/// The Orchard Action circuit.
|
||||||
|
@ -455,7 +455,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
||||||
let new_note_commit_config =
|
let new_note_commit_config =
|
||||||
NoteCommitChip::configure(meta, advices, sinsemilla_config_2.clone());
|
NoteCommitChip::configure(meta, advices, sinsemilla_config_2.clone());
|
||||||
|
|
||||||
let mux_config = MuxChip::configure(meta, advices[0], advices[1], advices[2], advices[3]);
|
let cond_swap_config = CondSwapChip::configure(meta, advices[0..5].try_into().unwrap());
|
||||||
|
|
||||||
Config {
|
Config {
|
||||||
primary,
|
primary,
|
||||||
|
@ -471,7 +471,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
||||||
commit_ivk_config,
|
commit_ivk_config,
|
||||||
old_note_commit_config,
|
old_note_commit_config,
|
||||||
new_note_commit_config,
|
new_note_commit_config,
|
||||||
mux_config,
|
cond_swap_config,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -668,7 +668,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
||||||
config.poseidon_chip(),
|
config.poseidon_chip(),
|
||||||
config.add_chip(),
|
config.add_chip(),
|
||||||
ecc_chip.clone(),
|
ecc_chip.clone(),
|
||||||
config.mux_chip(),
|
config.cond_swap_chip(),
|
||||||
rho_old.clone(),
|
rho_old.clone(),
|
||||||
&psi_nf,
|
&psi_nf,
|
||||||
&cm_old,
|
&cm_old,
|
||||||
|
@ -764,7 +764,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
||||||
config.sinsemilla_chip_1(),
|
config.sinsemilla_chip_1(),
|
||||||
config.ecc_chip(),
|
config.ecc_chip(),
|
||||||
config.note_commit_chip_old(),
|
config.note_commit_chip_old(),
|
||||||
config.mux_chip(),
|
config.cond_swap_chip(),
|
||||||
g_d_old.inner(),
|
g_d_old.inner(),
|
||||||
pk_d_old.inner(),
|
pk_d_old.inner(),
|
||||||
v_old.clone(),
|
v_old.clone(),
|
||||||
|
@ -825,7 +825,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
||||||
config.sinsemilla_chip_2(),
|
config.sinsemilla_chip_2(),
|
||||||
config.ecc_chip(),
|
config.ecc_chip(),
|
||||||
config.note_commit_chip_new(),
|
config.note_commit_chip_new(),
|
||||||
config.mux_chip(),
|
config.cond_swap_chip(),
|
||||||
g_d_new.inner(),
|
g_d_new.inner(),
|
||||||
pk_d_new.inner(),
|
pk_d_new.inner(),
|
||||||
v_new.clone(),
|
v_new.clone(),
|
||||||
|
|
|
@ -15,7 +15,7 @@ use halo2_gadgets::{
|
||||||
Hash as PoseidonHash, PoseidonSpongeInstructions, Pow5Chip as PoseidonChip,
|
Hash as PoseidonHash, PoseidonSpongeInstructions, Pow5Chip as PoseidonChip,
|
||||||
},
|
},
|
||||||
sinsemilla::{chip::SinsemillaChip, merkle::chip::MerkleChip},
|
sinsemilla::{chip::SinsemillaChip, merkle::chip::MerkleChip},
|
||||||
utilities::mux::{MuxChip, MuxInstructions},
|
utilities::cond_swap::CondSwapChip,
|
||||||
};
|
};
|
||||||
use halo2_proofs::{
|
use halo2_proofs::{
|
||||||
circuit::{AssignedCell, Chip, Layouter, Value},
|
circuit::{AssignedCell, Chip, Layouter, Value},
|
||||||
|
@ -73,8 +73,8 @@ impl super::Config {
|
||||||
NoteCommitChip::construct(self.old_note_commit_config.clone())
|
NoteCommitChip::construct(self.old_note_commit_config.clone())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(super) fn mux_chip(&self) -> MuxChip {
|
pub(super) fn cond_swap_chip(&self) -> CondSwapChip<pallas::Base> {
|
||||||
MuxChip::construct(self.mux_config.clone())
|
CondSwapChip::construct(self.cond_swap_config.clone())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -170,7 +170,7 @@ pub(in crate::circuit) fn derive_nullifier<
|
||||||
poseidon_chip: PoseidonChip,
|
poseidon_chip: PoseidonChip,
|
||||||
add_chip: AddChip,
|
add_chip: AddChip,
|
||||||
ecc_chip: EccChip,
|
ecc_chip: EccChip,
|
||||||
mux_chip: MuxChip,
|
cond_swap_chip: CondSwapChip<pallas::Base>,
|
||||||
rho: AssignedCell<pallas::Base, pallas::Base>,
|
rho: AssignedCell<pallas::Base, pallas::Base>,
|
||||||
psi: &AssignedCell<pallas::Base, pallas::Base>,
|
psi: &AssignedCell<pallas::Base, pallas::Base>,
|
||||||
cm: &Point<pallas::Affine, EccChip>,
|
cm: &Point<pallas::Affine, EccChip>,
|
||||||
|
@ -223,7 +223,7 @@ pub(in crate::circuit) fn derive_nullifier<
|
||||||
// Select the desired nullifier according to split_flag
|
// Select the desired nullifier according to split_flag
|
||||||
Ok(Point::from_inner(
|
Ok(Point::from_inner(
|
||||||
ecc_chip,
|
ecc_chip,
|
||||||
mux_chip.mux_on_points(
|
cond_swap_chip.mux_on_points(
|
||||||
layouter.namespace(|| "mux on nf"),
|
layouter.namespace(|| "mux on nf"),
|
||||||
&split_flag,
|
&split_flag,
|
||||||
nf.inner(),
|
nf.inner(),
|
||||||
|
|
|
@ -22,9 +22,7 @@ use halo2_gadgets::{
|
||||||
CommitDomain, Message, MessagePiece,
|
CommitDomain, Message, MessagePiece,
|
||||||
},
|
},
|
||||||
utilities::{
|
utilities::{
|
||||||
bool_check,
|
bool_check, cond_swap::CondSwapChip, lookup_range_check::LookupRangeCheckConfig,
|
||||||
lookup_range_check::LookupRangeCheckConfig,
|
|
||||||
mux::{MuxChip, MuxInstructions},
|
|
||||||
FieldValue, RangeConstrained,
|
FieldValue, RangeConstrained,
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
@ -1747,7 +1745,7 @@ pub(in crate::circuit) mod gadgets {
|
||||||
chip: SinsemillaChip<OrchardHashDomains, OrchardCommitDomains, OrchardFixedBases>,
|
chip: SinsemillaChip<OrchardHashDomains, OrchardCommitDomains, OrchardFixedBases>,
|
||||||
ecc_chip: EccChip<OrchardFixedBases>,
|
ecc_chip: EccChip<OrchardFixedBases>,
|
||||||
note_commit_chip: NoteCommitChip,
|
note_commit_chip: NoteCommitChip,
|
||||||
mux_chip: MuxChip,
|
cond_swap_chip: CondSwapChip<pallas::Base>,
|
||||||
g_d: &NonIdentityEccPoint,
|
g_d: &NonIdentityEccPoint,
|
||||||
pk_d: &NonIdentityEccPoint,
|
pk_d: &NonIdentityEccPoint,
|
||||||
value: AssignedCell<NoteValue, pallas::Base>,
|
value: AssignedCell<NoteValue, pallas::Base>,
|
||||||
|
@ -1902,7 +1900,7 @@ pub(in crate::circuit) mod gadgets {
|
||||||
Value::known(zsa_domain.q_init()),
|
Value::known(zsa_domain.q_init()),
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
mux_chip.mux_on_non_identity_points(
|
cond_swap_chip.mux_on_non_identity_points(
|
||||||
layouter.namespace(|| "mux on hash point"),
|
layouter.namespace(|| "mux on hash point"),
|
||||||
&is_native_asset,
|
&is_native_asset,
|
||||||
q_init_zsa.inner(),
|
q_init_zsa.inner(),
|
||||||
|
@ -1939,7 +1937,7 @@ pub(in crate::circuit) mod gadgets {
|
||||||
// hash_point = hash_zsa if is_native_asset is false
|
// hash_point = hash_zsa if is_native_asset is false
|
||||||
let hash_point = Point::from_inner(
|
let hash_point = Point::from_inner(
|
||||||
ecc_chip,
|
ecc_chip,
|
||||||
mux_chip.mux_on_points(
|
cond_swap_chip.mux_on_points(
|
||||||
layouter.namespace(|| "mux on hash point"),
|
layouter.namespace(|| "mux on hash point"),
|
||||||
&is_native_asset,
|
&is_native_asset,
|
||||||
&(hash_point_zsa.inner().clone().into()),
|
&(hash_point_zsa.inner().clone().into()),
|
||||||
|
@ -2342,8 +2340,8 @@ mod tests {
|
||||||
},
|
},
|
||||||
sinsemilla::chip::SinsemillaChip,
|
sinsemilla::chip::SinsemillaChip,
|
||||||
utilities::{
|
utilities::{
|
||||||
|
cond_swap::{CondSwapChip, CondSwapConfig},
|
||||||
lookup_range_check::LookupRangeCheckConfig,
|
lookup_range_check::LookupRangeCheckConfig,
|
||||||
mux::{MuxChip, MuxConfig},
|
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -2370,7 +2368,11 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Circuit<pallas::Base> for MyCircuit {
|
impl Circuit<pallas::Base> for MyCircuit {
|
||||||
type Config = (NoteCommitConfig, EccConfig<OrchardFixedBases>, MuxConfig);
|
type Config = (
|
||||||
|
NoteCommitConfig,
|
||||||
|
EccConfig<OrchardFixedBases>,
|
||||||
|
CondSwapConfig,
|
||||||
|
);
|
||||||
type FloorPlanner = SimpleFloorPlanner;
|
type FloorPlanner = SimpleFloorPlanner;
|
||||||
|
|
||||||
fn without_witnesses(&self) -> Self {
|
fn without_witnesses(&self) -> Self {
|
||||||
|
@ -2446,10 +2448,10 @@ mod tests {
|
||||||
range_check,
|
range_check,
|
||||||
);
|
);
|
||||||
|
|
||||||
let mux_config =
|
let cond_swap_config =
|
||||||
MuxChip::configure(meta, advices[0], advices[1], advices[2], advices[3]);
|
CondSwapChip::configure(meta, advices[0..5].try_into().unwrap());
|
||||||
|
|
||||||
(note_commit_config, ecc_config, mux_config)
|
(note_commit_config, ecc_config, cond_swap_config)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn synthesize(
|
fn synthesize(
|
||||||
|
@ -2457,7 +2459,7 @@ mod tests {
|
||||||
config: Self::Config,
|
config: Self::Config,
|
||||||
mut layouter: impl Layouter<pallas::Base>,
|
mut layouter: impl Layouter<pallas::Base>,
|
||||||
) -> Result<(), Error> {
|
) -> Result<(), Error> {
|
||||||
let (note_commit_config, ecc_config, mux_config) = config;
|
let (note_commit_config, ecc_config, cond_swap_config) = config;
|
||||||
|
|
||||||
// Load the Sinsemilla generator lookup table used by the whole circuit.
|
// Load the Sinsemilla generator lookup table used by the whole circuit.
|
||||||
SinsemillaChip::<
|
SinsemillaChip::<
|
||||||
|
@ -2476,8 +2478,8 @@ mod tests {
|
||||||
// Construct a NoteCommit chip
|
// Construct a NoteCommit chip
|
||||||
let note_commit_chip = NoteCommitChip::construct(note_commit_config.clone());
|
let note_commit_chip = NoteCommitChip::construct(note_commit_config.clone());
|
||||||
|
|
||||||
// Construct a Mux chip
|
// Construct a CondSwap chip
|
||||||
let mux_chip = MuxChip::construct(mux_config);
|
let cond_swap_chip = CondSwapChip::construct(cond_swap_config);
|
||||||
|
|
||||||
// Witness g_d
|
// Witness g_d
|
||||||
let g_d = NonIdentityPoint::new(
|
let g_d = NonIdentityPoint::new(
|
||||||
|
@ -2544,7 +2546,7 @@ mod tests {
|
||||||
sinsemilla_chip,
|
sinsemilla_chip,
|
||||||
ecc_chip.clone(),
|
ecc_chip.clone(),
|
||||||
note_commit_chip,
|
note_commit_chip,
|
||||||
mux_chip,
|
cond_swap_chip,
|
||||||
g_d.inner(),
|
g_d.inner(),
|
||||||
pk_d.inner(),
|
pk_d.inner(),
|
||||||
value_var,
|
value_var,
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
Binary file not shown.
|
@ -77,8 +77,8 @@ impl NoteCommitment {
|
||||||
NOTE_COMMITMENT_PERSONALIZATION,
|
NOTE_COMMITMENT_PERSONALIZATION,
|
||||||
);
|
);
|
||||||
|
|
||||||
let zec_hash_point = zec_domain.M.hash_to_point(zec_note_bits);
|
let zec_hash_point = zec_domain.hash_to_point(zec_note_bits);
|
||||||
let zsa_hash_point = zsa_domain.M.hash_to_point(zsa_note_bits);
|
let zsa_hash_point = zsa_domain.hash_to_point(zsa_note_bits);
|
||||||
|
|
||||||
// Select the desired hash point in constant-time
|
// Select the desired hash point in constant-time
|
||||||
let hash_point = zsa_hash_point.and_then(|zsa_hash| {
|
let hash_point = zsa_hash_point.and_then(|zsa_hash| {
|
||||||
|
@ -176,7 +176,7 @@ mod tests {
|
||||||
|
|
||||||
// Evaluating the commitment in one step with `commit` or in two steps with `hash_to_point`
|
// Evaluating the commitment in one step with `commit` or in two steps with `hash_to_point`
|
||||||
// and `commit_from_hash_point` must give the same commitment.
|
// and `commit_from_hash_point` must give the same commitment.
|
||||||
let hash_point = domain_zsa.M.hash_to_point(msg.into_iter());
|
let hash_point = domain_zsa.hash_to_point(msg.into_iter());
|
||||||
let commit_r_zsa = domain_zsa.commit_from_hash_point(hash_point, &rcm.0);
|
let commit_r_zsa = domain_zsa.commit_from_hash_point(hash_point, &rcm.0);
|
||||||
assert_eq!(expected_commit.unwrap(), commit_r_zsa.unwrap());
|
assert_eq!(expected_commit.unwrap(), commit_r_zsa.unwrap());
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue