mirror of https://github.com/zcash/orchard.git
Circuit: move mux functionality into CondSwap chip (#94)
In halo2 repository, the mux functionality has been moved into the CondSwap chip.
This commit is contained in:
parent
f38d6b9e4c
commit
0ee75f5ea7
|
@ -60,8 +60,8 @@ use halo2_gadgets::{
|
|||
},
|
||||
utilities::{
|
||||
bool_check,
|
||||
cond_swap::{CondSwapChip, CondSwapConfig},
|
||||
lookup_range_check::LookupRangeCheckConfig,
|
||||
mux::{MuxChip, MuxConfig},
|
||||
},
|
||||
};
|
||||
|
||||
|
@ -103,7 +103,7 @@ pub struct Config {
|
|||
commit_ivk_config: CommitIvkConfig,
|
||||
old_note_commit_config: NoteCommitConfig,
|
||||
new_note_commit_config: NoteCommitConfig,
|
||||
mux_config: MuxConfig,
|
||||
cond_swap_config: CondSwapConfig,
|
||||
}
|
||||
|
||||
/// The Orchard Action circuit.
|
||||
|
@ -455,7 +455,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
let new_note_commit_config =
|
||||
NoteCommitChip::configure(meta, advices, sinsemilla_config_2.clone());
|
||||
|
||||
let mux_config = MuxChip::configure(meta, advices[0], advices[1], advices[2], advices[3]);
|
||||
let cond_swap_config = CondSwapChip::configure(meta, advices[0..5].try_into().unwrap());
|
||||
|
||||
Config {
|
||||
primary,
|
||||
|
@ -471,7 +471,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
commit_ivk_config,
|
||||
old_note_commit_config,
|
||||
new_note_commit_config,
|
||||
mux_config,
|
||||
cond_swap_config,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -668,7 +668,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
config.poseidon_chip(),
|
||||
config.add_chip(),
|
||||
ecc_chip.clone(),
|
||||
config.mux_chip(),
|
||||
config.cond_swap_chip(),
|
||||
rho_old.clone(),
|
||||
&psi_nf,
|
||||
&cm_old,
|
||||
|
@ -764,7 +764,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
config.sinsemilla_chip_1(),
|
||||
config.ecc_chip(),
|
||||
config.note_commit_chip_old(),
|
||||
config.mux_chip(),
|
||||
config.cond_swap_chip(),
|
||||
g_d_old.inner(),
|
||||
pk_d_old.inner(),
|
||||
v_old.clone(),
|
||||
|
@ -825,7 +825,7 @@ impl plonk::Circuit<pallas::Base> for Circuit {
|
|||
config.sinsemilla_chip_2(),
|
||||
config.ecc_chip(),
|
||||
config.note_commit_chip_new(),
|
||||
config.mux_chip(),
|
||||
config.cond_swap_chip(),
|
||||
g_d_new.inner(),
|
||||
pk_d_new.inner(),
|
||||
v_new.clone(),
|
||||
|
|
|
@ -15,7 +15,7 @@ use halo2_gadgets::{
|
|||
Hash as PoseidonHash, PoseidonSpongeInstructions, Pow5Chip as PoseidonChip,
|
||||
},
|
||||
sinsemilla::{chip::SinsemillaChip, merkle::chip::MerkleChip},
|
||||
utilities::mux::{MuxChip, MuxInstructions},
|
||||
utilities::cond_swap::CondSwapChip,
|
||||
};
|
||||
use halo2_proofs::{
|
||||
circuit::{AssignedCell, Chip, Layouter, Value},
|
||||
|
@ -73,8 +73,8 @@ impl super::Config {
|
|||
NoteCommitChip::construct(self.old_note_commit_config.clone())
|
||||
}
|
||||
|
||||
pub(super) fn mux_chip(&self) -> MuxChip {
|
||||
MuxChip::construct(self.mux_config.clone())
|
||||
pub(super) fn cond_swap_chip(&self) -> CondSwapChip<pallas::Base> {
|
||||
CondSwapChip::construct(self.cond_swap_config.clone())
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -170,7 +170,7 @@ pub(in crate::circuit) fn derive_nullifier<
|
|||
poseidon_chip: PoseidonChip,
|
||||
add_chip: AddChip,
|
||||
ecc_chip: EccChip,
|
||||
mux_chip: MuxChip,
|
||||
cond_swap_chip: CondSwapChip<pallas::Base>,
|
||||
rho: AssignedCell<pallas::Base, pallas::Base>,
|
||||
psi: &AssignedCell<pallas::Base, pallas::Base>,
|
||||
cm: &Point<pallas::Affine, EccChip>,
|
||||
|
@ -223,7 +223,7 @@ pub(in crate::circuit) fn derive_nullifier<
|
|||
// Select the desired nullifier according to split_flag
|
||||
Ok(Point::from_inner(
|
||||
ecc_chip,
|
||||
mux_chip.mux_on_points(
|
||||
cond_swap_chip.mux_on_points(
|
||||
layouter.namespace(|| "mux on nf"),
|
||||
&split_flag,
|
||||
nf.inner(),
|
||||
|
|
|
@ -22,9 +22,7 @@ use halo2_gadgets::{
|
|||
CommitDomain, Message, MessagePiece,
|
||||
},
|
||||
utilities::{
|
||||
bool_check,
|
||||
lookup_range_check::LookupRangeCheckConfig,
|
||||
mux::{MuxChip, MuxInstructions},
|
||||
bool_check, cond_swap::CondSwapChip, lookup_range_check::LookupRangeCheckConfig,
|
||||
FieldValue, RangeConstrained,
|
||||
},
|
||||
};
|
||||
|
@ -1747,7 +1745,7 @@ pub(in crate::circuit) mod gadgets {
|
|||
chip: SinsemillaChip<OrchardHashDomains, OrchardCommitDomains, OrchardFixedBases>,
|
||||
ecc_chip: EccChip<OrchardFixedBases>,
|
||||
note_commit_chip: NoteCommitChip,
|
||||
mux_chip: MuxChip,
|
||||
cond_swap_chip: CondSwapChip<pallas::Base>,
|
||||
g_d: &NonIdentityEccPoint,
|
||||
pk_d: &NonIdentityEccPoint,
|
||||
value: AssignedCell<NoteValue, pallas::Base>,
|
||||
|
@ -1902,7 +1900,7 @@ pub(in crate::circuit) mod gadgets {
|
|||
Value::known(zsa_domain.q_init()),
|
||||
)?;
|
||||
|
||||
mux_chip.mux_on_non_identity_points(
|
||||
cond_swap_chip.mux_on_non_identity_points(
|
||||
layouter.namespace(|| "mux on hash point"),
|
||||
&is_native_asset,
|
||||
q_init_zsa.inner(),
|
||||
|
@ -1939,7 +1937,7 @@ pub(in crate::circuit) mod gadgets {
|
|||
// hash_point = hash_zsa if is_native_asset is false
|
||||
let hash_point = Point::from_inner(
|
||||
ecc_chip,
|
||||
mux_chip.mux_on_points(
|
||||
cond_swap_chip.mux_on_points(
|
||||
layouter.namespace(|| "mux on hash point"),
|
||||
&is_native_asset,
|
||||
&(hash_point_zsa.inner().clone().into()),
|
||||
|
@ -2342,8 +2340,8 @@ mod tests {
|
|||
},
|
||||
sinsemilla::chip::SinsemillaChip,
|
||||
utilities::{
|
||||
cond_swap::{CondSwapChip, CondSwapConfig},
|
||||
lookup_range_check::LookupRangeCheckConfig,
|
||||
mux::{MuxChip, MuxConfig},
|
||||
},
|
||||
};
|
||||
|
||||
|
@ -2370,7 +2368,11 @@ mod tests {
|
|||
}
|
||||
|
||||
impl Circuit<pallas::Base> for MyCircuit {
|
||||
type Config = (NoteCommitConfig, EccConfig<OrchardFixedBases>, MuxConfig);
|
||||
type Config = (
|
||||
NoteCommitConfig,
|
||||
EccConfig<OrchardFixedBases>,
|
||||
CondSwapConfig,
|
||||
);
|
||||
type FloorPlanner = SimpleFloorPlanner;
|
||||
|
||||
fn without_witnesses(&self) -> Self {
|
||||
|
@ -2446,10 +2448,10 @@ mod tests {
|
|||
range_check,
|
||||
);
|
||||
|
||||
let mux_config =
|
||||
MuxChip::configure(meta, advices[0], advices[1], advices[2], advices[3]);
|
||||
let cond_swap_config =
|
||||
CondSwapChip::configure(meta, advices[0..5].try_into().unwrap());
|
||||
|
||||
(note_commit_config, ecc_config, mux_config)
|
||||
(note_commit_config, ecc_config, cond_swap_config)
|
||||
}
|
||||
|
||||
fn synthesize(
|
||||
|
@ -2457,7 +2459,7 @@ mod tests {
|
|||
config: Self::Config,
|
||||
mut layouter: impl Layouter<pallas::Base>,
|
||||
) -> Result<(), Error> {
|
||||
let (note_commit_config, ecc_config, mux_config) = config;
|
||||
let (note_commit_config, ecc_config, cond_swap_config) = config;
|
||||
|
||||
// Load the Sinsemilla generator lookup table used by the whole circuit.
|
||||
SinsemillaChip::<
|
||||
|
@ -2476,8 +2478,8 @@ mod tests {
|
|||
// Construct a NoteCommit chip
|
||||
let note_commit_chip = NoteCommitChip::construct(note_commit_config.clone());
|
||||
|
||||
// Construct a Mux chip
|
||||
let mux_chip = MuxChip::construct(mux_config);
|
||||
// Construct a CondSwap chip
|
||||
let cond_swap_chip = CondSwapChip::construct(cond_swap_config);
|
||||
|
||||
// Witness g_d
|
||||
let g_d = NonIdentityPoint::new(
|
||||
|
@ -2544,7 +2546,7 @@ mod tests {
|
|||
sinsemilla_chip,
|
||||
ecc_chip.clone(),
|
||||
note_commit_chip,
|
||||
mux_chip,
|
||||
cond_swap_chip,
|
||||
g_d.inner(),
|
||||
pk_d.inner(),
|
||||
value_var,
|
||||
|
|
File diff suppressed because it is too large
Load Diff
Binary file not shown.
|
@ -77,8 +77,8 @@ impl NoteCommitment {
|
|||
NOTE_COMMITMENT_PERSONALIZATION,
|
||||
);
|
||||
|
||||
let zec_hash_point = zec_domain.M.hash_to_point(zec_note_bits);
|
||||
let zsa_hash_point = zsa_domain.M.hash_to_point(zsa_note_bits);
|
||||
let zec_hash_point = zec_domain.hash_to_point(zec_note_bits);
|
||||
let zsa_hash_point = zsa_domain.hash_to_point(zsa_note_bits);
|
||||
|
||||
// Select the desired hash point in constant-time
|
||||
let hash_point = zsa_hash_point.and_then(|zsa_hash| {
|
||||
|
@ -176,7 +176,7 @@ mod tests {
|
|||
|
||||
// Evaluating the commitment in one step with `commit` or in two steps with `hash_to_point`
|
||||
// and `commit_from_hash_point` must give the same commitment.
|
||||
let hash_point = domain_zsa.M.hash_to_point(msg.into_iter());
|
||||
let hash_point = domain_zsa.hash_to_point(msg.into_iter());
|
||||
let commit_r_zsa = domain_zsa.commit_from_hash_point(hash_point, &rcm.0);
|
||||
assert_eq!(expected_commit.unwrap(), commit_r_zsa.unwrap());
|
||||
|
||||
|
|
Loading…
Reference in New Issue