From e15648cb67cc30b2c6fb6325d380ee1b10cf7676 Mon Sep 17 00:00:00 2001 From: therealyingtong Date: Sat, 5 Jun 2021 13:59:48 +0800 Subject: [PATCH] gadget::ecc: Remove representations of fixed points in the circuit Fixed points are represented by precomputed window tables. These are not "initialized" in the circuit at any single point, but are loaded into fixed columns at the offsets where the fixed points are used. Thus, we don't need FixedPoint and get_fixed() in the circuit. Similarly, we can remove FixedPointShort and get_fixed_short(). --- src/circuit/gadget/ecc.rs | 102 ++++++++++++++++++-------------------- 1 file changed, 49 insertions(+), 53 deletions(-) diff --git a/src/circuit/gadget/ecc.rs b/src/circuit/gadget/ecc.rs index 31d252e3..07e6eff7 100644 --- a/src/circuit/gadget/ecc.rs +++ b/src/circuit/gadget/ecc.rs @@ -36,16 +36,10 @@ pub trait EccInstructions: Chip { /// Variable representing the affine short Weierstrass x-coordinate of an /// elliptic curve point. type X: Clone + Debug; - /// Variable representing the set of fixed bases in the circuit. + /// Enumeration of the set of fixed bases to be used in full-width scalar mul. type FixedPoints: Clone + Debug; - /// Variable representing the set of fixed bases to be used in scalar - /// multiplication with a short signed exponent. + /// Enumeration of the set of fixed bases to be used in short signed scalar mul. type FixedPointsShort: Clone + Debug; - /// Variable representing a fixed elliptic curve point (constant in the circuit). - type FixedPoint: Clone + Debug; - /// Variable representing a fixed elliptic curve point (constant in the circuit) - /// to be used in scalar multiplication with a short signed exponent. - type FixedPointShort: Clone + Debug; /// Witnesses the given base field element as a private input to the circuit /// for variable-base scalar mul. @@ -81,18 +75,6 @@ pub trait EccInstructions: Chip { /// Extracts the x-coordinate of a point. fn extract_p(point: &Self::Point) -> &Self::X; - /// Returns a fixed point that had been previously loaded into the circuit. - /// The pre-loaded cells are used to set up equality constraints in other - /// parts of the circuit where the fixed base is used. - fn get_fixed(&self, fixed_points: Self::FixedPoints) -> Result; - - /// Returns a fixed point to be used in scalar multiplication with a signed - /// short exponent. - fn get_fixed_short( - &self, - fixed_points: Self::FixedPointsShort, - ) -> Result; - /// Performs incomplete point addition, returning `a + b`. /// /// This returns an error in exceptional cases. @@ -111,14 +93,8 @@ pub trait EccInstructions: Chip { b: &Self::Point, ) -> Result; - /// Performs point doubling, returning `[2] a`. - fn double( - &self, - layouter: &mut impl Layouter, - a: &Self::Point, - ) -> Result; - /// Performs variable-base scalar multiplication, returning `[scalar] base`. + /// Multiplication of the identity `[scalar] 𝒪 ` returns an error. fn mul( &self, layouter: &mut impl Layouter, @@ -131,7 +107,7 @@ pub trait EccInstructions: Chip { &self, layouter: &mut impl Layouter, scalar: &Self::ScalarFixed, - base: &Self::FixedPoint, + base: &Self::FixedPoints, ) -> Result; /// Performs fixed-base scalar multiplication using a short signed scalar, returning `[scalar] base`. @@ -139,7 +115,7 @@ pub trait EccInstructions: Chip { &self, layouter: &mut impl Layouter, scalar: &Self::ScalarFixedShort, - base: &Self::FixedPointShort, + base: &Self::FixedPointsShort, ) -> Result; } @@ -174,12 +150,18 @@ impl + Clone + Debug + Eq> ScalarVar /// A full-width element of the given elliptic curve's scalar field, to be used for fixed-base scalar mul. #[derive(Debug)] -pub struct ScalarFixed + Clone + Debug + Eq> { +pub struct ScalarFixed +where + EccChip: EccInstructions + Clone + Debug + Eq, +{ chip: EccChip, inner: EccChip::ScalarFixed, } -impl + Clone + Debug + Eq> ScalarFixed { +impl ScalarFixed +where + EccChip: EccInstructions + Clone + Debug + Eq, +{ /// Constructs a new ScalarFixed with the given value. pub fn new( chip: EccChip, @@ -193,13 +175,17 @@ impl + Clone + Debug + Eq> ScalarFix /// A signed short element of the given elliptic curve's scalar field, to be used for fixed-base scalar mul. #[derive(Debug)] -pub struct ScalarFixedShort + Clone + Debug + Eq> { +pub struct ScalarFixedShort +where + EccChip: EccInstructions + Clone + Debug + Eq, +{ chip: EccChip, inner: EccChip::ScalarFixedShort, } -impl + Clone + Debug + Eq> - ScalarFixedShort +impl ScalarFixedShort +where + EccChip: EccInstructions + Clone + Debug + Eq, { /// Constructs a new ScalarFixedShort with the given value. /// @@ -231,7 +217,7 @@ impl + Clone + Debug + Eq> } /// An elliptic curve point over the given curve. -#[derive(Debug)] +#[derive(Copy, Clone, Debug)] pub struct Point + Clone + Debug + Eq> { chip: EccChip, inner: EccChip::Point, @@ -318,18 +304,18 @@ impl + Clone + Debug + Eq> X + Clone + Debug + Eq> { +pub struct FixedPoint +where + EccChip: EccInstructions + Clone + Debug + Eq, +{ chip: EccChip, - inner: EccChip::FixedPoint, + inner: EccChip::FixedPoints, } -impl + Clone + Debug + Eq> FixedPoint { - /// Gets a reference to the specified fixed point in the circuit. - pub fn get(chip: EccChip, point: EccChip::FixedPoints) -> Result { - chip.get_fixed(point) - .map(|inner| FixedPoint { chip, inner }) - } - +impl FixedPoint +where + EccChip: EccInstructions + Clone + Debug + Eq, +{ /// Returns `[by] self`. pub fn mul( &self, @@ -344,23 +330,28 @@ impl + Clone + Debug + Eq> FixedPoin inner, }) } + + /// Wraps the given fixed base (obtained directly from an instruction) in a gadget. + pub fn from_inner(chip: EccChip, inner: EccChip::FixedPoints) -> Self { + FixedPoint { chip, inner } + } } /// A constant elliptic curve point over the given curve, used in scalar multiplication /// with a short signed exponent #[derive(Clone, Debug)] -pub struct FixedPointShort + Clone + Debug + Eq> { +pub struct FixedPointShort +where + EccChip: EccInstructions + Clone + Debug + Eq, +{ chip: EccChip, - inner: EccChip::FixedPointShort, + inner: EccChip::FixedPointsShort, } -impl + Clone + Debug + Eq> FixedPointShort { - /// Gets a reference to the specified fixed point in the circuit. - pub fn get(chip: EccChip, point: EccChip::FixedPointsShort) -> Result { - chip.get_fixed_short(point) - .map(|inner| FixedPointShort { chip, inner }) - } - +impl FixedPointShort +where + EccChip: EccInstructions + Clone + Debug + Eq, +{ /// Returns `[by] self`. pub fn mul( &self, @@ -375,4 +366,9 @@ impl + Clone + Debug + Eq> FixedPoin inner, }) } + + /// Wraps the given fixed base (obtained directly from an instruction) in a gadget. + pub fn from_inner(chip: EccChip, inner: EccChip::FixedPointsShort) -> Self { + FixedPointShort { chip, inner } + } }