Hash fixed_commitments and permutations into transcript

2021-02-09 14:01:33 +08:00 · 2021-02-09 14:01:33 +08:00 · 437782e902
parent 068babe3d0
commit 437782e902
4 changed files with 28 additions and 1 deletions
--- a/src/plonk.rs
+++ b/src/plonk.rs
@ -9,7 +9,7 @@ use crate::arithmetic::CurveAffine;
 use crate::poly::{
    commitment::Params, Coeff, EvaluationDomain, ExtendedLagrangeCoeff, LagrangeCoeff, Polynomial,
 };
-use crate::transcript::ChallengeScalar;
+use crate::transcript::{ChallengeScalar, Transcript};

 mod circuit;
 mod keygen;
@ -74,6 +74,18 @@ impl<C: CurveAffine> VerifyingKey<C> {
            cs,
        })
    }
+
+    /// Hashes a verification key into a transcript.
+    pub fn hash<T: Transcript<C>>(&self, transcript: &mut T) -> io::Result<()> {
+        for commitment in &self.fixed_commitments {
+            transcript.common_point(*commitment)?;
+        }
+        for permutation in &self.permutations {
+            permutation.hash(transcript)?;
+        }
+
+        Ok(())
+    }
 }

 /// This is a proving key which allows for the creation of proofs for a
--- a/src/plonk/permutation.rs
+++ b/src/plonk/permutation.rs
@ -4,6 +4,7 @@ use super::circuit::{Any, Column};
 use crate::{
    arithmetic::CurveAffine,
    poly::{Coeff, ExtendedLagrangeCoeff, LagrangeCoeff, Polynomial},
+    transcript::Transcript,
 };

 pub(crate) mod keygen;
@ -66,6 +67,14 @@ impl<C: CurveAffine> VerifyingKey<C> {
            .collect::<Result<Vec<_>, _>>()?;
        Ok(VerifyingKey { commitments })
    }
+
+    pub(crate) fn hash<T: Transcript<C>>(&self, transcript: &mut T) -> io::Result<()> {
+        for commitment in &self.commitments {
+            transcript.common_point(*commitment)?;
+        }
+
+        Ok(())
+    }
 }

 /// The proving key for a single permutation argument.
--- a/src/plonk/prover.rs
+++ b/src/plonk/prover.rs
@ -30,6 +30,9 @@ pub fn create_proof<C: CurveAffine, T: TranscriptWrite<C>, ConcreteCircuit: Circ
        }
    }

+    // Hash verification key into transcript
+    pk.vk.hash(transcript).map_err(|_| Error::TranscriptError)?;
+
    let domain = &pk.vk.domain;
    let mut meta = ConstraintSystem::default();
    let config = ConcreteCircuit::configure(&mut meta);
--- a/src/plonk/verifier.rs
+++ b/src/plonk/verifier.rs
@ -29,6 +29,9 @@ pub fn verify_proof<'a, C: CurveAffine, T: TranscriptRead<C>>(

    let num_proofs = instance_commitments.len();

+    // Hash verification key into transcript
+    vk.hash(transcript).map_err(|_| Error::TranscriptError)?;
+
    for instance_commitments in instance_commitments.iter() {
        // Hash the instance (external) commitments into the transcript
        for commitment in *instance_commitments {