Refactor verification key hashing logic to use Display impls.
This commit is contained in:
parent
f35e190455
commit
dfa7d96fa9
|
@ -19,6 +19,9 @@ const_assert!(size_of::<usize>() >= 4);
|
||||||
pub trait FieldExt:
|
pub trait FieldExt:
|
||||||
ff::PrimeField + From<bool> + Ord + ConstantTimeEq + Group<Scalar = Self>
|
ff::PrimeField + From<bool> + Ord + ConstantTimeEq + Group<Scalar = Self>
|
||||||
{
|
{
|
||||||
|
/// Modulus of the field written as a string for display purposes
|
||||||
|
const MODULUS: &'static str;
|
||||||
|
|
||||||
/// Generator of the $2^S$ multiplicative subgroup
|
/// Generator of the $2^S$ multiplicative subgroup
|
||||||
const ROOT_OF_UNITY: Self;
|
const ROOT_OF_UNITY: Self;
|
||||||
|
|
||||||
|
|
|
@ -29,13 +29,23 @@ macro_rules! new_curve_impl {
|
||||||
|
|
||||||
/// Represents a point in the affine coordinate space (or the point at
|
/// Represents a point in the affine coordinate space (or the point at
|
||||||
/// infinity).
|
/// infinity).
|
||||||
#[derive(Copy, Clone, Debug)]
|
#[derive(Copy, Clone)]
|
||||||
pub struct $name_affine {
|
pub struct $name_affine {
|
||||||
x: $base,
|
x: $base,
|
||||||
y: $base,
|
y: $base,
|
||||||
infinity: Choice,
|
infinity: Choice,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl std::fmt::Debug for $name_affine {
|
||||||
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> Result<(), std::fmt::Error> {
|
||||||
|
if self.infinity.into() {
|
||||||
|
write!(f, "Infinity")
|
||||||
|
} else {
|
||||||
|
write!(f, "({:?}, {:?})", self.x, self.y)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
impl Curve for $name {
|
impl Curve for $name {
|
||||||
type Affine = $name_affine;
|
type Affine = $name_affine;
|
||||||
type Scalar = $scalar;
|
type Scalar = $scalar;
|
||||||
|
|
|
@ -605,6 +605,8 @@ lazy_static! {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl FieldExt for Fp {
|
impl FieldExt for Fp {
|
||||||
|
const MODULUS: &'static str =
|
||||||
|
"0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001";
|
||||||
const ROOT_OF_UNITY: Self = ROOT_OF_UNITY;
|
const ROOT_OF_UNITY: Self = ROOT_OF_UNITY;
|
||||||
const ROOT_OF_UNITY_INV: Self = Fp::from_raw([
|
const ROOT_OF_UNITY_INV: Self = Fp::from_raw([
|
||||||
0xf0b87c7db2ce91f6,
|
0xf0b87c7db2ce91f6,
|
||||||
|
|
|
@ -605,6 +605,8 @@ lazy_static! {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl FieldExt for Fq {
|
impl FieldExt for Fq {
|
||||||
|
const MODULUS: &'static str =
|
||||||
|
"0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001";
|
||||||
const ROOT_OF_UNITY: Self = ROOT_OF_UNITY;
|
const ROOT_OF_UNITY: Self = ROOT_OF_UNITY;
|
||||||
const ROOT_OF_UNITY_INV: Self = Fq::from_raw([
|
const ROOT_OF_UNITY_INV: Self = Fq::from_raw([
|
||||||
0x57eecda0a84b6836,
|
0x57eecda0a84b6836,
|
||||||
|
|
93
src/plonk.rs
93
src/plonk.rs
|
@ -85,72 +85,10 @@ impl<C: CurveAffine> VerifyingKey<C> {
|
||||||
.personal(C::BLAKE2B_PERSONALIZATION)
|
.personal(C::BLAKE2B_PERSONALIZATION)
|
||||||
.to_state();
|
.to_state();
|
||||||
|
|
||||||
// Hash in curve parameters
|
let s = format!("{}", self);
|
||||||
hasher.update(&C::Scalar::ROOT_OF_UNITY.to_bytes());
|
|
||||||
hasher.update(&C::Scalar::ROOT_OF_UNITY_INV.to_bytes());
|
|
||||||
hasher.update(
|
|
||||||
&(C::Scalar::T_MINUS1_OVER2
|
|
||||||
.iter()
|
|
||||||
.fold(Vec::new(), |mut res, word| {
|
|
||||||
res.extend_from_slice(&word.to_le_bytes());
|
|
||||||
res
|
|
||||||
})),
|
|
||||||
);
|
|
||||||
hasher.update(&C::Scalar::DELTA.to_bytes());
|
|
||||||
hasher.update(&C::Scalar::TWO_INV.to_bytes());
|
|
||||||
hasher.update(&C::Scalar::RESCUE_ALPHA.to_le_bytes());
|
|
||||||
hasher.update(
|
|
||||||
&(C::Scalar::RESCUE_INVALPHA
|
|
||||||
.iter()
|
|
||||||
.fold(Vec::new(), |mut res, word| {
|
|
||||||
res.extend_from_slice(&word.to_le_bytes());
|
|
||||||
res
|
|
||||||
})),
|
|
||||||
);
|
|
||||||
hasher.update(&C::Base::ZETA.to_bytes());
|
|
||||||
|
|
||||||
hasher.update(&C::Base::ROOT_OF_UNITY.to_bytes());
|
hasher.update(&(s.len() as u64).to_le_bytes());
|
||||||
hasher.update(&C::Base::ROOT_OF_UNITY_INV.to_bytes());
|
hasher.update(s.as_bytes());
|
||||||
hasher.update(
|
|
||||||
&(C::Base::T_MINUS1_OVER2
|
|
||||||
.iter()
|
|
||||||
.fold(Vec::new(), |mut res, word| {
|
|
||||||
res.extend_from_slice(&word.to_le_bytes());
|
|
||||||
res
|
|
||||||
})),
|
|
||||||
);
|
|
||||||
hasher.update(&C::Base::DELTA.to_bytes());
|
|
||||||
hasher.update(&C::Base::TWO_INV.to_bytes());
|
|
||||||
hasher.update(&C::Base::RESCUE_ALPHA.to_le_bytes());
|
|
||||||
hasher.update(
|
|
||||||
&(C::Base::RESCUE_INVALPHA
|
|
||||||
.iter()
|
|
||||||
.fold(Vec::new(), |mut res, word| {
|
|
||||||
res.extend_from_slice(&word.to_le_bytes());
|
|
||||||
res
|
|
||||||
})),
|
|
||||||
);
|
|
||||||
hasher.update(&C::Base::ZETA.to_bytes());
|
|
||||||
|
|
||||||
// Hash in constants in the domain which influence the proof
|
|
||||||
self.domain.hash_into(&mut hasher);
|
|
||||||
|
|
||||||
// Hash in `ConstraintSystem`
|
|
||||||
self.cs.hash_into(&mut hasher);
|
|
||||||
|
|
||||||
// Hash in vector of fixed commitments
|
|
||||||
hasher.update(b"num_fixed_commitments");
|
|
||||||
hasher.update(&self.fixed_commitments.len().to_le_bytes());
|
|
||||||
for commitment in &self.fixed_commitments {
|
|
||||||
transcript.common_point(*commitment)?;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Hash in vector of permutation arguments
|
|
||||||
hasher.update(b"num_permutations");
|
|
||||||
hasher.update(&self.permutations.len().to_le_bytes());
|
|
||||||
for permutation in &self.permutations {
|
|
||||||
permutation.hash_into(&mut hasher, transcript)?;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Hash in final Blake2bState
|
// Hash in final Blake2bState
|
||||||
transcript.common_scalar(C::Scalar::from_bytes_wide(
|
transcript.common_scalar(C::Scalar::from_bytes_wide(
|
||||||
|
@ -161,6 +99,28 @@ impl<C: CurveAffine> VerifyingKey<C> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl<C: CurveAffine> std::fmt::Display for VerifyingKey<C> {
|
||||||
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> Result<(), std::fmt::Error> {
|
||||||
|
write!(
|
||||||
|
f,
|
||||||
|
"VerificationKey {{\
|
||||||
|
base_modulus = {base_modulus}, \
|
||||||
|
scalar_modulus = {scalar_modulus}, \
|
||||||
|
domain = {domain}, \
|
||||||
|
cs = {cs}, \
|
||||||
|
fixed_commitments = {fixed_commitments:?}, \
|
||||||
|
permutations = {permutations:?}\
|
||||||
|
}}",
|
||||||
|
base_modulus = C::Base::MODULUS,
|
||||||
|
scalar_modulus = C::Scalar::MODULUS,
|
||||||
|
domain = self.domain,
|
||||||
|
cs = self.cs,
|
||||||
|
fixed_commitments = self.fixed_commitments,
|
||||||
|
permutations = self.permutations
|
||||||
|
)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/// This is a proving key which allows for the creation of proofs for a
|
/// This is a proving key which allows for the creation of proofs for a
|
||||||
/// particular circuit.
|
/// particular circuit.
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
|
@ -589,7 +549,7 @@ fn test_proving() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
let a = Fp::rand();
|
let a = Fp::from_u64(2834758237) * Fp::ZETA;
|
||||||
let a_squared = a * &a;
|
let a_squared = a * &a;
|
||||||
let instance = Fp::one() + Fp::one();
|
let instance = Fp::one() + Fp::one();
|
||||||
let lookup_table = vec![instance, a, a, Fp::zero()];
|
let lookup_table = vec![instance, a, a, Fp::zero()];
|
||||||
|
@ -607,6 +567,7 @@ fn test_proving() {
|
||||||
|
|
||||||
// Initialize the proving key
|
// Initialize the proving key
|
||||||
let vk = keygen_vk(¶ms, &empty_circuit).expect("keygen_vk should not fail");
|
let vk = keygen_vk(¶ms, &empty_circuit).expect("keygen_vk should not fail");
|
||||||
|
assert_eq!(format!("{}", vk), "VerificationKey {base_modulus = 0x40000000000000000000000000000000224698fc0994a8dd8c46eb2100000001, scalar_modulus = 0x40000000000000000000000000000000224698fc094cf91b992d30ed00000001, domain = Domain {k = 5, extended_k = 7, omega = 0x0cc3380dc616f2e1daf29ad1560833ed3baea3393eceb7bc8fa36376929b78cc }, cs = ConstraintSystem {num_fixed_columns: 8, num_advice_columns: 5, num_instance_columns: 1, fixed_queries: [(Column { index: 6, column_type: Fixed }, Rotation(0)), (Column { index: 7, column_type: Fixed }, Rotation(0)), (Column { index: 0, column_type: Fixed }, Rotation(0)), (Column { index: 2, column_type: Fixed }, Rotation(0)), (Column { index: 3, column_type: Fixed }, Rotation(0)), (Column { index: 4, column_type: Fixed }, Rotation(0)), (Column { index: 1, column_type: Fixed }, Rotation(0)), (Column { index: 5, column_type: Fixed }, Rotation(0))], advice_queries: [(Column { index: 1, column_type: Advice }, Rotation(0)), (Column { index: 2, column_type: Advice }, Rotation(0)), (Column { index: 3, column_type: Advice }, Rotation(0)), (Column { index: 4, column_type: Advice }, Rotation(1)), (Column { index: 0, column_type: Advice }, Rotation(-1))], instance_queries: [(Column { index: 0, column_type: Instance }, Rotation(0))], permutations: [Argument { columns: [Column { index: 1, column_type: Advice }, Column { index: 2, column_type: Advice }, Column { index: 3, column_type: Advice }] }, Argument { columns: [Column { index: 1, column_type: Advice }, Column { index: 2, column_type: Advice }, Column { index: 3, column_type: Advice }] }], lookups: [Argument { input_columns: [Column { index: 1, column_type: Advice }], table_columns: [Column { index: 6, column_type: Fixed }] }, Argument { input_columns: [Column { index: 1, column_type: Advice }, Column { index: 2, column_type: Advice }], table_columns: [Column { index: 6, column_type: Fixed }, Column { index: 7, column_type: Fixed }] }], gates: [Sum(Sum(Sum(Sum(Product(Advice(0), Fixed(3)), Product(Advice(1), Fixed(4))), Product(Product(Advice(0), Advice(1)), Fixed(6))), Scaled(Product(Advice(2), Fixed(5)), 0x40000000000000000000000000000000224698fc094cf91b992d30ed00000000)), Product(Fixed(2), Product(Advice(3), Advice(4)))), Product(Fixed(7), Sum(Advice(0), Scaled(Instance(0), 0x40000000000000000000000000000000224698fc094cf91b992d30ed00000000))), ]}, fixed_commitments = [(0x3710f15f98bf0a7421343fdf390b9519506c67431a5c78678fbcc4db815c8547, 0x0a3c77f30ab2a2741b21cd45326c87dc7f7050b1a5e8c181a534b9c84a09cb02), (0x115235d6bd2467772db857d66e7f44837cd38bb6ac0c7b412c2997dd47cbbc3c, 0x0f339c20c40e10bed476699e2ddb88256092447582b250f329b0cbf6c3f66f17), (0x2a9ba245dcce53752e1de999b45c975472bb33b58aed8bcebdfcd185627895f0, 0x1252bf596b7acd19625f68845749f6672b99e71238cfabe91ca545103168d0f0), (0x2a9ba245dcce53752e1de999b45c975472bb33b58aed8bcebdfcd185627895f0, 0x1252bf596b7acd19625f68845749f6672b99e71238cfabe91ca545103168d0f0), (0x241d6d9c2060ce821d4b05ff2f9566c3947541f3d14a9aabcdb96c19158e8bc7, 0x39582cc6bdb1a4a88e89c050ad6db0ade34f45ec5791b07de6e694e9627ca66a), (0x1ee805e20232ba31eeae1fa345bd88ac7df81dc43ffb3967a218ea4defc9d17d, 0x2838c83c064d44e87e5c8d05a234ad24d2d4a502a370acb514b430f516c0f0bf), (0x37ead9904c760201ec4734ef398f0bdb5fe5a5e6e9db19c85e6b5483bdeb0a0b, 0x1dc08c38ed713b14f7a21a891a83b52160a3ffb0dccfbd70db7c7eb235dd193e), (0x2dc3d20553691216c988ecbb596c4bda329f27d50bd8a7c2fb0d84b423da3cb4, 0x025b40e800020458e15e3a57268562e6c08c6971d71262bd67c72437cfc60b4c)], permutations = [VerifyingKey { commitments: [(0x289f468bca3471a3d240169ec65047d0c4bb5e1135e81822523c74b596139fed, 0x1a585c821c71fb49c883859f1389bcae45f17593ddb5f9fee1781b27129e1b06), (0x096ef96a7725c636e7ca645dfe539694cf2a988da1ca50a468320f419d008054, 0x1ac0b48a254f8e2311081f81aa4a8ff39e37e40aa4c003325f1ac1219d231818), (0x254c9f0088599aba37607cfd1700c653ef3ec21bfd60b98c3d725678540bc4df, 0x134d9818929589052f3cd80d50140b851db26231b2b784a6b2528a64805598dc)] }, VerifyingKey { commitments: [(0x289f468bca3471a3d240169ec65047d0c4bb5e1135e81822523c74b596139fed, 0x1a585c821c71fb49c883859f1389bcae45f17593ddb5f9fee1781b27129e1b06), (0x096ef96a7725c636e7ca645dfe539694cf2a988da1ca50a468320f419d008054, 0x1ac0b48a254f8e2311081f81aa4a8ff39e37e40aa4c003325f1ac1219d231818), (0x254c9f0088599aba37607cfd1700c653ef3ec21bfd60b98c3d725678540bc4df, 0x134d9818929589052f3cd80d50140b851db26231b2b784a6b2528a64805598dc)] }]}");
|
||||||
let pk = keygen_pk(¶ms, vk, &empty_circuit).expect("keygen_pk should not fail");
|
let pk = keygen_pk(¶ms, vk, &empty_circuit).expect("keygen_pk should not fail");
|
||||||
|
|
||||||
let mut pubinputs = pk.get_vk().get_domain().empty_lagrange();
|
let mut pubinputs = pk.get_vk().get_domain().empty_lagrange();
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
use blake2b_simd::State as Blake2bState;
|
|
||||||
use core::cmp::max;
|
use core::cmp::max;
|
||||||
use core::ops::{Add, Mul};
|
use core::ops::{Add, Mul};
|
||||||
use ff::Field;
|
use ff::{Field, PrimeField};
|
||||||
use std::{
|
use std::{
|
||||||
convert::TryFrom,
|
convert::TryFrom,
|
||||||
ops::{Neg, Sub},
|
ops::{Neg, Sub},
|
||||||
|
@ -28,11 +27,6 @@ impl<C: ColumnType> Column<C> {
|
||||||
pub(crate) fn column_type(&self) -> &C {
|
pub(crate) fn column_type(&self) -> &C {
|
||||||
&self.column_type
|
&self.column_type
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) fn hash_into(&self, hasher: &mut Blake2bState) {
|
|
||||||
hasher.update(&format!("{:?}", self).as_bytes().len().to_le_bytes());
|
|
||||||
hasher.update(&format!("{:?}", self).as_bytes());
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// An advice column
|
/// An advice column
|
||||||
|
@ -323,12 +317,6 @@ impl<F: Field> Expression<F> {
|
||||||
Expression::Scaled(poly, _) => poly.degree(),
|
Expression::Scaled(poly, _) => poly.degree(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Hash an Expression into a Blake2bState
|
|
||||||
pub fn hash_into(&self, hasher: &mut Blake2bState) {
|
|
||||||
hasher.update(&format!("{:?}", self).as_bytes().len().to_le_bytes());
|
|
||||||
hasher.update(&format!("{:?}", self).as_bytes());
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
impl<F: Field> Neg for Expression<F> {
|
impl<F: Field> Neg for Expression<F> {
|
||||||
|
@ -392,6 +380,36 @@ pub struct ConstraintSystem<F> {
|
||||||
pub(crate) lookups: Vec<lookup::Argument>,
|
pub(crate) lookups: Vec<lookup::Argument>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl<F: PrimeField> std::fmt::Display for ConstraintSystem<F> {
|
||||||
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> Result<(), std::fmt::Error> {
|
||||||
|
write!(
|
||||||
|
f,
|
||||||
|
"ConstraintSystem {{\
|
||||||
|
num_fixed_columns: {num_fixed_columns}, \
|
||||||
|
num_advice_columns: {num_advice_columns}, \
|
||||||
|
num_instance_columns: {num_instance_columns}, \
|
||||||
|
fixed_queries: {fixed_queries:?}, \
|
||||||
|
advice_queries: {advice_queries:?}, \
|
||||||
|
instance_queries: {instance_queries:?}, \
|
||||||
|
permutations: {permutations:?}, \
|
||||||
|
lookups: {lookups:?}, \
|
||||||
|
gates: [",
|
||||||
|
num_fixed_columns = self.num_fixed_columns,
|
||||||
|
num_advice_columns = self.num_advice_columns,
|
||||||
|
num_instance_columns = self.num_instance_columns,
|
||||||
|
fixed_queries = &self.fixed_queries,
|
||||||
|
advice_queries = &self.advice_queries,
|
||||||
|
instance_queries = &self.instance_queries,
|
||||||
|
lookups = &self.lookups,
|
||||||
|
permutations = &self.permutations
|
||||||
|
)?;
|
||||||
|
for (_, expr) in self.gates.iter() {
|
||||||
|
write!(f, "{:?}, ", expr)?;
|
||||||
|
}
|
||||||
|
write!(f, "]}}")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
impl<F: Field> Default for ConstraintSystem<F> {
|
impl<F: Field> Default for ConstraintSystem<F> {
|
||||||
fn default() -> ConstraintSystem<F> {
|
fn default() -> ConstraintSystem<F> {
|
||||||
ConstraintSystem {
|
ConstraintSystem {
|
||||||
|
@ -610,67 +628,4 @@ impl<F: Field> ConstraintSystem<F> {
|
||||||
self.num_instance_columns += 1;
|
self.num_instance_columns += 1;
|
||||||
tmp
|
tmp
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Hashes the `ConstraintSystem` into a `u64`.
|
|
||||||
pub fn hash_into(&self, mut hasher: &mut Blake2bState) {
|
|
||||||
hasher.update(b"num_fixed_columns");
|
|
||||||
hasher.update(&self.num_fixed_columns.to_le_bytes());
|
|
||||||
|
|
||||||
hasher.update(b"num_advice_columns");
|
|
||||||
hasher.update(&self.num_advice_columns.to_le_bytes());
|
|
||||||
|
|
||||||
hasher.update(b"num_instance_columns");
|
|
||||||
hasher.update(&self.num_instance_columns.to_le_bytes());
|
|
||||||
|
|
||||||
hasher.update(b"num_gates");
|
|
||||||
hasher.update(&self.gates.len().to_le_bytes());
|
|
||||||
for gate in self.gates.iter() {
|
|
||||||
gate.1.hash_into(&mut hasher);
|
|
||||||
}
|
|
||||||
|
|
||||||
hasher.update(b"num_advice_queries");
|
|
||||||
hasher.update(&self.advice_queries.len().to_le_bytes());
|
|
||||||
for query in self.advice_queries.iter() {
|
|
||||||
query.0.hash_into(&mut hasher);
|
|
||||||
query.1.hash_into(&mut hasher);
|
|
||||||
}
|
|
||||||
|
|
||||||
hasher.update(b"num_instance_queries");
|
|
||||||
hasher.update(&self.instance_queries.len().to_le_bytes());
|
|
||||||
for query in self.instance_queries.iter() {
|
|
||||||
query.0.hash_into(&mut hasher);
|
|
||||||
query.1.hash_into(&mut hasher);
|
|
||||||
}
|
|
||||||
|
|
||||||
hasher.update(b"num_fixed_queries");
|
|
||||||
hasher.update(&self.fixed_queries.len().to_le_bytes());
|
|
||||||
for query in self.fixed_queries.iter() {
|
|
||||||
query.0.hash_into(&mut hasher);
|
|
||||||
query.1.hash_into(&mut hasher);
|
|
||||||
}
|
|
||||||
|
|
||||||
hasher.update(b"num_permutations");
|
|
||||||
hasher.update(&self.permutations.len().to_le_bytes());
|
|
||||||
for argument in self.permutations.iter() {
|
|
||||||
hasher.update(&argument.get_columns().len().to_le_bytes());
|
|
||||||
for column in argument.get_columns().iter() {
|
|
||||||
column.hash_into(&mut hasher);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
hasher.update(b"num_lookups");
|
|
||||||
hasher.update(&self.lookups.len().to_le_bytes());
|
|
||||||
for argument in self.lookups.iter() {
|
|
||||||
hasher.update(&argument.input_columns.len().to_le_bytes());
|
|
||||||
assert_eq!(argument.input_columns.len(), argument.table_columns.len());
|
|
||||||
for (input, table) in argument
|
|
||||||
.input_columns
|
|
||||||
.iter()
|
|
||||||
.zip(argument.table_columns.iter())
|
|
||||||
{
|
|
||||||
input.hash_into(&mut hasher);
|
|
||||||
table.hash_into(&mut hasher);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,14 +4,12 @@ use super::circuit::{Any, Column};
|
||||||
use crate::{
|
use crate::{
|
||||||
arithmetic::CurveAffine,
|
arithmetic::CurveAffine,
|
||||||
poly::{Coeff, ExtendedLagrangeCoeff, LagrangeCoeff, Polynomial},
|
poly::{Coeff, ExtendedLagrangeCoeff, LagrangeCoeff, Polynomial},
|
||||||
transcript::Transcript,
|
|
||||||
};
|
};
|
||||||
|
|
||||||
pub(crate) mod keygen;
|
pub(crate) mod keygen;
|
||||||
pub(crate) mod prover;
|
pub(crate) mod prover;
|
||||||
pub(crate) mod verifier;
|
pub(crate) mod verifier;
|
||||||
|
|
||||||
use blake2b_simd::State as Blake2bState;
|
|
||||||
use std::io;
|
use std::io;
|
||||||
|
|
||||||
/// A permutation argument.
|
/// A permutation argument.
|
||||||
|
@ -68,20 +66,6 @@ impl<C: CurveAffine> VerifyingKey<C> {
|
||||||
.collect::<Result<Vec<_>, _>>()?;
|
.collect::<Result<Vec<_>, _>>()?;
|
||||||
Ok(VerifyingKey { commitments })
|
Ok(VerifyingKey { commitments })
|
||||||
}
|
}
|
||||||
|
|
||||||
pub(crate) fn hash_into<T: Transcript<C>>(
|
|
||||||
&self,
|
|
||||||
hasher: &mut Blake2bState,
|
|
||||||
transcript: &mut T,
|
|
||||||
) -> io::Result<()> {
|
|
||||||
hasher.update(b"num_commitments");
|
|
||||||
hasher.update(&self.commitments.len().to_le_bytes());
|
|
||||||
for commitment in &self.commitments {
|
|
||||||
transcript.common_point(*commitment)?;
|
|
||||||
}
|
|
||||||
|
|
||||||
Ok(())
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// The proving key for a single permutation argument.
|
/// The proving key for a single permutation argument.
|
||||||
|
|
|
@ -7,9 +7,6 @@ use super::{Coeff, ExtendedLagrangeCoeff, LagrangeCoeff, Polynomial, Rotation};
|
||||||
|
|
||||||
use ff::{Field, PrimeField};
|
use ff::{Field, PrimeField};
|
||||||
use std::marker::PhantomData;
|
use std::marker::PhantomData;
|
||||||
|
|
||||||
use blake2b_simd::State as Blake2bState;
|
|
||||||
|
|
||||||
/// This structure contains precomputed constants and other details needed for
|
/// This structure contains precomputed constants and other details needed for
|
||||||
/// performing operations on an evaluation domain of size $2^k$ and an extended
|
/// performing operations on an evaluation domain of size $2^k$ and an extended
|
||||||
/// domain of size $2^{k} * j$ with $j \neq 0$.
|
/// domain of size $2^{k} * j$ with $j \neq 0$.
|
||||||
|
@ -378,21 +375,20 @@ impl<G: Group> EvaluationDomain<G> {
|
||||||
pub fn get_quotient_poly_degree(&self) -> usize {
|
pub fn get_quotient_poly_degree(&self) -> usize {
|
||||||
self.quotient_poly_degree as usize
|
self.quotient_poly_degree as usize
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/// Hashes the constants in the domain which influence the proof into a Blake2bState
|
impl<G: Group> std::fmt::Display for EvaluationDomain<G> {
|
||||||
pub fn hash_into(&self, hasher: &mut Blake2bState) {
|
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> Result<(), std::fmt::Error> {
|
||||||
// Hash in field modulus
|
write!(
|
||||||
let modulus = G::Scalar::char_le_bits();
|
f,
|
||||||
hasher.update(&modulus.len().to_le_bytes());
|
"Domain {{\
|
||||||
hasher.update(format!("{:?}", modulus).as_bytes());
|
k = {k:?}, \
|
||||||
|
extended_k = {extended_k:?}, \
|
||||||
hasher.update(b"k");
|
omega = {omega:?} \
|
||||||
hasher.update(&self.k.to_le_bytes());
|
}}",
|
||||||
|
k = self.k,
|
||||||
hasher.update(b"extended_k");
|
extended_k = self.extended_k,
|
||||||
hasher.update(&self.extended_k.to_le_bytes());
|
omega = self.omega
|
||||||
|
)
|
||||||
hasher.update(b"omega");
|
|
||||||
hasher.update(&self.omega.to_bytes());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue