zec
/
pasta_curves
mirror of https://github.com/zcash/pasta_curves.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
693 Commits 6 Branches 6 Tags 5.1 MiB
Commit Graph

440 Commits

Author SHA1 Message Date
ebfull 98896560fd
Merge pull request #203 from zcash/newtype-region-idx 
Add circuit::RegionIndex and circuit::RegionStart newtypes
 2021-02-23 08:20:19 -07:00
Sean Bowe 12230a49e0
Move CURVE_ID to CurveExt. 2021-02-22 16:30:05 -07:00
Sean Bowe 75bb8121fb
Switch to domain prefix based on what is suggested in #182 by @daira. 2021-02-22 16:13:11 -07:00
Sean Bowe 1078f854e3
Remove BLAKE2B_PERSONALIZATION constant. 2021-02-22 15:53:22 -07:00
Sean Bowe 5503517ac1
Produce URS using `hashtocurve` logic. 2021-02-22 15:50:01 -07:00
Sean Bowe df8dcce042
Add CurveExt and AffineExt associated types to project Group trait implementations. 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-02-22 15:47:57 -07:00
Jack Grigg b4ed5295fe Migrate to group traits 
The `Curve` trait is now `CurveExt: group::prime::PrimeCurve`, and
`CurveAffine` is now `CurveAffine: group::prime::PrimeCurveAffine`.

There is no `CurveAffine` trait in `group`, and it's a widely-used
trait in this crate, so we don't rename it to `CurveAffineExt`.
 2021-02-22 20:20:23 +00:00
Jack Grigg 55fb581f17 Define hash-to-curve over Curve, not CurveAffine 
This removes an unnecessary layer of indirection from the type system,
and ensures that these APIs depend on the halo2-specific trait with the
extensions we require.
 2021-02-22 20:12:10 +00:00
Jack Grigg 082d66d6e7 pasta: Reorganize the curve macro 
This will make the migration to group easier to review.
 2021-02-22 20:05:12 +00:00
Jack Grigg 7037d55320 Rename Curve and CurveAffine properties to match group traits 2021-02-22 20:05:08 +00:00
Jack Grigg 81a7936d99 pasta: Split halo2-specific curve-specific logic into a separate macro 2021-02-22 18:53:27 +00:00
Sean Bowe e93de2c285
Avoid heap allocations within hash_to_curve. 2021-02-22 10:15:30 -07:00
Daira Hopwood 16e5f96f3f Fix a clippy lint. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-22 16:02:38 +00:00
Daira Hopwood e408a351d5 Remove a redundant bool::from. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-21 21:43:11 +00:00
Daira Hopwood 7dc21f4727 Repair test vectors and add tests for map_to_curve_simple_swu. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-21 21:01:19 +00:00
Daira Hopwood 24def7ce02 Fix case where the input to map_to_curve_simple_swu is 0, and remove unneeded B_OVER_ZA constants. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-21 21:00:50 +00:00
Daira Hopwood 642aad68a3
Revert comment changes that are no longer relevant, now that we don't expose the isogenous curves in the API 2021-02-20 21:54:50 +00:00
Daira Hopwood a14eccc13d Remove unused hash support for Pasta Fp and Fq. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-20 21:51:32 +00:00
therealyingtong 84f732acb4 Add circuit::RegionIndex and circuit::RegionStart newtypes 2021-02-20 21:26:42 +08:00
Daira Hopwood 8b8dbbe2bb Refine type of buf in hash_to_field as suggested by @ebfull. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-19 15:52:11 +00:00
Daira Hopwood 6d8c899e16 Rename map_to_curve to map_to_curve_simple_swu. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-19 15:52:11 +00:00
Daira Hopwood 785ad5375c Switch from XOF:SHAKE128 to XMD:BLAKE2b. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-19 15:52:11 +00:00
Daira Hopwood 25ea5d07f7 Fix error in doc comment. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-19 15:52:11 +00:00
Daira Hopwood 9aa3327a0a Fix clippy lints. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-19 15:52:11 +00:00
Sean Bowe c17cd408f1 Fix point doubling on isogenous curve and add test for isogeny of identity. 2021-02-19 15:52:11 +00:00
Sean Bowe d14d2314a1 Remove isogenous curve from public API. 2021-02-19 15:52:11 +00:00
Sean Bowe b488355e13 Add example to hash_to_curve doc comment. 2021-02-19 15:52:11 +00:00
Sean Bowe dc069dff31 Rename hasher to hash_to_curve. 2021-02-19 15:52:11 +00:00
Sean Bowe f6f008f905 Remove `MINUS_B_OVER_A` constant. 2021-02-19 15:52:11 +00:00
Sean Bowe c48229ce0f Remove dependency on byteorder crate 2021-02-19 15:52:11 +00:00
Sean Bowe 783e602e85 Remove `SimplifiedSWUWithDegree3Isogeny` structure because state is no longer necessary. 2021-02-19 15:52:11 +00:00
Sean Bowe 83e2656c3e Introduce Curve::hasher abstraction. 2021-02-19 15:52:11 +00:00
Sean Bowe 68a7a19d3b Move hashtocurve module into pasta module. 2021-02-19 15:52:11 +00:00
Sean Bowe b134a73ef5 Hardcode isogeny constants and constants for hash to curve. 2021-02-19 15:52:11 +00:00
Sean Bowe 5b33ff9cab Consolidate the hashtocurve module traits into a single structure. 2021-02-19 15:52:11 +00:00
Sean Bowe e4e8aef5b6 Simplify HashToCurve trait. 2021-02-19 15:52:11 +00:00
Daira Hopwood db11c47045 Apply suggestions from code review 
Co-authored-by: ying tong <yingtong@z.cash>
 2021-02-19 15:52:11 +00:00
Daira Hopwood fa3afc29bb Add an implementation of simplified SWU hash-to-curve. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-19 15:52:11 +00:00
Daira Hopwood 4d61ad8ff5 Need a borrow here. 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-18 23:50:19 +00:00
Sean Bowe 0316019a94
Add test for polynomial rotation in Lagrange form. 2021-02-18 16:25:00 -07:00
Sean Bowe 81af4e43d1
Update pinned verification key to account for circuit changes 2021-02-18 15:48:20 -07:00
therealyingtong d29246b49b
Rename const_* -> constant_* 2021-02-18 15:41:36 -07:00
therealyingtong 4bf46fc349
Add Expression::Const variant 2021-02-18 15:41:36 -07:00
therealyingtong 6a7f869f66
Clippy fixes 2021-02-18 15:41:36 -07:00
therealyingtong df2d818891
Account for Rotations of LagrangeCoeff values 2021-02-18 15:41:36 -07:00
therealyingtong 8e56b415fb
Rename column -> expression for lookups 2021-02-18 15:41:36 -07:00
therealyingtong 2f2de13887
Calculate required degree of lookup 2021-02-18 15:41:36 -07:00
therealyingtong aca6de61f8
Evaluate Expressions and all variants 
Co-authored-by: Jack Grigg <jack@electriccoin.co>
 2021-02-18 15:41:36 -07:00
therealyingtong d8534e1c50
Pass Expressions to meta.lookup() 2021-02-18 15:41:35 -07:00
ebfull 9401ceb68d
Merge pull request #173 from zcash/vk-transcript 
Hash verification key into transcript
 2021-02-18 13:28:57 -07:00
Sean Bowe 5e20b0f2a7
Automatically derive PinnedVerificationKey's Debug impl. 2021-02-18 07:51:41 -07:00
Sean Bowe 7fcd302d2d
cargo fmt 2021-02-17 15:40:41 -07:00
Sean Bowe 8060a12ea4
Fix minor nit (match ergonomics) 2021-02-17 15:39:46 -07:00
Sean Bowe 2b1c319ba0
Use pretty-printing in test of verification key pinning. 2021-02-17 15:38:43 -07:00
Sean Bowe 2fe4e0d900
Change personalization of BLAKE2b used in hash_into. 2021-02-17 15:20:19 -07:00
Sean Bowe 87536cea10
Use newtypes to simplify Debug implementations for pinning verification keys. 2021-02-17 15:20:19 -07:00
Sean Bowe 2076701fc3
cargo fmt 2021-02-17 15:19:34 -07:00
Sean Bowe 34a5bfd4b1
Remove unused TryInto import. 2021-02-17 15:19:34 -07:00
Sean Bowe 6226426be0
Restore whitespace 2021-02-17 15:19:34 -07:00
ebfull bc9d05e67b
Apply suggestions from code review 
Co-authored-by: str4d <jack@electriccoin.co>
 2021-02-17 15:19:34 -07:00
Sean Bowe 98f5b17359
Remove unused import 2021-02-17 15:19:34 -07:00
Sean Bowe ea563434f4
Remove hash_into from Rotation. 2021-02-17 15:19:34 -07:00
Sean Bowe dfa7d96fa9
Refactor verification key hashing logic to use Display impls. 2021-02-17 15:19:34 -07:00
therealyingtong f35e190455
Hash in field modulus, curve parameters 2021-02-17 15:19:34 -07:00
therealyingtong 52c028b4da
Disambiguate naming of hash() -> hash_into() 2021-02-17 15:19:34 -07:00
therealyingtong e7d6f67564
Rename aux -> instance after rebasing 2021-02-17 15:19:34 -07:00
therealyingtong b204ff74a8
Do not return hash results from component hash() methods 2021-02-17 15:19:34 -07:00
therealyingtong 4aa4b4463a
Hash domain and cs into transcript 2021-02-17 15:19:34 -07:00
therealyingtong 437782e902
Hash fixed_commitments and permutations into transcript 2021-02-17 15:19:33 -07:00
Jack Grigg 0c4f779993 ff 0.9 2021-02-17 20:42:27 +00:00
ebfull 068babe3d0
Merge pull request #193 from zcash/any-permutation 
Allow permutations to be over all column types
 2021-02-17 09:06:27 -07:00
therealyingtong a19dc68dee Use Column<Any> in Permutation::Argument 2021-02-17 21:32:17 +08:00
Jack Grigg bea5f7f418 Add gadgets for elliptic curve operations 2021-02-17 00:49:22 +00:00
Jack Grigg 25573bbeb8 Alter the SHA-256 gadget to require namespacing 2021-02-17 00:16:47 +00:00
Jack Grigg 4c5a00b767 SHA-256 gadgets and chip traits 2021-02-15 16:35:58 +00:00
Daira Hopwood 22297bbc89
Merge pull request #185 from daira/aux-to-instance 
Rename "auxiliary column" to "instance column" in the book and in code
 2021-02-15 15:42:54 +00:00
Sean Bowe 3b954cdd3b
Allow unknown clippy lints so that lints added in nightly don't break CI 2021-02-15 07:53:27 -07:00
Daira Hopwood 760d69bd2c Rename "auxiliary column" to "instance column" in the book and in code. fixes #181 
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
 2021-02-14 21:09:49 +00:00
Sean Bowe 175c1449d3
Disable clippy::upper_case_acronyms lint. 2021-02-14 09:39:05 -07:00
Sean Bowe 4b960a7c0c
cargo fmt 2021-02-14 09:28:51 -07:00
ebfull 9fc45ad11e
Merge pull request #163 from zcash/region-helpers 
Helpers for implementing regions
 2021-02-12 10:03:39 -07:00
Jack Grigg 821bca0abe Reduce FieldExt bound to Field for Neg and Sub impls on Expression<F> 2021-02-12 16:52:42 +00:00
Sean Bowe d3cd39fc6d
Add common_scalar method to Transcript. 2021-02-12 09:08:56 -07:00
Jack Grigg 5905230174 Fix stable clippy lints 2021-02-05 16:48:41 +00:00
Jack Grigg 3fc245343e Return results from assigned regions 
This makes it easier to pass variables out of a region.
 2021-02-01 21:42:57 +00:00
Jack Grigg db0477a606 impl<F: FieldExt> {Neg, Sub} for Expression<F> 2021-02-01 21:42:57 +00:00
Jack Grigg 0a378c3d0f Require Circuit::Config implement Clone instead of Copy 2021-02-01 19:05:19 +00:00
Jack Grigg c95f0b7c0c circuit_layout: Darken the cells of the region that have been assigned to 
We record every instance of a cell assignment, so that cells which are
double-assigned (which is usually a mistake) will appear darker.
 2021-02-01 18:38:22 +00:00
Jack Grigg 3c1132ec59 Add halo2::dev::circuit_layout behind dev-graph feature flag 
This method renders circuits as tables, showing how the various regions
within them have been layed out.
 2021-02-01 18:38:20 +00:00
Jack Grigg 7dd6e65a5f Add halo2::dev::circuit_dot_graph behind dev-graph feature flag 
This method renders circuits as dot graphs, to help circuit developers
understand their structure.
 2021-02-01 18:38:16 +00:00
Jack Grigg 82da677add Add name field to ConstraintSystem::create_gate 
The name has type `&'static str`, as gates apply to every row and thus
do not require any runtime information to name.
 2021-02-01 18:38:13 +00:00
Jack Grigg bf771a7446 Add namespacing and gadget name collection to Layouter 2021-02-01 18:38:04 +00:00
Jack Grigg 60061f64fd Add name field to Layouter::assign_region 2021-02-01 18:34:24 +00:00
Jack Grigg 4c3adf59d5 Add annotations to Region::{assign_advice, assign_fixed} 
This enables circuits to annotate individual cells with variable names
or similar protocol-specific metadata.
 2021-02-01 18:33:25 +00:00
therealyingtong 48bfea9782 Replace DummyHash with BLAKE2b 2021-02-02 00:53:53 +08:00
therealyingtong ea14d99a83 Renaming and cleanups from code review 
Co-authored-by: Sean Bowe <ewillbefull@gmail.com>
 2021-02-02 00:05:55 +08:00
therealyingtong a00d7c2fa6 Cleanups from code review 
Co-authored-by: Kris Nuttycombe <kris.nuttycombe@gmail.com>
Co-authored-by: Sean Bowe <ewillbefull@gmail.com>
 2021-01-31 11:48:32 +08:00
therealyingtong de86391f0e Update test to pass multiple ConcreteCircuits 2021-01-31 11:48:32 +08:00
therealyingtong def65609b1 Refactor PLONK verifier 2021-01-31 11:45:40 +08:00
therealyingtong 02b5b8442b Refactor PLONK prover 2021-01-31 11:45:40 +08:00