zec
/
librustzcash
mirror of https://github.com/zcash/librustzcash.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Migrate to ff 0.8 and bellman 0.8 

bellman 0.8 includes fixes for several performance regressions.

MSRV is now 1.44.0, matching the ff crate.
This commit is contained in:
Jack Grigg 2020-09-09 00:07:51 +01:00
parent a602769549
commit 96bd59b942
13 changed files with 140 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/ci.yml vendored
View File

@ -11,7 +11,7 @@ jobs:
- uses: actions/checkout@v1
- uses: actions-rs/toolchain@v1
with:
toolchain: 1.40.0
toolchain: 1.44.0
override: true
# cargo fmt does not build the code, and running it in a fresh clone of
@ -48,7 +48,7 @@ jobs:
- uses: actions/checkout@v1
- uses: actions-rs/toolchain@v1
with:
toolchain: 1.40.0
toolchain: 1.44.0
override: true
- name: Fetch path to Zcash parameters
@ -98,7 +98,7 @@ jobs:
- uses: actions/checkout@v1
- uses: actions-rs/toolchain@v1
with:
toolchain: 1.40.0
toolchain: 1.44.0
override: true
- name: Add target
run: rustup target add ${{ matrix.target }}

2
rust-toolchain
View File

@ -1 +1 @@
1.40.0
1.44.0

8
zcash_client_backend/Cargo.toml
View File

@ -13,12 +13,12 @@ edition = "2018"
[dependencies]
bech32 = "0.7"
bls12_381 = "0.2"
bls12_381 = "0.3"
bs58 = { version = "0.3", features = ["check"] }
ff = "0.7"
group = "0.7"
ff = "0.8"
group = "0.8"
hex = "0.4"
jubjub = "0.4"
jubjub = "0.5"
protobuf = "=2.14.0" # 2.15 has MSRV of 1.44.1
subtle = "2"
zcash_primitives = { version = "0.3", path = "../zcash_primitives" }

4
zcash_client_backend/src/welding_rig.rs
View File

@ -203,14 +203,14 @@ mod tests {
use super::scan_block;
use crate::proto::compact_formats::{CompactBlock, CompactOutput, CompactSpend, CompactTx};
fn random_compact_tx<R: RngCore>(rng: &mut R) -> CompactTx {
fn random_compact_tx(mut rng: impl RngCore) -> CompactTx {
let fake_nf = {
let mut nf = vec![0; 32];
rng.fill_bytes(&mut nf);
nf
};
let fake_cmu = {
let fake_cmu = bls12_381::Scalar::random(rng);
let fake_cmu = bls12_381::Scalar::random(&mut rng);
fake_cmu.to_repr().as_ref().to_owned()
};
let fake_epk = {

6
zcash_client_sqlite/Cargo.toml
View File

@ -14,9 +14,9 @@ edition = "2018"
[dependencies]
bech32 = "0.7"
bs58 = { version = "0.3", features = ["check"] }
ff = "0.7"
group = "0.7"
jubjub = "0.4"
ff = "0.8"
group = "0.8"
jubjub = "0.5"
protobuf = "2"
rand_core = "0.5.1"
rusqlite = { version = "0.23", features = ["bundled"] }

9
zcash_primitives/Cargo.toml
View File

@ -16,17 +16,18 @@ all-features = true
[dependencies]
aes = "0.5"
bitvec = "0.18"
blake2b_simd = "0.5"
blake2s_simd = "0.5"
bls12_381 = "0.2"
bls12_381 = "0.3"
byteorder = "1"
crypto_api_chachapoly = "0.4"
equihash = { version = "0.1", path = "../components/equihash" }
ff = "0.7"
ff = "0.8"
fpe = "0.3"
group = "0.7"
group = "0.8"
hex = "0.4"
jubjub = "0.4"
jubjub = "0.5"
lazy_static = "1"
log = "0.4"
rand = "0.7"

54
zcash_primitives/src/redjubjub.rs
View File

@ -158,7 +158,7 @@ pub struct BatchEntry<'a> {
// TODO: #82: This is a naive implementation currently,
// and doesn't use multiexp.
pub fn batch_verify<'a, R: RngCore>(
rng: &mut R,
mut rng: &mut R,
batch: &[BatchEntry<'a>],
p_g: SubgroupPoint,
) -> bool {
@ -179,7 +179,7 @@ pub fn batch_verify<'a, R: RngCore>(
let mut c = h_star(&entry.sig.rbar[..], entry.msg);
let z = jubjub::Fr::random(rng);
let z = jubjub::Fr::random(&mut rng);
s.mul_assign(&z);
s = s.neg();
@ -207,22 +207,22 @@ mod tests {
#[test]
fn test_batch_verify() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
let p_g = SPENDING_KEY_GENERATOR;
let sk1 = PrivateKey(jubjub::Fr::random(rng));
let sk1 = PrivateKey(jubjub::Fr::random(&mut rng));
let vk1 = PublicKey::from_private(&sk1, p_g);
let msg1 = b"Foo bar";
let sig1 = sk1.sign(msg1, rng, p_g);
let sig1 = sk1.sign(msg1, &mut rng, p_g);
assert!(vk1.verify(msg1, &sig1, p_g));
let sk2 = PrivateKey(jubjub::Fr::random(rng));
let sk2 = PrivateKey(jubjub::Fr::random(&mut rng));
let vk2 = PublicKey::from_private(&sk2, p_g);
let msg2 = b"Foo bar";
let sig2 = sk2.sign(msg2, rng, p_g);
let sig2 = sk2.sign(msg2, &mut rng, p_g);
assert!(vk2.verify(msg2, &sig2, p_g));
let mut batch = vec![
@ -238,27 +238,33 @@ mod tests {
},
];
assert!(batch_verify(rng, &batch, p_g));
assert!(batch_verify(&mut rng, &batch, p_g));
batch[0].sig = sig2;
assert!(!batch_verify(rng, &batch, p_g));
assert!(!batch_verify(&mut rng, &batch, p_g));
}
#[test]
fn cofactor_check() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
let zero = jubjub::ExtendedPoint::identity();
let p_g = SPENDING_KEY_GENERATOR;
let jubjub_modulus_bytes = [
0xb7, 0x2c, 0xf7, 0xd6, 0x5e, 0x0e, 0x97, 0xd0, 0x82, 0x10, 0xc8, 0xcc, 0x93, 0x20,
0x68, 0xa6, 0x00, 0x3b, 0x34, 0x01, 0x01, 0x3b, 0x67, 0x06, 0xa9, 0xaf, 0x33, 0x65,
0xea, 0xb4, 0x7d, 0x0e,
];
// Get a point of order 8
let p8 = loop {
let r = jubjub::ExtendedPoint::random(rng)
let r = jubjub::ExtendedPoint::random(&mut rng)
.to_niels()
.multiply_bits(&jubjub::Fr::char());
.multiply_bits(&jubjub_modulus_bytes);
let r2 = r.double();
let r4 = r2.double();
@ -269,12 +275,12 @@ mod tests {
}
};
let sk = PrivateKey(jubjub::Fr::random(rng));
let sk = PrivateKey(jubjub::Fr::random(&mut rng));
let vk = PublicKey::from_private(&sk, p_g);
// TODO: This test will need to change when #77 is fixed
let msg = b"Foo bar";
let sig = sk.sign(msg, rng, p_g);
let sig = sk.sign(msg, &mut rng, p_g);
assert!(vk.verify(msg, &sig, p_g));
let vktorsion = PublicKey(vk.0 + p8);
@ -283,17 +289,17 @@ mod tests {
#[test]
fn round_trip_serialization() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
let p_g = SPENDING_KEY_GENERATOR;
for _ in 0..1000 {
let sk = PrivateKey(jubjub::Fr::random(rng));
let sk = PrivateKey(jubjub::Fr::random(&mut rng));
let vk = PublicKey::from_private(&sk, p_g);
let msg = b"Foo bar";
let sig = sk.sign(msg, rng, p_g);
let sig = sk.sign(msg, &mut rng, p_g);
let mut sk_bytes = [0u8; 32];
let mut vk_bytes = [0u8; 32];
@ -318,33 +324,33 @@ mod tests {
#[test]
fn random_signatures() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
let p_g = SPENDING_KEY_GENERATOR;
for _ in 0..1000 {
let sk = PrivateKey(jubjub::Fr::random(rng));
let sk = PrivateKey(jubjub::Fr::random(&mut rng));
let vk = PublicKey::from_private(&sk, p_g);
let msg1 = b"Foo bar";
let msg2 = b"Spam eggs";
let sig1 = sk.sign(msg1, rng, p_g);
let sig2 = sk.sign(msg2, rng, p_g);
let sig1 = sk.sign(msg1, &mut rng, p_g);
let sig2 = sk.sign(msg2, &mut rng, p_g);
assert!(vk.verify(msg1, &sig1, p_g));
assert!(vk.verify(msg2, &sig2, p_g));
assert!(!vk.verify(msg1, &sig2, p_g));
assert!(!vk.verify(msg2, &sig1, p_g));
let alpha = jubjub::Fr::random(rng);
let alpha = jubjub::Fr::random(&mut rng);
let rsk = sk.randomize(alpha);
let rvk = vk.randomize(alpha, p_g);
let sig1 = rsk.sign(msg1, rng, p_g);
let sig2 = rsk.sign(msg2, rng, p_g);
let sig1 = rsk.sign(msg1, &mut rng, p_g);
let sig2 = rsk.sign(msg2, &mut rng, p_g);
assert!(rvk.verify(msg1, &sig1, p_g));
assert!(rvk.verify(msg2, &sig2, p_g));

11
zcash_primitives/src/sapling.rs
View File

@ -5,7 +5,8 @@ use crate::{
pedersen_hash::{pedersen_hash, Personalization},
primitives::Note,
};
use ff::{BitIterator, PrimeField};
use bitvec::{order::Lsb0, view::AsBits};
use ff::PrimeField;
use group::{Curve, GroupEncoding};
use lazy_static::lazy_static;
use rand_core::{CryptoRng, RngCore};
@ -20,16 +21,16 @@ pub const SAPLING_COMMITMENT_TREE_DEPTH: usize = 32;
pub fn merkle_hash(depth: usize, lhs: &[u8; 32], rhs: &[u8; 32]) -> [u8; 32] {
let lhs = {
let mut tmp = [false; 256];
for (a, b) in tmp.iter_mut().rev().zip(BitIterator::<u8, _>::new(lhs)) {
*a = b;
for (a, b) in tmp.iter_mut().zip(lhs.as_bits::<Lsb0>()) {
*a = *b;
}
tmp
};
let rhs = {
let mut tmp = [false; 256];
for (a, b) in tmp.iter_mut().rev().zip(BitIterator::<u8, _>::new(rhs)) {
*a = b;
for (a, b) in tmp.iter_mut().zip(rhs.as_bits::<Lsb0>()) {
*a = *b;
}
tmp
};

6
zcash_primitives/src/transaction/tests.rs
View File

@ -51,9 +51,9 @@ fn tx_write_rejects_unexpected_binding_sig() {
// Fails with an unexpected binding signature
{
let rng = &mut OsRng;
let sk = PrivateKey(jubjub::Fr::random(rng));
let sig = sk.sign(b"Foo bar", rng, SPENDING_KEY_GENERATOR);
let mut rng = OsRng;
let sk = PrivateKey(jubjub::Fr::random(&mut rng));
let sig = sk.sign(b"Foo bar", &mut rng, SPENDING_KEY_GENERATOR);
let mut tx = TransactionData::new();
tx.binding_sig = Some(sig);

10
zcash_proofs/Cargo.toml
View File

@ -15,14 +15,14 @@ edition = "2018"
all-features = true
[dependencies]
bellman = { version = "0.7", default-features = false, features = ["groth16"] }
bellman = { version = "0.8", default-features = false, features = ["groth16"] }
blake2b_simd = "0.5"
bls12_381 = "0.2"
bls12_381 = "0.3"
byteorder = "1"
directories = { version = "3", optional = true }
ff = "0.7"
group = "0.7"
jubjub = "0.4"
ff = "0.8"
group = "0.8"
jubjub = "0.5"
lazy_static = "1"
minreq = { version = "2", features = ["https"], optional = true }
rand_core = "0.5.1"

20
zcash_proofs/benches/sapling.rs
View File

@ -14,7 +14,7 @@ use zcash_proofs::circuit::sapling::Spend;
const TREE_DEPTH: usize = 32;
fn criterion_benchmark(c: &mut Criterion) {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc,
0xe5,
]);
@ -29,18 +29,18 @@ fn criterion_benchmark(c: &mut Criterion) {
auth_path: vec![None; TREE_DEPTH],
anchor: None,
},
rng,
&mut rng,
)
.unwrap();
c.bench_function("sapling", |b| {
let value_commitment = ValueCommitment {
value: 1,
randomness: jubjub::Fr::random(rng),
randomness: jubjub::Fr::random(&mut rng),
};
let nsk = jubjub::Fr::random(rng);
let ak = jubjub::SubgroupPoint::random(rng);
let nsk = jubjub::Fr::random(&mut rng);
let ak = jubjub::SubgroupPoint::random(&mut rng);
let proof_generation_key = ProofGenerationKey {
ak: ak.clone(),
@ -64,11 +64,11 @@ fn criterion_benchmark(c: &mut Criterion) {
}
}
let commitment_randomness = jubjub::Fr::random(rng);
let commitment_randomness = jubjub::Fr::random(&mut rng);
let auth_path =
vec![Some((bls12_381::Scalar::random(rng), rng.next_u32() % 2 != 0)); TREE_DEPTH];
let ar = jubjub::Fr::random(rng);
let anchor = bls12_381::Scalar::random(rng);
vec![Some((bls12_381::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); TREE_DEPTH];
let ar = jubjub::Fr::random(&mut rng);
let anchor = bls12_381::Scalar::random(&mut rng);
b.iter(|| {
create_random_proof(
@ -82,7 +82,7 @@ fn criterion_benchmark(c: &mut Criterion) {
anchor: Some(anchor),
},
&groth_params,
rng,
&mut rng,
)
});
});

80
zcash_proofs/src/circuit/ecc.rs
View File

@ -620,7 +620,7 @@ impl MontgomeryPoint {
#[cfg(test)]
mod test {
use bellman::ConstraintSystem;
use ff::{BitIterator, Field, PrimeField};
use ff::{Field, PrimeField};
use group::{Curve, Group};
use rand_core::{RngCore, SeedableRng};
use rand_xorshift::XorShiftRng;
@ -633,7 +633,7 @@ mod test {
#[test]
fn test_into_edwards() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
@ -641,7 +641,7 @@ mod test {
for _ in 0..100 {
let mut cs = TestConstraintSystem::new();
let p = jubjub::ExtendedPoint::random(rng);
let p = jubjub::ExtendedPoint::random(&mut rng);
let (x, y) = to_montgomery_coords(p).unwrap();
let p = p.to_affine();
let (u, v) = (p.get_u(), p.get_v());
@ -657,12 +657,12 @@ mod test {
assert!(q.u.get_value().unwrap() == u);
assert!(q.v.get_value().unwrap() == v);
cs.set("u/num", bls12_381::Scalar::random(rng));
cs.set("u/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied().unwrap(), "u computation");
cs.set("u/num", u);
assert!(cs.is_satisfied());
cs.set("v/num", bls12_381::Scalar::random(rng));
cs.set("v/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied().unwrap(), "v computation");
cs.set("v/num", v);
assert!(cs.is_satisfied());
@ -671,13 +671,13 @@ mod test {
#[test]
fn test_interpret() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
for _ in 0..100 {
let p = jubjub::ExtendedPoint::random(rng);
let p = jubjub::ExtendedPoint::random(&mut rng);
let mut cs = TestConstraintSystem::new();
let q = EdwardsPoint::witness(&mut cs, Some(p.clone())).unwrap();
@ -690,7 +690,7 @@ mod test {
}
for _ in 0..100 {
let p = jubjub::ExtendedPoint::random(rng).to_affine();
let p = jubjub::ExtendedPoint::random(&mut rng).to_affine();
let (u, v) = (p.get_u(), p.get_v());
let mut cs = TestConstraintSystem::new();
@ -706,8 +706,8 @@ mod test {
// Random (u, v) are unlikely to be on the curve.
for _ in 0..100 {
let u = bls12_381::Scalar::random(rng);
let v = bls12_381::Scalar::random(rng);
let u = bls12_381::Scalar::random(&mut rng);
let v = bls12_381::Scalar::random(&mut rng);
let mut cs = TestConstraintSystem::new();
let numu = AllocatedNum::alloc(cs.namespace(|| "u"), || Ok(u)).unwrap();
@ -721,7 +721,7 @@ mod test {
#[test]
fn test_edwards_fixed_base_multiplication() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
@ -730,16 +730,15 @@ mod test {
let mut cs = TestConstraintSystem::<bls12_381::Scalar>::new();
let p = zcash_primitives::constants::NOTE_COMMITMENT_RANDOMNESS_GENERATOR;
let s = jubjub::Fr::random(rng);
let s = jubjub::Fr::random(&mut rng);
let q = jubjub::ExtendedPoint::from(p * s).to_affine();
let (u1, v1) = (q.get_u(), q.get_v());
let mut s_bits = BitIterator::<u8, _>::new(s.to_repr()).collect::<Vec<_>>();
s_bits.reverse();
s_bits.truncate(jubjub::Fr::NUM_BITS as usize);
let s_bits = s_bits
let s_bits = s
.to_le_bits()
.into_iter()
.take(jubjub::Fr::NUM_BITS as usize)
.cloned()
.enumerate()
.map(|(i, b)| {
AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b))
@ -762,7 +761,7 @@ mod test {
#[test]
fn test_edwards_multiplication() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
@ -770,8 +769,8 @@ mod test {
for _ in 0..100 {
let mut cs = TestConstraintSystem::new();
let p = jubjub::ExtendedPoint::random(rng);
let s = jubjub::Fr::random(rng);
let p = jubjub::ExtendedPoint::random(&mut rng);
let s = jubjub::Fr::random(&mut rng);
let q = (p * s).to_affine();
let p = p.to_affine();
@ -786,12 +785,11 @@ mod test {
v: num_v0,
};
let mut s_bits = BitIterator::<u8, _>::new(s.to_repr()).collect::<Vec<_>>();
s_bits.reverse();
s_bits.truncate(jubjub::Fr::NUM_BITS as usize);
let s_bits = s_bits
let s_bits = s
.to_le_bits()
.into_iter()
.take(jubjub::Fr::NUM_BITS as usize)
.cloned()
.enumerate()
.map(|(i, b)| {
AllocatedBit::alloc(cs.namespace(|| format!("scalar bit {}", i)), Some(b))
@ -812,7 +810,7 @@ mod test {
#[test]
fn test_conditionally_select() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
@ -820,7 +818,7 @@ mod test {
for _ in 0..1000 {
let mut cs = TestConstraintSystem::new();
let p = jubjub::ExtendedPoint::random(rng).to_affine();
let p = jubjub::ExtendedPoint::random(&mut rng).to_affine();
let (u0, v0) = (p.get_u(), p.get_v());
@ -878,14 +876,14 @@ mod test {
#[test]
fn test_edwards_addition() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
for _ in 0..100 {
let p1 = jubjub::ExtendedPoint::random(rng);
let p2 = jubjub::ExtendedPoint::random(rng);
let p1 = jubjub::ExtendedPoint::random(&mut rng);
let p2 = jubjub::ExtendedPoint::random(&mut rng);
let p3 = p1 + p2;
@ -923,19 +921,19 @@ mod test {
assert!(p3.v.get_value().unwrap() == v2);
let uppercase_u = cs.get("addition/U/num");
cs.set("addition/U/num", bls12_381::Scalar::random(rng));
cs.set("addition/U/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied(), Some("addition/U computation"));
cs.set("addition/U/num", uppercase_u);
assert!(cs.is_satisfied());
let u3 = cs.get("addition/u3/num");
cs.set("addition/u3/num", bls12_381::Scalar::random(rng));
cs.set("addition/u3/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied(), Some("addition/u3 computation"));
cs.set("addition/u3/num", u3);
assert!(cs.is_satisfied());
let v3 = cs.get("addition/v3/num");
cs.set("addition/v3/num", bls12_381::Scalar::random(rng));
cs.set("addition/v3/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied(), Some("addition/v3 computation"));
cs.set("addition/v3/num", v3);
assert!(cs.is_satisfied());
@ -944,13 +942,13 @@ mod test {
#[test]
fn test_edwards_doubling() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
for _ in 0..100 {
let p1 = jubjub::ExtendedPoint::random(rng);
let p1 = jubjub::ExtendedPoint::random(&mut rng);
let p2 = p1.double();
let p1 = p1.to_affine();
@ -980,14 +978,14 @@ mod test {
#[test]
fn test_montgomery_addition() {
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x5d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06,
0xbc, 0xe5,
]);
for _ in 0..100 {
let p1 = jubjub::ExtendedPoint::random(rng);
let p2 = jubjub::ExtendedPoint::random(rng);
let p1 = jubjub::ExtendedPoint::random(&mut rng);
let p2 = jubjub::ExtendedPoint::random(&mut rng);
let p3 = p1 + p2;
let (x0, y0) = to_montgomery_coords(p1).unwrap();
@ -1019,17 +1017,17 @@ mod test {
assert!(p3.x.get_value().unwrap() == x2);
assert!(p3.y.get_value().unwrap() == y2);
cs.set("addition/yprime/num", bls12_381::Scalar::random(rng));
cs.set("addition/yprime/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate yprime"));
cs.set("addition/yprime/num", y2);
assert!(cs.is_satisfied());
cs.set("addition/xprime/num", bls12_381::Scalar::random(rng));
cs.set("addition/xprime/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate xprime"));
cs.set("addition/xprime/num", x2);
assert!(cs.is_satisfied());
cs.set("addition/lambda/num", bls12_381::Scalar::random(rng));
cs.set("addition/lambda/num", bls12_381::Scalar::random(&mut rng));
assert_eq!(cs.which_is_unsatisfied(), Some("addition/evaluate lambda"));
}
}

62
zcash_proofs/src/circuit/sapling.rs
View File

@ -512,7 +512,7 @@ impl Circuit<bls12_381::Scalar> for Output {
#[test]
fn test_input_circuit_with_bls12_381() {
use bellman::gadgets::test::*;
use ff::{BitIterator, Field};
use ff::Field;
use group::Group;
use rand_core::{RngCore, SeedableRng};
use rand_xorshift::XorShiftRng;
@ -521,7 +521,7 @@ fn test_input_circuit_with_bls12_381() {
primitives::{Diversifier, Note, ProofGenerationKey, Rseed},
};
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc,
0xe5,
]);
@ -531,11 +531,11 @@ fn test_input_circuit_with_bls12_381() {
for _ in 0..10 {
let value_commitment = ValueCommitment {
value: rng.next_u64(),
randomness: jubjub::Fr::random(rng),
randomness: jubjub::Fr::random(&mut rng),
};
let nsk = jubjub::Fr::random(rng);
let ak = jubjub::SubgroupPoint::random(rng);
let nsk = jubjub::Fr::random(&mut rng);
let ak = jubjub::SubgroupPoint::random(&mut rng);
let proof_generation_key = ProofGenerationKey {
ak: ak.clone(),
@ -560,10 +560,10 @@ fn test_input_circuit_with_bls12_381() {
}
let g_d = payment_address.diversifier().g_d().unwrap();
let commitment_randomness = jubjub::Fr::random(rng);
let commitment_randomness = jubjub::Fr::random(&mut rng);
let auth_path =
vec![Some((bls12_381::Scalar::random(rng), rng.next_u32() % 2 != 0)); tree_depth];
let ar = jubjub::Fr::random(rng);
vec![Some((bls12_381::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); tree_depth];
let ar = jubjub::Fr::random(&mut rng);
{
let rk = jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine();
@ -590,17 +590,15 @@ fn test_input_circuit_with_bls12_381() {
::std::mem::swap(&mut lhs, &mut rhs);
}
let mut lhs: Vec<bool> = BitIterator::<u8, _>::new(lhs.to_repr()).collect();
let mut rhs: Vec<bool> = BitIterator::<u8, _>::new(rhs.to_repr()).collect();
lhs.reverse();
rhs.reverse();
let lhs = lhs.to_le_bits();
let rhs = rhs.to_le_bits();
cur = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
pedersen_hash::Personalization::MerkleTree(i),
lhs.into_iter()
.take(bls12_381::Scalar::NUM_BITS as usize)
.chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize)),
.chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize))
.cloned(),
))
.to_affine()
.get_u();
@ -660,7 +658,7 @@ fn test_input_circuit_with_bls12_381() {
#[test]
fn test_input_circuit_with_bls12_381_external_test_vectors() {
use bellman::gadgets::test::*;
use ff::{BitIterator, Field};
use ff::Field;
use group::Group;
use rand_core::{RngCore, SeedableRng};
use rand_xorshift::XorShiftRng;
@ -669,7 +667,7 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() {
primitives::{Diversifier, Note, ProofGenerationKey, Rseed},
};
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x59, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc,
0xe5,
]);
@ -708,8 +706,8 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() {
randomness: jubjub::Fr::from_str(&(1000 * (i + 1)).to_string()).unwrap(),
};
let nsk = jubjub::Fr::random(rng);
let ak = jubjub::SubgroupPoint::random(rng);
let nsk = jubjub::Fr::random(&mut rng);
let ak = jubjub::SubgroupPoint::random(&mut rng);
let proof_generation_key = ProofGenerationKey {
ak: ak.clone(),
@ -734,10 +732,10 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() {
}
let g_d = payment_address.diversifier().g_d().unwrap();
let commitment_randomness = jubjub::Fr::random(rng);
let commitment_randomness = jubjub::Fr::random(&mut rng);
let auth_path =
vec![Some((bls12_381::Scalar::random(rng), rng.next_u32() % 2 != 0)); tree_depth];
let ar = jubjub::Fr::random(rng);
vec![Some((bls12_381::Scalar::random(&mut rng), rng.next_u32() % 2 != 0)); tree_depth];
let ar = jubjub::Fr::random(&mut rng);
{
let rk = jubjub::ExtendedPoint::from(viewing_key.rk(ar)).to_affine();
@ -772,17 +770,15 @@ fn test_input_circuit_with_bls12_381_external_test_vectors() {
::std::mem::swap(&mut lhs, &mut rhs);
}
let mut lhs: Vec<bool> = BitIterator::<u8, _>::new(lhs.to_repr()).collect();
let mut rhs: Vec<bool> = BitIterator::<u8, _>::new(rhs.to_repr()).collect();
lhs.reverse();
rhs.reverse();
let lhs = lhs.to_le_bits();
let rhs = rhs.to_le_bits();
cur = jubjub::ExtendedPoint::from(pedersen_hash::pedersen_hash(
pedersen_hash::Personalization::MerkleTree(i),
lhs.into_iter()
.take(bls12_381::Scalar::NUM_BITS as usize)
.chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize)),
.chain(rhs.into_iter().take(bls12_381::Scalar::NUM_BITS as usize))
.cloned(),
))
.to_affine()
.get_u();
@ -848,7 +844,7 @@ fn test_output_circuit_with_bls12_381() {
use rand_xorshift::XorShiftRng;
use zcash_primitives::primitives::{Diversifier, ProofGenerationKey, Rseed};
let rng = &mut XorShiftRng::from_seed([
let mut rng = XorShiftRng::from_seed([
0x58, 0x62, 0xbe, 0x3d, 0x76, 0x3d, 0x31, 0x8d, 0x17, 0xdb, 0x37, 0x32, 0x54, 0x06, 0xbc,
0xe5,
]);
@ -856,11 +852,11 @@ fn test_output_circuit_with_bls12_381() {
for _ in 0..100 {
let value_commitment = ValueCommitment {
value: rng.next_u64(),
randomness: jubjub::Fr::random(rng),
randomness: jubjub::Fr::random(&mut rng),
};
let nsk = jubjub::Fr::random(rng);
let ak = jubjub::SubgroupPoint::random(rng);
let nsk = jubjub::Fr::random(&mut rng);
let ak = jubjub::SubgroupPoint::random(&mut rng);
let proof_generation_key = ProofGenerationKey {
ak: ak.clone(),
@ -884,8 +880,8 @@ fn test_output_circuit_with_bls12_381() {
}
}
let commitment_randomness = jubjub::Fr::random(rng);
let esk = jubjub::Fr::random(rng);
let commitment_randomness = jubjub::Fr::random(&mut rng);
let esk = jubjub::Fr::random(&mut rng);
{
let mut cs = TestConstraintSystem::new();