zec
/
orchard
mirror of https://github.com/zcash/orchard.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

circuit::gadget: Remove Orchard-specific names from gadget consts. 

- L_ORCHARD_BASE -> pallas::Base::NUM_BITS,
- L_ORCHARD_SCALAR -> pallas::Scalar::NUM_BITS,
- L_VALUE -> L_SCALAR_SHORT,
- MERKLE_DEPTH_ORCHARD -> MERKLE_DEPTH.
This commit is contained in:
therealyingtong 2021-11-29 15:39:41 -05:00
parent 1a3cbeb896
commit a5cfd2cfc6
7 changed files with 35 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/circuit/gadget/ecc/chip.rs
View File

@ -6,6 +6,7 @@ use crate::{
primitives::sinsemilla,
};
use arrayvec::ArrayVec;
use ff::PrimeField;
use ff::Field;
use group::prime::PrimeCurveAffine;
@ -31,23 +32,15 @@ pub const H: usize = 1 << FIXED_BASE_WINDOW_SIZE;
/// Number of windows for a full-width scalar
pub const NUM_WINDOWS: usize =
(L_ORCHARD_SCALAR + FIXED_BASE_WINDOW_SIZE - 1) / FIXED_BASE_WINDOW_SIZE;
(pallas::Scalar::NUM_BITS as usize + FIXED_BASE_WINDOW_SIZE - 1) / FIXED_BASE_WINDOW_SIZE;
/// Number of windows for a short signed scalar
pub const NUM_WINDOWS_SHORT: usize =
(L_VALUE + FIXED_BASE_WINDOW_SIZE - 1) / FIXED_BASE_WINDOW_SIZE;
(L_SCALAR_SHORT + FIXED_BASE_WINDOW_SIZE - 1) / FIXED_BASE_WINDOW_SIZE;
/// $\ell_\mathsf{value}$
/// Number of bits in an unsigned short scalar.
pub(crate) const L_VALUE: usize = 64;
/// $\ell^\mathsf{Orchard}_\mathsf{base}$
/// Number of bits in a Pallas base field element.
pub(crate) const L_ORCHARD_BASE: usize = 255;
/// $\ell^\mathsf{Orchard}_\mathsf{scalar}$
/// Number of bits in a Pallas scalar field element.
pub(crate) const L_ORCHARD_SCALAR: usize = 255;
pub(crate) const L_SCALAR_SHORT: usize = 64;
/// The Pallas scalar field modulus is $q = 2^{254} + \mathsf{t_q}$.
/// <https://github.com/zcash/pasta>

13
src/circuit/gadget/ecc/chip/mul_fixed/base_field_elem.rs
View File

@ -1,6 +1,4 @@
use super::super::{
EccBaseFieldElemFixed, EccPoint, FixedPoints, L_ORCHARD_BASE, NUM_WINDOWS, T_P,
};
use super::super::{EccBaseFieldElemFixed, EccPoint, FixedPoints, NUM_WINDOWS, T_P};
use super::H_BASE;
use crate::{
@ -9,9 +7,10 @@ use crate::{
},
primitives::sinsemilla,
};
use halo2::circuit::AssignedCell;
use group::ff::PrimeField;
use halo2::{
circuit::Layouter,
circuit::{AssignedCell, Layouter},
plonk::{Advice, Column, ConstraintSystem, Error, Expression, Selector},
poly::Rotation,
};
@ -179,7 +178,7 @@ impl<Fixed: FixedPoints<pallas::Affine>> Config<Fixed> {
offset,
scalar.clone(),
true,
L_ORCHARD_BASE,
pallas::Base::NUM_BITS as usize,
NUM_WINDOWS,
)?;
EccBaseFieldElemFixed {
@ -217,7 +216,7 @@ impl<Fixed: FixedPoints<pallas::Affine>> Config<Fixed> {
// Check that the correct multiple is obtained.
{
use super::super::FixedPoint;
use group::{ff::PrimeField, Curve};
use group::Curve;
let scalar = &scalar
.base_field_elem()

9
src/circuit/gadget/ecc/chip/mul_fixed/full_width.rs
View File

@ -1,9 +1,8 @@
use super::super::{
EccPoint, EccScalarFixed, FixedPoints, FIXED_BASE_WINDOW_SIZE, H, L_ORCHARD_SCALAR, NUM_WINDOWS,
};
use super::super::{EccPoint, EccScalarFixed, FixedPoints, FIXED_BASE_WINDOW_SIZE, H, NUM_WINDOWS};
use crate::circuit::gadget::utilities::{decompose_word, range_check};
use arrayvec::ArrayVec;
use ff::PrimeField;
use halo2::{
circuit::{AssignedCell, Layouter, Region},
plonk::{ConstraintSystem, Error, Selector},
@ -59,7 +58,9 @@ impl<Fixed: FixedPoints<pallas::Affine>> Config<Fixed> {
offset: usize,
scalar: Option<pallas::Scalar>,
) -> Result<EccScalarFixed, Error> {
let windows = self.decompose_scalar_fixed::<L_ORCHARD_SCALAR>(scalar, offset, region)?;
let windows = self.decompose_scalar_fixed::<{ pallas::Scalar::NUM_BITS as usize }>(
scalar, offset, region,
)?;
Ok(EccScalarFixed {
value: scalar,

4
src/circuit/gadget/ecc/chip/mul_fixed/short.rs
View File

@ -1,6 +1,6 @@
use std::{array, convert::TryInto};
use super::super::{EccPoint, EccScalarFixedShort, FixedPoints, L_VALUE, NUM_WINDOWS_SHORT};
use super::super::{EccPoint, EccScalarFixedShort, FixedPoints, L_SCALAR_SHORT, NUM_WINDOWS_SHORT};
use crate::circuit::gadget::{ecc::chip::MagnitudeSign, utilities::bool_check};
use halo2::{
@ -81,7 +81,7 @@ impl<Fixed: FixedPoints<pallas::Affine>> Config<Fixed> {
offset,
magnitude.clone(),
true,
L_VALUE,
L_SCALAR_SHORT,
NUM_WINDOWS_SHORT,
)?;

2
src/circuit/gadget/sinsemilla.rs
View File

@ -546,7 +546,7 @@ mod tests {
&OrchardHashDomains::MerkleCrh,
);
// Layer 31, l = MERKLE_DEPTH_ORCHARD - 1 - layer = 0
// Layer 31, l = MERKLE_DEPTH - 1 - layer = 0
let l_bitstring = vec![Some(false); K];
let l = MessagePiece::from_bitstring(
chip1.clone(),

18
src/circuit/gadget/sinsemilla/merkle.rs
View File

@ -16,12 +16,8 @@ pub(in crate::circuit) mod chip;
/// SWU hash-to-curve personalization for the Merkle CRH generator
pub const MERKLE_CRH_PERSONALIZATION: &str = "z.cash:Orchard-MerkleCRH";
/// $\mathsf{MerkleDepth^{Orchard}}$
pub(crate) const MERKLE_DEPTH_ORCHARD: usize = 32;
/// $\ell^\mathsf{Orchard}_\mathsf{base}$
/// Number of bits in a Pallas base field element.
pub(crate) const L_ORCHARD_BASE: usize = 255;
/// Depth of Merkle tree
pub(crate) const MERKLE_DEPTH: usize = 32;
/// Instructions to check the validity of a Merkle path of a given `PATH_LENGTH`.
/// The hash function used is a Sinsemilla instance with `K`-bit words.
@ -39,7 +35,7 @@ pub trait MerkleInstructions<
{
/// Compute MerkleCRH for a given `layer`. The hash that computes the root
/// is at layer 0, and the hashes that are applied to two leaves are at
/// layer `MERKLE_DEPTH_ORCHARD - 1` = layer 31.
/// layer `MERKLE_DEPTH - 1` = layer 31.
#[allow(non_snake_case)]
fn hash_layer(
&self,
@ -107,7 +103,7 @@ where
let mut node = leaf;
for (l, ((sibling, pos), chip)) in path.iter().zip(pos.iter()).zip(chips).enumerate() {
// `l` = MERKLE_DEPTH_ORCHARD - layer - 1, which is the index obtained from
// `l` = MERKLE_DEPTH - layer - 1, which is the index obtained from
// enumerating this Merkle path (going from leaf to root).
// For example, when `layer = 31` (the first sibling on the Merkle path),
// we have `l` = 32 - 31 - 1 = 0.
@ -140,7 +136,7 @@ where
pub mod tests {
use super::{
chip::{MerkleChip, MerkleConfig},
MerklePath, MERKLE_DEPTH_ORCHARD,
MerklePath, MERKLE_DEPTH,
};
use crate::{
@ -168,7 +164,7 @@ pub mod tests {
struct MyCircuit {
leaf: Option<pallas::Base>,
leaf_pos: Option<u32>,
merkle_path: Option<[pallas::Base; MERKLE_DEPTH_ORCHARD]>,
merkle_path: Option<[pallas::Base; MERKLE_DEPTH]>,
}
impl Circuit<pallas::Base> for MyCircuit {
@ -295,7 +291,7 @@ pub mod tests {
let pos = rng.next_u32();
// Choose a path of random inner nodes
let path: Vec<_> = (0..(MERKLE_DEPTH_ORCHARD))
let path: Vec<_> = (0..(MERKLE_DEPTH))
.map(|_| pallas::Base::random(rng))
.collect();

19
src/circuit/gadget/sinsemilla/merkle/chip.rs
View File

@ -5,7 +5,7 @@ use halo2::{
};
use pasta_curves::{arithmetic::FieldExt, pallas};
use super::{MerkleInstructions, L_ORCHARD_BASE, MERKLE_DEPTH_ORCHARD};
use super::{MerkleInstructions, MERKLE_DEPTH};
use crate::{
circuit::gadget::{
@ -22,6 +22,7 @@ use crate::{
},
primitives::sinsemilla,
};
use group::ff::PrimeField;
use std::array;
#[derive(Clone, Debug)]
@ -180,7 +181,7 @@ where
}
impl<Hash, Commit, F>
MerkleInstructions<pallas::Affine, MERKLE_DEPTH_ORCHARD, { sinsemilla::K }, { sinsemilla::C }>
MerkleInstructions<pallas::Affine, MERKLE_DEPTH, { sinsemilla::K }, { sinsemilla::C }>
for MerkleChip<Hash, Commit, F>
where
Hash: HashDomains<pallas::Affine>,
@ -192,7 +193,7 @@ where
&self,
mut layouter: impl Layouter<pallas::Base>,
Q: pallas::Affine,
// l = MERKLE_DEPTH_ORCHARD - layer - 1
// l = MERKLE_DEPTH - layer - 1
l: usize,
left: Self::Var,
right: Self::Var,
@ -234,7 +235,7 @@ where
let b_1 = {
let b_1 = left
.value()
.map(|value| bitrange_subset(value, 250..L_ORCHARD_BASE));
.map(|value| bitrange_subset(value, 250..(pallas::Base::NUM_BITS as usize)));
config
.sinsemilla_config
@ -274,7 +275,7 @@ where
// `c = bits 5..=254 of `right`
let c = right
.value()
.map(|value| bitrange_subset(value, 5..L_ORCHARD_BASE));
.map(|value| bitrange_subset(value, 5..(pallas::Base::NUM_BITS as usize)));
self.witness_message_piece(layouter.namespace(|| "Witness c"), c, 25)?
};
@ -299,7 +300,7 @@ where
|| "Check piece decomposition",
|mut region| {
// Set the fixed column `l` to the current l.
// Recall that l = MERKLE_DEPTH_ORCHARD - layer - 1.
// Recall that l = MERKLE_DEPTH - layer - 1.
// The layer with 2^n nodes is called "layer n".
config.q_decompose.enable(&mut region, 0)?;
region.assign_advice_from_constant(
@ -346,7 +347,7 @@ where
{
use super::MERKLE_CRH_PERSONALIZATION;
use crate::{primitives::sinsemilla::HashDomain, spec::i2lebsp};
use group::ff::{PrimeField, PrimeFieldBits};
use group::ff::PrimeFieldBits;
if let (Some(left), Some(right)) = (left.value(), right.value()) {
let l = i2lebsp::<10>(l as u64);
@ -354,13 +355,13 @@ where
.to_le_bits()
.iter()
.by_val()
.take(L_ORCHARD_BASE)
.take(pallas::Base::NUM_BITS as usize)
.collect();
let right: Vec<_> = right
.to_le_bits()
.iter()
.by_val()
.take(L_ORCHARD_BASE)
.take(pallas::Base::NUM_BITS as usize)
.collect();
let merkle_crh = HashDomain::new(MERKLE_CRH_PERSONALIZATION);