From 326996139ecab7152cbcc201d41a36381207b758 Mon Sep 17 00:00:00 2001 From: Sean Bowe Date: Sun, 22 Oct 2017 05:45:26 -0600 Subject: [PATCH] Update to use the latest version of pairing library. --- Cargo.toml | 6 +--- src/domain.rs | 4 +-- src/groth16/generator.rs | 68 +++++++++++++--------------------------- src/multiexp.rs | 2 +- 4 files changed, 25 insertions(+), 55 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 5bc8978..852a0da 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,11 +15,7 @@ futures = "0.1" futures-cpupool = "0.1" num_cpus = "1.6" crossbeam = "0.3" - -[dependencies.pairing] -version = "0.11" -default-features = false -features = ["unstable-wnaf"] +pairing = "0.13" [features] default = ["u128-support"] diff --git a/src/domain.rs b/src/domain.rs index 40a0f20..abbe8b7 100644 --- a/src/domain.rs +++ b/src/domain.rs @@ -42,13 +42,13 @@ impl> EvaluationDomain { m *= 2; exp += 1; - if exp >= E::Fr::s() { + if exp >= E::Fr::S { return Err(Error::PolynomialDegreeTooLarge) } } let mut omega = E::Fr::root_of_unity(); - for _ in exp..E::Fr::s() { + for _ in exp..E::Fr::S { omega.square(); } diff --git a/src/groth16/generator.rs b/src/groth16/generator.rs index f7960bb..c4c3f05 100644 --- a/src/groth16/generator.rs +++ b/src/groth16/generator.rs @@ -1,5 +1,4 @@ use pairing::*; -use pairing::wnaf::*; use ::{ Input, Error, @@ -170,8 +169,8 @@ pub fn generate_parameters( let mut powers_of_tau = EvaluationDomain::from_coeffs(powers_of_tau)?; // Compute G1 window table - let mut g1_table = vec![]; - let g1_table_size = E::G1::recommended_wnaf_for_num_scalars( + let mut g1_wnaf = Wnaf::new(); + let g1_wnaf = g1_wnaf.base(g1, { // H query (powers_of_tau.as_ref().len() - 1) // IC/L queries @@ -180,16 +179,14 @@ pub fn generate_parameters( + assembly.num_inputs + assembly.num_aux // B query + assembly.num_inputs + assembly.num_aux - ); - wnaf_table(&mut g1_table, g1, g1_table_size); + }); // Compute G2 window table - let mut g2_table = vec![]; - let g2_table_size = E::G2::recommended_wnaf_for_num_scalars( + let mut g2_wnaf = Wnaf::new(); + let g2_wnaf = g2_wnaf.base(g2, { // B query assembly.num_inputs + assembly.num_aux - ); - wnaf_table(&mut g2_table, g2, g2_table_size); + }); let gamma_inverse = gamma.inverse().ok_or(Error::UnexpectedIdentity)?; let delta_inverse = delta.inverse().ok_or(Error::UnexpectedIdentity)?; @@ -223,12 +220,9 @@ pub fn generate_parameters( multicore::scope(h.len(), |scope, chunk| { for (h, p) in h.chunks_mut(chunk).zip(powers_of_tau.as_ref().chunks(chunk)) { - let g1_table = &g1_table; + let mut g1_wnaf = g1_wnaf.shared(); scope.spawn(move || { - // Create wNAF form storage location for this thread - let mut wnaf = vec![]; - // Set values of the H query to g1^{(tau^i * t(tau)) / delta} for (h, p) in h.iter_mut().zip(p.iter()) { @@ -236,11 +230,8 @@ pub fn generate_parameters( let mut exp = p.0; exp.mul_assign(&coeff); - // Compute wNAF form of exponent - wnaf_form(&mut wnaf, exp.into_repr(), g1_table_size); - // Exponentiate - *h = wnaf_exp(g1_table, &wnaf); + *h = g1_wnaf.scalar(exp.into_repr()); } // Batch normalize @@ -262,10 +253,8 @@ pub fn generate_parameters( fn eval( // wNAF window tables - g1_table: &[E::G1], - g1_table_size: usize, - g2_table: &[E::G2], - g2_table_size: usize, + g1_wnaf: &Wnaf>, + g2_wnaf: &Wnaf>, // Lagrange coefficients for tau powers_of_tau: &[Scalar], @@ -307,10 +296,10 @@ pub fn generate_parameters( .zip(bt.chunks(chunk)) .zip(ct.chunks(chunk)) { - scope.spawn(move || { - // Create wNAF form storage location for this thread - let mut wnaf = vec![]; + let mut g1_wnaf = g1_wnaf.shared(); + let mut g2_wnaf = g2_wnaf.shared(); + scope.spawn(move || { for ((((((a, b_g1), b_g2), ext), at), bt), ct) in a.iter_mut() .zip(b_g1.iter_mut()) .zip(b_g2.iter_mut()) @@ -342,24 +331,14 @@ pub fn generate_parameters( // Compute A query (in G1) if !at.is_zero() { - wnaf_form(&mut wnaf, at.into_repr(), g1_table_size); - *a = wnaf_exp(&g1_table, &wnaf); + *a = g1_wnaf.scalar(at.into_repr()); } // Compute B query (in G1/G2) if !bt.is_zero() { - // Normalize the field element once let bt_repr = bt.into_repr(); - wnaf_form(&mut wnaf, bt_repr, g1_table_size); - *b_g1 = wnaf_exp(&g1_table, &wnaf); - - // G1 window table might use the same window size - // as the G2 window table, so we wouldn't need to - // recompute the wNAF form of the exponent. - if g1_table_size != g2_table_size { - wnaf_form(&mut wnaf, bt_repr, g2_table_size); - } - *b_g2 = wnaf_exp(&g2_table, &wnaf); + *b_g1 = g1_wnaf.scalar(bt_repr); + *b_g2 = g2_wnaf.scalar(bt_repr); } at.mul_assign(&beta); @@ -370,8 +349,7 @@ pub fn generate_parameters( e.add_assign(&ct); e.mul_assign(inv); - wnaf_form(&mut wnaf, e.into_repr(), g1_table_size); - *ext = wnaf_exp(&g1_table, &wnaf); + *ext = g1_wnaf.scalar(e.into_repr()); } // Batch normalize @@ -386,10 +364,8 @@ pub fn generate_parameters( // Evaluate for inputs. eval( - &g1_table, - g1_table_size, - &g2_table, - g2_table_size, + &g1_wnaf, + &g2_wnaf, &powers_of_tau, &assembly.at_inputs, &assembly.bt_inputs, @@ -405,10 +381,8 @@ pub fn generate_parameters( // Evaluate for auxillary variables. eval( - &g1_table, - g1_table_size, - &g2_table, - g2_table_size, + &g1_wnaf, + &g2_wnaf, &powers_of_tau, &assembly.at_aux, &assembly.bt_aux, diff --git a/src/multiexp.rs b/src/multiexp.rs index a1453f0..7773790 100644 --- a/src/multiexp.rs +++ b/src/multiexp.rs @@ -204,7 +204,7 @@ fn multiexp_inner( skip += c; - if skip >= ::Fr::num_bits() { + if skip >= ::Fr::NUM_BITS { // There isn't another region. this.boxed() } else {