group: Make Wnaf generic over Group

Wnaf was originally generic over CurveProjective; in the prior refactor
commit, we renamed this to CofactorCurve. But w-NAF only requires scalar
multiplication, which is provided by the Group trait, so we relax the
bounds on Wnaf to enable it to be used with any group. We move the
generic w-NAF helper methods from the Curve trait to a new WnafGroup
extension trait, to keep the w-NAF API surface self-contained, and not
expose it to users who aren't using it.

src/groth16/generator.rs

@@ -3,7 +3,7 @@ use std::ops::{AddAssign, MulAssign};
 use std::sync::Arc;
 
 use ff::{Field, PrimeField};
-use group::{cofactor::CofactorCurveAffine, Curve, Group, Wnaf};
+use group::{cofactor::CofactorCurveAffine, Curve, Group, Wnaf, WnafGroup};
 use pairing::Engine;
 
 use super::{Parameters, VerifyingKey};
@@ -22,6 +22,8 @@ pub fn generate_random_parameters<E, C, R>(
 ) -> Result<Parameters<E>, SynthesisError>
 where
     E: Engine,
+    E::G1: WnafGroup,
+    E::G2: WnafGroup,
     C: Circuit<E::Fr>,
     R: RngCore,
 {
@@ -165,6 +167,8 @@ pub fn generate_parameters<E, C>(
 ) -> Result<Parameters<E>, SynthesisError>
 where
     E: Engine,
+    E::G1: WnafGroup,
+    E::G2: WnafGroup,
     C: Circuit<E::Fr>,
 {
     let mut assembly = KeypairAssembly {

src/groth16/tests/dummy_engine.rs

@@ -2,7 +2,7 @@ use ff::{Field, PrimeField};
 use group::{
     cofactor::{CofactorCurve, CofactorCurveAffine, CofactorGroup},
     prime::PrimeGroup,
-    Curve, Group, GroupEncoding, UncompressedEncoding,
+    Curve, Group, GroupEncoding, UncompressedEncoding, WnafGroup,
 };
 use pairing::{Engine, MillerLoopResult, MultiMillerLoop, PairingCurveAffine};
 
@@ -414,7 +414,9 @@ impl Curve for Fr {
     fn to_affine(&self) -> Fr {
         *self
     }
+}
 
+impl WnafGroup for Fr {
     fn recommended_wnaf_for_scalar(_: &Self::Scalar) -> usize {
         3
     }