b9737fc0e8
Random z MUST be {1..2^128-1}, so we loop in case we (rarely) randomly generate a zero
2021-02-05 15:12:10 -05:00
9becaf5079
Check all batch item inputs sizes against the supplied VerifyingKey first
2021-02-04 19:20:45 -05:00
3e237a9ab1
Mark rng as &mut in closure
2021-02-04 19:11:11 -05:00
ce345d97d5
Add docs
2021-02-04 18:54:23 -05:00
140d31d24e
Format comment about optimizing miller loop terms
...
Co-authored-by: str4d <thestr4d@gmail.com>
2021-02-03 21:20:46 -05:00
8e4d566887
Update doc re: VerifiyingKey
...
Co-authored-by: str4d <thestr4d@gmail.com>
2021-02-03 20:21:04 -05:00
70cc09e7e6
Tidy tuple return
...
Co-authored-by: str4d <thestr4d@gmail.com>
2021-02-03 20:18:34 -05:00
25b1a8cf6d
Tidy up some batch verification math based on review
2021-02-01 19:57:15 -05:00
be65838165
Add groth16 batch verify test and benchmarks
2021-02-01 00:24:51 -05:00
b750faa607
Add common mimc test utils
2021-02-01 00:23:19 -05:00
414c4f2e88
Finish groth16 batch verification math
2021-02-01 00:23:19 -05:00
5b0226b268
port bellman batch changes from librustzcash
2021-02-01 00:23:19 -05:00
59e6fc0d47
Merge pull request #63 from zkcrypto/release-0.9.0
...
bellman 0.9.0
2021-01-26 15:04:51 -07:00
9a5fa5dc97
bellman 0.9.0
2021-01-26 21:41:47 +00:00
90be7d9826
Merge pull request #62 from zkcrypto/rand-dependency-updates
...
Bump dependencies
2021-01-26 14:31:22 -07:00
e0e98c631e
Bump MSRV to 1.47.0
2021-01-26 21:14:43 +00:00
1944122407
hex-literal 0.3
2021-01-26 21:13:56 +00:00
8113d8beab
bitvec 0.20
2021-01-26 21:13:16 +00:00
6491440eae
Bump ff to 0.9
2021-01-26 19:31:04 +00:00
fa9be45588
Merge pull request #58 from zkcrypto/release-0.8.1
...
Release v0.8.1
2020-11-10 11:39:04 -07:00
2059de8bb3
Release v0.8.1
2020-11-10 11:33:02 -07:00
a51a6a08f8
Merge pull request #55 from w3f/pub-multiexp
...
Makes multiexp module public
2020-11-10 07:34:35 -07:00
a2c22a474e
Merge pull request #57 from zkcrypto/fix-nightly-deref-issue
...
Fix deref breakage with nightly-2020-10-06
2020-11-02 09:23:04 -07:00
a5ff6f514b
Fix deref breakage with nightly-2020-10-06
...
Fixes the following error:
cannot multiply-assign `<E as Engine>::Fr` by `&&<E as Engine>::Fr`
I think this is related to:
https://github.com/rust-lang/rust/issues/77638
2020-10-30 00:25:57 +00:00
eec6155ec4
makes multiexp module public
2020-10-25 23:26:35 +03:00
0f2244fdb4
Merge pull request #53 from zkcrypto/release-0.8.0
...
Release 0.8.0
2020-09-08 17:04:14 -06:00
f0141b6f69
bellman 0.8.0
2020-09-08 23:54:10 +01:00
e35089357e
Merge pull request #52 from zkcrypto/ff-0.8
...
Fix performance regression in multiexp
2020-09-08 16:53:05 -06:00
f3c8d4e634
Add Actions CI workflow
2020-09-08 23:46:57 +01:00
ec638e4d02
Replace bit-vec crate with bitvec
2020-09-08 23:44:20 +01:00
e6a404a29e
Pass exponent bits into multiexp instead of exponents themselves
...
This de-duplicates multiple Montgomery reductions.
2020-09-08 23:44:20 +01:00
f90fa65a32
Migrate to ff 0.8
...
MSRV is now 1.44.0, matching the ff crate.
2020-09-08 23:44:20 +01:00
81f4aac8c7
Merge pull request #50 from zkcrypto/release-0.7.0
...
Release 0.7.0
2020-08-25 16:34:28 -06:00
212f8ae3fe
Remove paths from dependencies
...
Now that we have extracted the release changes from the
zcash/librustzcash subtree, we are no longer in a workspace with
relative paths to these dependencies.
2020-08-25 23:33:43 +01:00
227890761a
Add missing intra-doc link
2020-08-25 23:32:14 +01:00
9738f45d1d
s/into_iter/iter to fix warnings
2020-08-25 23:30:20 +01:00
18a85dc3bd
Remove unnecessary extern crates
...
Since Rust 2018, these are implied.
2020-08-25 23:29:52 +01:00
2030fb488b
bellman 0.7.0
2020-08-25 23:11:18 +01:00
c3cfe43dad
bls12_381 0.2.0
2020-08-25 23:11:18 +01:00
1f3ffdd5a1
pairing 0.17.0
2020-08-25 23:11:18 +01:00
9d85d4eac3
group 0.7.0
2020-08-25 23:11:18 +01:00
8521902516
ff 0.7.0
2020-08-25 23:11:18 +01:00
459fa4a635
pairing: Remove BLS12-381 implementation
...
It is replaced by the bls12_381 crate.
2020-08-25 23:11:18 +01:00
200901d496
s/{pairing::bls12_381, zcash_primitives::jubjub}/{bls12_381, jubjub}
...
FINALLY.
2020-08-25 23:11:18 +01:00
6c76adca08
bellman: Migrate to bit-vec 0.6
2020-08-25 23:11:18 +01:00
10ac7ce51f
bellman: Migrate to sha2 0.9
2020-08-25 23:11:18 +01:00
b6a2e4e485
pairing: Require G1 and G2 to be PrimeCurve
...
Pairings require that G1, G2, and GT are groups of prime order.
2020-08-25 23:11:18 +01:00
74c7d4914d
group: Hard-code a w-NAF window size of 4
...
We were already ignoring the actual bit length of the scalar, and
selecting the window size based on the maximum bit length, which
effectively hard-coded a window size of 4.
2020-08-25 23:11:18 +01:00
6875667f1d
group: CofactorGroup::mul_by_cofactor -> CofactorGroup::clear_cofactor
...
The generic API now only guarantees that the torsion component is
cleared deterministically; group elements may be multiplied by multiples
of the cofactor (not necessarily the actual cofactor), as long as the
choice of multiplier is fixed for a given implementation.
2020-08-25 23:11:18 +01:00
e534f36ec4
bellman: add VerificationError ( #254 )
...
* bellman: add VerificationError
This adds a distinct VerificationError type to the crate and changes
`verify_proof` to return `Result<(), VerificationError>` rather than
`Result<bool, SynthesisError>`. This is significantly safer, because it avoids
the need to mix pattern-matching logic with boolean logic (the cause of
RUSTSEC-2019-0004).
* Rename VerificationError variants per review comments.
* Add missing Clone impl to VerificationError.
2020-08-25 23:11:18 +01:00
Deirdre Connolly
Jane Lusby
ebfull
Jack Grigg
Sergey Vasilyev
Jack Grigg
Henry de Valence