Skip to content

Commit

Permalink
Merge 78dd11e into e03f199
Browse files Browse the repository at this point in the history
  • Loading branch information
moCello authored Oct 11, 2023
2 parents e03f199 + 78dd11e commit 947c36d
Show file tree
Hide file tree
Showing 23 changed files with 450 additions and 345 deletions.
15 changes: 13 additions & 2 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

## [0.16.0] - 2023-10-11

### Added

- Add `size` method to the `Circuit` trait [#767]
- Add `ff` dependency

### Removed

- Remove public parametes as parameters for circuit compression [#767]
- Remove `PublicParameters` from parameters for circuit compression [#767]
- Remove `canonical` and `canonical_derive` dependency
- Remove `canon` feature

### Changed

- update `dusk-bls12_381` dependency to "0.12"
- update `dusk-jubjub` dependency to "0.13"

## [0.15.0] - 2023-08-30

Expand Down Expand Up @@ -607,7 +617,8 @@ is necessary since `rkyv/validation` was required as a bound.
[#282]: https://github.com/dusk-network/plonk/issues/282

<!-- VERSIONS -->
[Unreleased]: https://github.com/dusk-network/plonk/compare/v0.15.0...HEAD
[Unreleased]: https://github.com/dusk-network/plonk/compare/v0.16.0...HEAD
[0.16.0]: https://github.com/dusk-network/plonk/compare/v0.15.0...v0.16.0
[0.15.0]: https://github.com/dusk-network/plonk/compare/v0.14.1...v0.15.0
[0.14.1]: https://github.com/dusk-network/plonk/compare/v0.14.0...v0.14.1
[0.14.0]: https://github.com/dusk-network/plonk/compare/v0.13.1...v0.14.0
Expand Down
10 changes: 4 additions & 6 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "dusk-plonk"
version = "0.15.0"
version = "0.16.0"
categories =["algorithms", "cryptography", "science", "mathematics"]
edition = "2021"
keywords = ["cryptography", "plonk", "zk-snarks", "zero-knowledge", "crypto"]
Expand All @@ -20,8 +20,9 @@ exclude = [
merlin = {version = "3.0", default-features = false}
rand_core = {version="0.6", default-features=false}
dusk-bytes = "0.1"
dusk-bls12_381 = {version = "0.11", default-features = false, features = ["groups", "pairings", "endo"]}
dusk-jubjub = {version = "0.12", default-features = false}
dusk-bls12_381 = {version = "0.12", default-features = false, features = ["groups", "pairings"]}
dusk-jubjub = {version = "0.13", default-features = false}
ff = {version = "0.13", default-features = false}
itertools = {version = "0.9", default-features = false}
hashbrown = {version = "0.9", default-features=false, features = ["ahash"]}
msgpacker = {version = "0.4", default-features=false, features = ["alloc", "derive"], optional=true}
Expand All @@ -30,8 +31,6 @@ rayon = {version = "1.3", optional = true}
sha2 = {version = "0.10", default-features = false, optional = true}
cfg-if = "1.0"
# Dusk related deps for WASMI serde
canonical = {version = "0.7", optional = true}
canonical_derive = {version = "0.7", optional = true}
rkyv = {version = "0.7", optional = true, default-features = false}
bytecheck = {version = "0.6", optional = true, default-features = false}
backtrace = {version = "0.3", optional = true}
Expand Down Expand Up @@ -62,7 +61,6 @@ std = [
]
alloc = ["dusk-bls12_381/alloc", "msgpacker", "miniz_oxide", "sha2"]
debug = ["dusk-cdf", "backtrace"]
canon = ["dusk-bls12_381/canon", "dusk-jubjub/canon", "canonical", "canonical_derive"]
rkyv-impl = ["dusk-bls12_381/rkyv-impl", "dusk-jubjub/rkyv-impl", "rkyv", "bytecheck"]

[profile.release]
Expand Down
51 changes: 51 additions & 0 deletions refactor_circuit.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
Matteo's suggestion of restructuring the `Circuit` trait.

1. Without the need to retain the private or public input values:
```rust
fn op<F>(f: F, a: u32, b: u32) -> u32 where F: Fn(u32, u32) -> u32 {
f(a, b)
}

fn add(a: u32, b: u32) -> u32 {
a + b
}

fn mul(a: u32, b: u32) -> u32 {
a * b
}
```

2. With the option of retaining the private and public input values:
```rust
struct Foo<F> where F: Fn(u32, u32) -> u32 {
a: u32,
b: u32,
callback: F
}

impl<F> Foo<F> where F: Fn(u32, u32) -> u32 {
fn calc(&self) -> u32 {
(self.callback)(self.a, self.b)
}
}

fn main() {

let foo = Foo {
a: 10,
b: 20,
callback: add,
};

println!("add: {}", op(add, 10, 20));
println!("mul: {}", op(mul, 10, 20));

println!("foo add: {}", foo.calc());
}
```

Notes:
- The funcitons `add` and `mul` would be different circuit implementation, returning the size of the circuit.
- I wouldn't know how to search for the circuit implementation in the AST though.

3. Another approach is the restructuring of the `Circuit` trait as proposed by Ed
1 change: 0 additions & 1 deletion src/bit_iterator.rs
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,6 @@ mod test {
use super::*;
use alloc::vec::Vec;
use dusk_bls12_381::BlsScalar;
use dusk_bytes::Serializable;

#[test]
fn test_bit_iterator8() {
Expand Down
5 changes: 3 additions & 2 deletions src/commitment_scheme/kzg10/srs.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,9 @@
use super::key::{CommitKey, OpeningKey};
use crate::{error::Error, util};
use alloc::vec::Vec;
use dusk_bls12_381::{G1Affine, G1Projective, G2Affine};
use dusk_bls12_381::{BlsScalar, G1Affine, G1Projective, G2Affine};
use dusk_bytes::{DeserializableSlice, Serializable};
use ff::Field;
use rand_core::{CryptoRng, RngCore};

#[cfg(feature = "rkyv-impl")]
Expand Down Expand Up @@ -67,7 +68,7 @@ impl PublicParameters {
max_degree = max_degree + Self::ADDED_BLINDING_DEGREE;

// Generate the secret scalar x
let x = util::random_scalar(&mut rng);
let x = BlsScalar::random(&mut rng);

// Compute powers of x up to and including x^max_degree
let powers_of_x = util::powers_of(&x, max_degree);
Expand Down
43 changes: 23 additions & 20 deletions src/composer.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ use core::cmp;
use core::ops::Index;

use dusk_bls12_381::BlsScalar;
use dusk_bytes::Serializable;
use dusk_jubjub::{JubJubAffine, JubJubExtended, JubJubScalar};

use crate::bit_iterator::BitIterator8;
Expand Down Expand Up @@ -276,7 +275,11 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
// we should error instead of producing invalid proofs - otherwise this
// can easily become an attack vector to either shutdown prover
// services or create malicious statements
let scalar = JubJubScalar::from_bytes(&self[jubjub].to_bytes())?;
let scalar: JubJubScalar =
match JubJubScalar::from_bytes(&self[jubjub].to_bytes()).into() {
Some(s) => s,
None => return Err(Error::BlsScalarMalformed),
};

let width = 2;
let wnaf_entries = scalar.compute_windowed_naf(width);
Expand Down Expand Up @@ -316,16 +319,16 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
let point = a + b;
point_acc.push(point.into());

let x_alpha = point_to_add.get_x();
let y_alpha = point_to_add.get_y();
let x_alpha = point_to_add.get_u();
let y_alpha = point_to_add.get_v();

Ok(x_alpha * y_alpha)
})
.collect::<Result<_, Error>>()?;

for i in 0..bits {
let acc_x = self.append_witness(point_acc[i].get_x());
let acc_y = self.append_witness(point_acc[i].get_y());
let acc_x = self.append_witness(point_acc[i].get_u());
let acc_y = self.append_witness(point_acc[i].get_v());
let accumulated_bit = self.append_witness(scalar_acc[i]);

// the point accumulator must start from identity and its scalar
Expand All @@ -340,8 +343,8 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
);
}

let x_beta = wnaf_point_multiples[i].get_x();
let y_beta = wnaf_point_multiples[i].get_y();
let x_beta = wnaf_point_multiples[i].get_u();
let y_beta = wnaf_point_multiples[i].get_v();

let xy_alpha = self.append_witness(xy_alphas[i]);
let xy_beta = x_beta * y_beta;
Expand Down Expand Up @@ -370,8 +373,8 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
}

// last gate isn't activated for ecc
let acc_x = self.append_witness(point_acc[bits].get_x());
let acc_y = self.append_witness(point_acc[bits].get_y());
let acc_x = self.append_witness(point_acc[bits].get_u());
let acc_y = self.append_witness(point_acc[bits].get_v());

// FIXME this implementation presents a plethora of vulnerabilities and
// requires reworking
Expand Down Expand Up @@ -509,8 +512,8 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
) -> WitnessPoint {
let affine = affine.into();

let x = self.append_witness(affine.get_x());
let y = self.append_witness(affine.get_y());
let x = self.append_witness(affine.get_u());
let y = self.append_witness(affine.get_v());

WitnessPoint::new(x, y)
}
Expand All @@ -523,8 +526,8 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
) -> WitnessPoint {
let affine = affine.into();

let x = self.append_constant(affine.get_x());
let y = self.append_constant(affine.get_y());
let x = self.append_constant(affine.get_u());
let y = self.append_constant(affine.get_v());

WitnessPoint::new(x, y)
}
Expand All @@ -542,13 +545,13 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
self.assert_equal_constant(
*point.x(),
BlsScalar::zero(),
Some(affine.get_x()),
Some(affine.get_u()),
);

self.assert_equal_constant(
*point.y(),
BlsScalar::zero(),
Some(affine.get_y()),
Some(affine.get_v()),
);

point
Expand Down Expand Up @@ -640,13 +643,13 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {
self.assert_equal_constant(
*point.x(),
BlsScalar::zero(),
Some(public.get_x()),
Some(public.get_u()),
);

self.assert_equal_constant(
*point.y(),
BlsScalar::zero(),
Some(public.get_y()),
Some(public.get_v()),
);
}

Expand All @@ -671,8 +674,8 @@ pub trait Composer: Sized + Index<Witness, Output = BlsScalar> {

let point: JubJubAffine = (JubJubExtended::from(p1) + p2).into();

let x_3 = point.get_x();
let y_3 = point.get_y();
let x_3 = point.get_u();
let y_3 = point.get_v();

let x1_y2 = self[x_1] * self[y_2];

Expand Down
6 changes: 5 additions & 1 deletion src/composer/compiler/compress.rs
Original file line number Diff line number Diff line change
Expand Up @@ -247,7 +247,11 @@ impl CompressedCircuit {
.into_iter()
.for_each(|(s, i)| version_scalars[i] = s);
for s in scalars {
version_scalars.push(BlsScalar::from_bytes(&s)?);
let scalar: BlsScalar = match BlsScalar::from_bytes(&s).into() {
Some(scalar) => scalar,
None => return Err(Error::BlsScalarMalformed),
};
version_scalars.push(scalar);
}
let scalars = version_scalars;

Expand Down
4 changes: 2 additions & 2 deletions src/composer/prover.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ use core::ops;

use dusk_bls12_381::BlsScalar;
use dusk_bytes::{DeserializableSlice, Serializable};
use ff::Field;
use merlin::Transcript;
use rand_core::{CryptoRng, RngCore};

Expand All @@ -20,7 +21,6 @@ use crate::proof_system::{
linearization_poly, quotient_poly, ProverKey, VerifierKey,
};
use crate::transcript::TranscriptProtocol;
use crate::util;

use super::{Builder, Circuit, Composer};

Expand Down Expand Up @@ -85,7 +85,7 @@ impl Prover {
let mut w_vec_inverse = domain.ifft(witnesses);

for i in 0..hiding_degree + 1 {
let blinding_scalar = util::random_scalar(rng);
let blinding_scalar = BlsScalar::random(&mut *rng);

w_vec_inverse[i] = w_vec_inverse[i] - blinding_scalar;
w_vec_inverse.push(blinding_scalar);
Expand Down
3 changes: 2 additions & 1 deletion src/fft/polynomial.rs
Original file line number Diff line number Diff line change
Expand Up @@ -421,6 +421,7 @@ impl<'a, 'b> Sub<&'a BlsScalar> for &'b Polynomial {
#[cfg(test)]
mod test {
use super::*;
use ff::Field;
use rand_core::{CryptoRng, RngCore};

impl Polynomial {
Expand All @@ -435,7 +436,7 @@ mod test {
) -> Self {
let mut random_coeffs = Vec::with_capacity(d + 1);
for _ in 0..=d {
random_coeffs.push(util::random_scalar(&mut rng));
random_coeffs.push(BlsScalar::random(&mut rng));
}
Self::from_coefficients_vec(random_coeffs)
}
Expand Down
2 changes: 1 addition & 1 deletion src/permutation.rs
Original file line number Diff line number Diff line change
Expand Up @@ -301,9 +301,9 @@ impl Permutation {
#[cfg(test)]
mod test {
use super::*;
//use crate::constraint_system::Constraint;
use crate::fft::Polynomial;
use dusk_bls12_381::BlsScalar;
use ff::Field;
use rand_core::OsRng;

#[allow(dead_code)]
Expand Down
1 change: 1 addition & 0 deletions src/proof_system/proof.rs
Original file line number Diff line number Diff line change
Expand Up @@ -586,6 +586,7 @@ pub(crate) mod alloc {
mod proof_tests {
use super::*;
use dusk_bls12_381::BlsScalar;
use ff::Field;
use rand_core::OsRng;

#[test]
Expand Down
1 change: 1 addition & 0 deletions src/proof_system/widget.rs
Original file line number Diff line number Diff line change
Expand Up @@ -576,6 +576,7 @@ mod test {
use super::alloc::ProverKey;
use super::*;
use crate::fft::{EvaluationDomain, Evaluations, Polynomial};
use ff::Field;
#[rustfmt::skip]
use ::alloc::vec::Vec;
use dusk_bls12_381::BlsScalar;
Expand Down
10 changes: 3 additions & 7 deletions src/util.rs
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ use alloc::vec::Vec;
use dusk_bls12_381::{
BlsScalar, G1Affine, G1Projective, G2Affine, G2Projective,
};
use ff::Field;
use rand_core::{CryptoRng, RngCore};

#[cfg(feature = "rkyv-impl")]
Expand Down Expand Up @@ -42,22 +43,17 @@ pub(crate) fn powers_of(
powers
}

/// Generates a random BlsScalar using a RNG seed.
pub(crate) fn random_scalar<R: RngCore + CryptoRng>(rng: &mut R) -> BlsScalar {
BlsScalar::random(rng)
}

/// Generates a random G1 Point using an RNG seed.
pub(crate) fn random_g1_point<R: RngCore + CryptoRng>(
rng: &mut R,
) -> G1Projective {
G1Affine::generator() * random_scalar(rng)
G1Affine::generator() * BlsScalar::random(rng)
}
/// Generates a random G2 point using an RNG seed.
pub(crate) fn random_g2_point<R: RngCore + CryptoRng>(
rng: &mut R,
) -> G2Projective {
G2Affine::generator() * random_scalar(rng)
G2Affine::generator() * BlsScalar::random(rng)
}

/// This function is only used to generate the SRS.
Expand Down
Loading

0 comments on commit 947c36d

Please sign in to comment.