feat: migrate to arkworks 0.5.0

Cargo.toml

@@ -83,12 +83,12 @@ bb_abstraction_leaks = { path = "tooling/bb_abstraction_leaks" }
 acvm_cli = { path = "tooling/acvm_cli" }
 
 # Arkworks
-ark-bn254 = { version = "^0.4.0", default-features = false, features = ["curve"] }
-ark-bls12-381 = { version = "^0.4.0", default-features = false, features = ["curve"] }
-grumpkin = { version = "0.1.0", package = "noir_grumpkin", features = ["std"] }
-ark-ec = { version = "^0.4.0", default-features = false }
-ark-ff = { version = "^0.4.0", default-features = false }
-ark-std = { version = "^0.4.0", default-features = false }
+ark-bn254 = { version = "0.5.0-alpha.0", default-features = false, features = ["curve"] }
+ark-bls12-381 = { version = "0.5.0-alpha.0", default-features = false, features = ["curve"] }
+ark-grumpkin = { version = "0.5.0-alpha.0", default-features = false }
+ark-ec = { version = "0.5.0-alpha.0", default-features = false }
+ark-ff = { version = "0.5.0-alpha.0", default-features = false }
+ark-std = { version = "0.5.0-alpha.0", default-features = false }
 
 # Misc utils crates
 iter-extended = { path = "utils/iter-extended" }

acvm-repo/bn254_blackbox_solver/Cargo.toml

@@ -19,7 +19,7 @@ hex.workspace = true
 lazy_static = "1.4"
 
 ark-bn254.workspace = true
-grumpkin.workspace = true 
+ark-grumpkin.workspace = true 
 ark-ec.workspace = true
 ark-ff.workspace = true
 num-bigint.workspace = true

acvm-repo/bn254_blackbox_solver/src/embedded_curve_ops.rs

@@ -23,7 +23,7 @@ pub fn multi_scalar_mul(
         ));
     }
 
-    let mut output_point = grumpkin::SWAffine::zero();
+    let mut output_point = ark_grumpkin::Affine::zero();
 
     for i in (0..points.len()).step_by(3) {
         let point =
@@ -50,23 +50,23 @@ pub fn multi_scalar_mul(
         // Check if this is smaller than the grumpkin modulus
         let grumpkin_integer = BigUint::from_bytes_be(&bytes);
 
-        if grumpkin_integer >= grumpkin::FrConfig::MODULUS.into() {
+        if grumpkin_integer >= ark_grumpkin::FrConfig::MODULUS.into() {
             return Err(BlackBoxResolutionError::Failed(
                 BlackBoxFunc::MultiScalarMul,
                 format!("{} is not a valid grumpkin scalar", grumpkin_integer.to_str_radix(16)),
             ));
         }
 
         let iteration_output_point =
-            grumpkin::SWAffine::from(point.mul_bigint(grumpkin_integer.to_u64_digits()));
+            ark_grumpkin::Affine::from(point.mul_bigint(grumpkin_integer.to_u64_digits()));
 
-        output_point = grumpkin::SWAffine::from(output_point + iteration_output_point);
+        output_point = ark_grumpkin::Affine::from(output_point + iteration_output_point);
     }
 
     if let Some((out_x, out_y)) = output_point.xy() {
         Ok((
-            FieldElement::from_repr(*out_x),
-            FieldElement::from_repr(*out_y),
+            FieldElement::from_repr(out_x),
+            FieldElement::from_repr(out_y),
             FieldElement::from(output_point.is_zero() as u128),
         ))
     } else {
@@ -82,11 +82,11 @@ pub fn embedded_curve_add(
         .map_err(|e| BlackBoxResolutionError::Failed(BlackBoxFunc::EmbeddedCurveAdd, e))?;
     let point2 = create_point(input2[0], input2[1], input2[2] == FieldElement::one())
         .map_err(|e| BlackBoxResolutionError::Failed(BlackBoxFunc::EmbeddedCurveAdd, e))?;
-    let res = grumpkin::SWAffine::from(point1 + point2);
+    let res = ark_grumpkin::Affine::from(point1 + point2);
     if let Some((res_x, res_y)) = res.xy() {
         Ok((
-            FieldElement::from_repr(*res_x),
-            FieldElement::from_repr(*res_y),
+            FieldElement::from_repr(res_x),
+            FieldElement::from_repr(res_y),
             FieldElement::from(res.is_zero() as u128),
         ))
     } else if res.is_zero() {
@@ -103,11 +103,11 @@ fn create_point(
     x: FieldElement,
     y: FieldElement,
     is_infinite: bool,
-) -> Result<grumpkin::SWAffine, String> {
+) -> Result<ark_grumpkin::Affine, String> {
     if is_infinite {
-        return Ok(grumpkin::SWAffine::zero());
+        return Ok(ark_grumpkin::Affine::zero());
     }
-    let point = grumpkin::SWAffine::new_unchecked(x.into_repr(), y.into_repr());
+    let point = ark_grumpkin::Affine::new_unchecked(x.into_repr(), y.into_repr());
     if !point.is_on_curve() {
         return Err(format!("Point ({}, {}) is not on curve", x.to_hex(), y.to_hex()));
     };
@@ -124,7 +124,7 @@ mod tests {
     use ark_ff::BigInteger;
 
     fn get_generator() -> [FieldElement; 3] {
-        let generator = grumpkin::SWAffine::generator();
+        let generator = ark_grumpkin::Affine::generator();
         let generator_x = FieldElement::from_repr(*generator.x().unwrap());
         let generator_y = FieldElement::from_repr(*generator.y().unwrap());
         [generator_x, generator_y, FieldElement::zero()]

acvm-repo/bn254_blackbox_solver/src/generator/generators.rs

@@ -7,16 +7,15 @@ use std::sync::OnceLock;
 use ark_ec::short_weierstrass::Affine;
 
 use acvm_blackbox_solver::blake3;
-use grumpkin::GrumpkinParameters;
+use ark_grumpkin::GrumpkinConfig;
 
 use super::hash_to_curve::hash_to_curve;
 
 pub(crate) const DEFAULT_DOMAIN_SEPARATOR: &[u8] = "DEFAULT_DOMAIN_SEPARATOR".as_bytes();
 const NUM_DEFAULT_GENERATORS: usize = 8;
 
-fn default_generators() -> &'static [Affine<GrumpkinParameters>; NUM_DEFAULT_GENERATORS] {
-    static INSTANCE: OnceLock<[Affine<GrumpkinParameters>; NUM_DEFAULT_GENERATORS]> =
-        OnceLock::new();
+fn default_generators() -> &'static [Affine<GrumpkinConfig>; NUM_DEFAULT_GENERATORS] {
+    static INSTANCE: OnceLock<[Affine<GrumpkinConfig>; NUM_DEFAULT_GENERATORS]> = OnceLock::new();
     INSTANCE.get_or_init(|| {
         _derive_generators(DEFAULT_DOMAIN_SEPARATOR, NUM_DEFAULT_GENERATORS as u32, 0)
             .try_into()
@@ -42,7 +41,7 @@ pub fn derive_generators(
     domain_separator_bytes: &[u8],
     num_generators: u32,
     starting_index: u32,
-) -> Vec<Affine<GrumpkinParameters>> {
+) -> Vec<Affine<GrumpkinConfig>> {
     // We cache a small number of the default generators so we can reuse them without needing to repeatedly recalculate them.
     if domain_separator_bytes == DEFAULT_DOMAIN_SEPARATOR
         && starting_index + num_generators <= NUM_DEFAULT_GENERATORS as u32
@@ -59,7 +58,7 @@ fn _derive_generators(
     domain_separator_bytes: &[u8],
     num_generators: u32,
     starting_index: u32,
-) -> Vec<Affine<GrumpkinParameters>> {
+) -> Vec<Affine<GrumpkinConfig>> {
     let mut generator_preimage = [0u8; 64];
     let domain_hash = blake3(domain_separator_bytes).expect("hash should succeed");
     //1st 32 bytes are blake3 domain_hash

acvm-repo/bn254_blackbox_solver/src/generator/hash_to_curve.rs

@@ -7,7 +7,7 @@ use acvm_blackbox_solver::blake3;
 use ark_ec::{short_weierstrass::Affine, AffineRepr, CurveConfig};
 use ark_ff::Field;
 use ark_ff::{BigInteger, PrimeField};
-use grumpkin::GrumpkinParameters;
+use ark_grumpkin::GrumpkinConfig;
 
 /// Hash a seed buffer into a point
 ///
@@ -40,7 +40,7 @@ use grumpkin::GrumpkinParameters;
 ///
 ///  N.B. steps c. and e. are because the `sqrt()` algorithm can return 2 values,
 ///  we need to a way to canonically distinguish between these 2 values and select a "preferred" one
-pub(crate) fn hash_to_curve(seed: &[u8], attempt_count: u8) -> Affine<GrumpkinParameters> {
+pub(crate) fn hash_to_curve(seed: &[u8], attempt_count: u8) -> Affine<GrumpkinConfig> {
     let seed_size = seed.len();
     // expand by 2 bytes to cover incremental hash attempts
     let mut target_seed = seed.to_vec();
@@ -56,10 +56,10 @@ pub(crate) fn hash_to_curve(seed: &[u8], attempt_count: u8) -> Affine<GrumpkinPa
     hash.extend_from_slice(&hash_lo);
 
     // Here we reduce the 512 bit number modulo the base field modulus to calculate `x`
-    let x = <<GrumpkinParameters as CurveConfig>::BaseField as Field>::BasePrimeField::from_be_bytes_mod_order(&hash);
-    let x = <GrumpkinParameters as CurveConfig>::BaseField::from_base_prime_field(x);
+    let x = <<GrumpkinConfig as CurveConfig>::BaseField as Field>::BasePrimeField::from_be_bytes_mod_order(&hash);
+    let x = <GrumpkinConfig as CurveConfig>::BaseField::from_base_prime_field(x);
 
-    if let Some(point) = Affine::<GrumpkinParameters>::get_point_from_x_unchecked(x, false) {
+    if let Some(point) = Affine::<GrumpkinConfig>::get_point_from_x_unchecked(x, false) {
         let parity_bit = hash_hi[0] > 127;
         let y_bit_set = point.y().unwrap().into_bigint().get_bit(0);
         if (parity_bit && !y_bit_set) || (!parity_bit && y_bit_set) {

acvm-repo/bn254_blackbox_solver/src/lib.rs

@@ -11,6 +11,8 @@ mod poseidon2;
 mod schnorr;
 
 use ark_ec::AffineRepr;
+use ark_grumpkin::Fq;
+
 pub use embedded_curve_ops::{embedded_curve_add, multi_scalar_mul};
 pub use generator::generators::derive_generators;
 pub use poseidon2::poseidon2_permutation;
@@ -46,10 +48,10 @@ impl BlackBoxFunctionSolver<FieldElement> for Bn254BlackBoxSolver {
         inputs: &[FieldElement],
         domain_separator: u32,
     ) -> Result<(FieldElement, FieldElement), BlackBoxResolutionError> {
-        let inputs: Vec<grumpkin::Fq> = inputs.iter().map(|input| input.into_repr()).collect();
+        let inputs: Vec<Fq> = inputs.iter().map(|input| input.into_repr()).collect();
         let result = pedersen::commitment::commit_native_with_index(&inputs, domain_separator);
         let result = if let Some((x, y)) = result.xy() {
-            (FieldElement::from_repr(*x), FieldElement::from_repr(*y))
+            (FieldElement::from_repr(x), FieldElement::from_repr(y))
         } else {
             (FieldElement::from(0_u128), FieldElement::from(0_u128))
         };
@@ -62,7 +64,7 @@ impl BlackBoxFunctionSolver<FieldElement> for Bn254BlackBoxSolver {
         inputs: &[FieldElement],
         domain_separator: u32,
     ) -> Result<FieldElement, BlackBoxResolutionError> {
-        let inputs: Vec<grumpkin::Fq> = inputs.iter().map(|input| input.into_repr()).collect();
+        let inputs: Vec<Fq> = inputs.iter().map(|input| input.into_repr()).collect();
         let result = pedersen::hash::hash_with_index(&inputs, domain_separator);
         let result = FieldElement::from_repr(result);
         Ok(result)

acvm-repo/bn254_blackbox_solver/src/pedersen/commitment.rs

@@ -2,15 +2,15 @@
 
 use ark_ec::{short_weierstrass::Affine, AffineRepr, CurveGroup};
 use ark_ff::{MontConfig, PrimeField};
-use grumpkin::{Fq, FqConfig, Fr, FrConfig, GrumpkinParameters};
+use ark_grumpkin::{Fq, FqConfig, Fr, FrConfig, GrumpkinConfig};
 
 use crate::generator::generators::{derive_generators, DEFAULT_DOMAIN_SEPARATOR};
 
 /// Given a vector of fields, generate a pedersen commitment using the indexed generators.
 pub(crate) fn commit_native_with_index(
     inputs: &[Fq],
     starting_index: u32,
-) -> Affine<GrumpkinParameters> {
+) -> Affine<GrumpkinConfig> {
     let generators =
         derive_generators(DEFAULT_DOMAIN_SEPARATOR, inputs.len() as u32, starting_index);
 

acvm-repo/bn254_blackbox_solver/src/pedersen/hash.rs

@@ -3,26 +3,27 @@
 use std::sync::OnceLock;
 
 use ark_ec::{short_weierstrass::Affine, CurveConfig, CurveGroup};
-use grumpkin::GrumpkinParameters;
+use ark_grumpkin::Fq;
+use ark_grumpkin::GrumpkinConfig;
 
 use crate::generator::generators::derive_generators;
 
 use super::commitment::commit_native_with_index;
 
 /// Given a vector of fields, generate a pedersen hash using the indexed generators.
 pub(crate) fn hash_with_index(
-    inputs: &[grumpkin::Fq],
+    inputs: &[Fq],
     starting_index: u32,
-) -> <GrumpkinParameters as CurveConfig>::BaseField {
-    let length_as_scalar: <GrumpkinParameters as CurveConfig>::ScalarField =
+) -> <ark_grumpkin::GrumpkinConfig as CurveConfig>::BaseField {
+    let length_as_scalar: <GrumpkinConfig as CurveConfig>::ScalarField =
         (inputs.len() as u64).into();
     let length_prefix = *length_generator() * length_as_scalar;
     let result = length_prefix + commit_native_with_index(inputs, starting_index);
     result.into_affine().x
 }
 
-fn length_generator() -> &'static Affine<GrumpkinParameters> {
-    static INSTANCE: OnceLock<Affine<GrumpkinParameters>> = OnceLock::new();
+fn length_generator() -> &'static Affine<ark_grumpkin::GrumpkinConfig> {
+    static INSTANCE: OnceLock<Affine<GrumpkinConfig>> = OnceLock::new();
     INSTANCE.get_or_init(|| derive_generators("pedersen_hash_length".as_bytes(), 1, 0)[0])
 }
 

acvm-repo/bn254_blackbox_solver/src/schnorr/mod.rs

@@ -4,7 +4,7 @@ use ark_ec::{
     AffineRepr, CurveConfig, CurveGroup,
 };
 use ark_ff::{BigInteger, PrimeField, Zero};
-use grumpkin::{Fq, GrumpkinParameters};
+use ark_grumpkin::{Fq, GrumpkinConfig};
 
 pub(crate) fn verify_signature(
     pub_key_x: Fq,
@@ -13,7 +13,7 @@ pub(crate) fn verify_signature(
     sig_e_bytes: [u8; 32],
     message: &[u8],
 ) -> bool {
-    let pub_key = Affine::<GrumpkinParameters>::new_unchecked(pub_key_x, pub_key_y);
+    let pub_key = Affine::<GrumpkinConfig>::new_unchecked(pub_key_x, pub_key_y);
 
     if !pub_key.is_on_curve()
         || !pub_key.is_in_correct_subgroup_assuming_on_curve()
@@ -22,17 +22,15 @@ pub(crate) fn verify_signature(
         return false;
     }
 
-    let sig_s =
-        <GrumpkinParameters as CurveConfig>::ScalarField::from_be_bytes_mod_order(&sig_s_bytes);
-    let sig_e =
-        <GrumpkinParameters as CurveConfig>::ScalarField::from_be_bytes_mod_order(&sig_e_bytes);
+    let sig_s = <GrumpkinConfig as CurveConfig>::ScalarField::from_be_bytes_mod_order(&sig_s_bytes);
+    let sig_e = <GrumpkinConfig as CurveConfig>::ScalarField::from_be_bytes_mod_order(&sig_e_bytes);
 
     if sig_s.is_zero() || sig_e.is_zero() {
         return false;
     }
 
     // R = g^{sig.s} • pub^{sig.e}
-    let r = GrumpkinParameters::GENERATOR * sig_s + pub_key * sig_e;
+    let r = GrumpkinConfig::GENERATOR * sig_s + pub_key * sig_e;
     if r.is_zero() {
         // this result implies k == 0, which would be catastrophic for the prover.
         // it is a cheap check that ensures this doesn't happen.
@@ -50,11 +48,11 @@ fn schnorr_generate_challenge(
     message: &[u8],
     pub_key_x: Fq,
     pub_key_y: Fq,
-    r: Affine<GrumpkinParameters>,
+    r: Affine<GrumpkinConfig>,
 ) -> [u8; 32] {
     // create challenge message pedersen_commitment(R.x, pubkey)
 
-    let r_x = *r.x().expect("r has been checked to be non-zero");
+    let r_x = r.x().expect("r has been checked to be non-zero");
     let pedersen_hash = crate::pedersen::hash::hash_with_index(&[r_x, pub_key_x, pub_key_y], 0);
 
     let mut hash_input: Vec<u8> = pedersen_hash.into_bigint().to_bytes_be();

rust-toolchain.toml

@@ -1,5 +1,5 @@
 [toolchain]
-channel = "1.74.1"
+channel = "1.75.0"
 components = [ "rust-src" ]
 targets = [ "wasm32-unknown-unknown", "wasm32-wasi", "aarch64-apple-darwin" ]
 profile = "default"