Fix breakage due to scalar mul updates

arkworks-rs · Dec 8, 2020 · 1861953 · 1861953
1 parent f58f31c
commit 1861953
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 16 deletions.
diff --git a/src/ipa_pc/mod.rs b/src/ipa_pc/mod.rs
@@ -5,8 +5,7 @@ use crate::{PCCommitterKey, PCRandomness, PCUniversalParams, PolynomialCommitmen
 
 use ark_ec::{msm::VariableBaseMSM, AffineCurve, ProjectiveCurve};
 use ark_ff::{to_bytes, Field, One, PrimeField, UniformRand, Zero};
-use ark_std::{format, vec};
-use core::{convert::TryInto, marker::PhantomData};
+use ark_std::{convert::TryInto, format, marker::PhantomData, vec};
 use rand_core::RngCore;
 
 mod data_structures;
@@ -150,7 +149,7 @@ impl<G: AffineCurve, D: Digest, P: UVPolynomial<G::ScalarField>> InnerProductArg
 
         let h_prime = vk.h.mul(round_challenge);
 
-        let mut round_commitment_proj = combined_commitment_proj + &h_prime.mul(combined_v);
+        let mut round_commitment_proj = combined_commitment_proj + &h_prime.mul(combined_v.into());
 
         let l_iter = proof.l_vec.iter();
         let r_iter = proof.r_vec.iter();
@@ -584,7 +583,7 @@ where
             combined_polynomial += (hiding_challenge, &hiding_polynomial);
             combined_rand += &(hiding_challenge * &hiding_rand);
             combined_commitment_proj +=
-                &(hiding_commitment_proj.mul(hiding_challenge) - &ck.s.mul(combined_rand));
+                &(hiding_commitment.unwrap().mul(hiding_challenge) - &ck.s.mul(combined_rand));
 
             end_timer!(hiding_time);
         }
@@ -809,7 +808,7 @@ where
 
             let check_poly = P::from_coefficients_vec(check_poly.unwrap().compute_coeffs());
             combined_check_poly += (randomizer, &check_poly);
-            combined_final_key += &p.final_comm_key.into_projective().mul(randomizer);
+            combined_final_key += &p.final_comm_key.mul(randomizer);
 
             randomizer = u128::rand(rng).into();
             end_timer!(lc_time);

diff --git a/src/kzg10/mod.rs b/src/kzg10/mod.rs
@@ -124,8 +124,8 @@ where
 
         end_timer!(prepared_neg_powers_of_h_time);
 
-        let beta_h = h.mul(beta).into_affine();
         let h = h.into_affine();
+        let beta_h = h.mul(beta).into_affine();
         let prepared_h = h.into();
         let prepared_beta_h = beta_h.into();
 
@@ -305,7 +305,7 @@ where
         proof: &Proof<E>,
     ) -> Result<bool, Error> {
         let check_time = start_timer!(|| "Checking evaluation");
-        let mut inner = comm.0.into_projective() - &vk.g.into_projective().mul(value);
+        let mut inner = comm.0.into_projective() - &vk.g.mul(value);
         if let Some(random_v) = proof.random_v {
             inner -= &vk.gamma_g.mul(random_v);
         }
@@ -330,8 +330,6 @@ where
     ) -> Result<bool, Error> {
         let check_time =
             start_timer!(|| format!("Checking {} evaluation proofs", commitments.len()));
-        let g = vk.g.into_projective();
-        let gamma_g = vk.gamma_g.into_projective();
 
         let mut total_c = <E::G1Projective>::zero();
         let mut total_w = <E::G1Projective>::zero();
@@ -351,14 +349,14 @@ where
             if let Some(random_v) = proof.random_v {
                 gamma_g_multiplier += &(randomizer * &random_v);
             }
-            total_c += &c.mul(randomizer);
+            total_c += &c.mul(randomizer.into());
             total_w += &w.mul(randomizer);
             // We don't need to sample randomizers from the full field,
             // only from 128-bit strings.
             randomizer = u128::rand(rng).into();
         }
-        total_c -= &g.mul(g_multiplier);
-        total_c -= &gamma_g.mul(gamma_g_multiplier);
+        total_c -= &vk.g.mul(g_multiplier);
+        total_c -= &vk.gamma_g.mul(gamma_g_multiplier);
         end_timer!(combination_time);
 
         let to_affine_time = start_timer!(|| "Converting results to affine for pairing");

diff --git a/src/sonic_pc/mod.rs b/src/sonic_pc/mod.rs
@@ -60,7 +60,7 @@ impl<E: PairingEngine, P: UVPolynomial<E::Fr>> SonicKZG10<E, P> {
             let mut comm_with_challenge: E::G1Projective = comm.0.mul(curr_challenge);
 
             if let Some(randomizer) = randomizer {
-                comm_with_challenge = comm_with_challenge.mul(randomizer);
+                comm_with_challenge = comm_with_challenge.mul(randomizer.into());
             }
 
             // Accumulate values in the BTreeMap
@@ -79,8 +79,8 @@ impl<E: PairingEngine, P: UVPolynomial<E::Fr>> SonicKZG10<E, P> {
         }
 
         if let Some(randomizer) = randomizer {
-            witness = witness.mul(randomizer);
-            adjusted_witness = adjusted_witness.mul(randomizer);
+            witness = proof.w.mul(randomizer);
+            adjusted_witness = adjusted_witness.mul(randomizer.into());
         }
 
         *combined_witness += &witness;
@@ -560,7 +560,7 @@ where
                 hiding_bound = core::cmp::max(hiding_bound, cur_poly.hiding_bound());
                 poly += (*coeff, cur_poly.polynomial());
                 randomness += (*coeff, cur_rand);
-                comm += &curr_comm.commitment().0.into_projective().mul(*coeff);
+                comm += &curr_comm.commitment().0.mul(*coeff);
             }
 
             let lc_poly =