From 812ad77f09d2f28bd54b61734aa0dee39a54e697 Mon Sep 17 00:00:00 2001 From: mmagician Date: Mon, 5 Feb 2024 21:46:11 +0100 Subject: [PATCH 1/6] Add a trait bound Absorb to Commitment --- poly-commit/src/data_structures.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/poly-commit/src/data_structures.rs b/poly-commit/src/data_structures.rs index 2b942ee1..bf523f44 100644 --- a/poly-commit/src/data_structures.rs +++ b/poly-commit/src/data_structures.rs @@ -1,4 +1,5 @@ use crate::{Polynomial, String, Vec}; +use ark_crypto_primitives::sponge::Absorb; use ark_ff::{Field, PrimeField, ToConstraintField}; use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; use ark_std::rand::RngCore; @@ -55,7 +56,7 @@ pub trait PCPreparedVerifierKey { /// Defines the minimal interface of commitments for any polynomial /// commitment scheme. -pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize { +pub trait PCCommitment: Clone + CanonicalSerialize + CanonicalDeserialize + Absorb { /// Outputs a non-hiding commitment to the zero polynomial. fn empty() -> Self; From b595ba28379b4c933b34df35cc2d8ce85fe2a809 Mon Sep 17 00:00:00 2001 From: mmagician Date: Tue, 6 Feb 2024 13:12:52 +0100 Subject: [PATCH 2/6] Add trait bounds G1Affine: Absorb --- poly-commit/src/ipa_pc/data_structures.rs | 9 ++--- poly-commit/src/ipa_pc/mod.rs | 6 ++-- poly-commit/src/kzg10/data_structures.rs | 33 ++++++++++++++----- poly-commit/src/kzg10/mod.rs | 5 +++ .../src/marlin/marlin_pc/data_structures.rs | 29 ++++++++++++---- poly-commit/src/marlin/marlin_pc/mod.rs | 3 +- poly-commit/src/marlin/marlin_pst13_pc/mod.rs | 3 +- poly-commit/src/marlin/mod.rs | 3 +- poly-commit/src/sonic_pc/data_structures.rs | 7 +++- poly-commit/src/sonic_pc/mod.rs | 4 ++- 10 files changed, 76 insertions(+), 26 deletions(-) diff --git a/poly-commit/src/ipa_pc/data_structures.rs b/poly-commit/src/ipa_pc/data_structures.rs index 84fcb7f2..b7df381e 100644 --- a/poly-commit/src/ipa_pc/data_structures.rs +++ b/poly-commit/src/ipa_pc/data_structures.rs @@ -1,5 +1,6 @@ use crate::*; use crate::{PCCommitterKey, PCVerifierKey, Vec}; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::AffineRepr; use ark_ff::{Field, UniformRand, Zero}; use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; @@ -84,7 +85,7 @@ impl PCPreparedVerifierKey> for PreparedVerifierKe } /// Commitment to a polynomial that optionally enforces a degree bound. -#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)] +#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)] #[derivative( Default(bound = ""), Hash(bound = ""), @@ -94,7 +95,7 @@ impl PCPreparedVerifierKey> for PreparedVerifierKe PartialEq(bound = ""), Eq(bound = "") )] -pub struct Commitment { +pub struct Commitment { /// A Pedersen commitment to the polynomial. pub comm: G, @@ -104,7 +105,7 @@ pub struct Commitment { pub shifted_comm: Option, } -impl PCCommitment for Commitment { +impl PCCommitment for Commitment { #[inline] fn empty() -> Self { Commitment { @@ -121,7 +122,7 @@ impl PCCommitment for Commitment { /// Nothing to do to prepare this commitment (for now). pub type PreparedCommitment = Commitment; -impl PCPreparedCommitment> for PreparedCommitment { +impl PCPreparedCommitment> for PreparedCommitment { /// prepare `PreparedCommitment` from `Commitment` fn prepare(vk: &Commitment) -> Self { vk.clone() diff --git a/poly-commit/src/ipa_pc/mod.rs b/poly-commit/src/ipa_pc/mod.rs index 43a40852..b72ca204 100644 --- a/poly-commit/src/ipa_pc/mod.rs +++ b/poly-commit/src/ipa_pc/mod.rs @@ -15,7 +15,7 @@ pub use data_structures::*; #[cfg(feature = "parallel")] use rayon::prelude::*; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; use digest::Digest; /// A polynomial commitment scheme based on the hardness of the @@ -45,7 +45,7 @@ pub struct InnerProductArgPC< impl InnerProductArgPC where - G: AffineRepr, + G: AffineRepr + Absorb, G::Group: VariableBaseMSM, D: Digest, P: DenseUVPolynomial, @@ -337,7 +337,7 @@ where impl PolynomialCommitment for InnerProductArgPC where - G: AffineRepr, + G: AffineRepr + Absorb, G::Group: VariableBaseMSM, D: Digest, P: DenseUVPolynomial, diff --git a/poly-commit/src/kzg10/data_structures.rs b/poly-commit/src/kzg10/data_structures.rs index d648f19f..7cad995b 100644 --- a/poly-commit/src/kzg10/data_structures.rs +++ b/poly-commit/src/kzg10/data_structures.rs @@ -1,4 +1,5 @@ use crate::*; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::pairing::Pairing; use ark_ec::AdditiveGroup; use ark_ec::AffineRepr; @@ -314,7 +315,7 @@ impl PreparedVerifierKey { } /// `Commitment` commits to a polynomial. It is output by `KZG10::commit`. -#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize)] +#[derive(Derivative, CanonicalSerialize, CanonicalDeserialize, Absorb)] #[derivative( Default(bound = ""), Hash(bound = ""), @@ -324,12 +325,19 @@ impl PreparedVerifierKey { PartialEq(bound = ""), Eq(bound = "") )] -pub struct Commitment( +pub struct Commitment( /// The commitment is a group element. pub E::G1Affine, -); +) +where + E: Pairing, + E::G1Affine: Absorb; -impl PCCommitment for Commitment { +impl PCCommitment for Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ #[inline] fn empty() -> Self { Commitment(E::G1Affine::zero()) @@ -340,16 +348,21 @@ impl PCCommitment for Commitment { } } -impl ToConstraintField<::BasePrimeField> for Commitment +impl ToConstraintField<::BasePrimeField> for Commitment where - E::G1Affine: ToConstraintField<::BasePrimeField>, + E::G1Affine: ToConstraintField<::BasePrimeField> + Absorb, + E: Pairing, { fn to_field_elements(&self) -> Option::BasePrimeField>> { self.0.to_field_elements() } } -impl<'a, E: Pairing> AddAssign<(E::ScalarField, &'a Commitment)> for Commitment { +impl<'a, E> AddAssign<(E::ScalarField, &'a Commitment)> for Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ #[inline] fn add_assign(&mut self, (f, other): (E::ScalarField, &'a Commitment)) { let mut other = other.0 * f; @@ -373,7 +386,11 @@ pub struct PreparedCommitment( pub Vec, ); -impl PreparedCommitment { +impl PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// prepare `PreparedCommitment` from `Commitment` pub fn prepare(comm: &Commitment) -> Self { let mut prepared_comm = Vec::::new(); diff --git a/poly-commit/src/kzg10/mod.rs b/poly-commit/src/kzg10/mod.rs index 508db2cb..649f356b 100644 --- a/poly-commit/src/kzg10/mod.rs +++ b/poly-commit/src/kzg10/mod.rs @@ -6,6 +6,7 @@ //! This construction achieves extractability in the algebraic group model (AGM). use crate::{BTreeMap, Error, LabeledPolynomial, PCCommitmentState, ToString, Vec}; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::AffineRepr; use ark_ec::{pairing::Pairing, CurveGroup}; use ark_ec::{scalar_mul::ScalarMul, VariableBaseMSM}; @@ -32,6 +33,7 @@ pub struct KZG10> { impl KZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { @@ -548,6 +550,7 @@ mod tests { fn end_to_end_test_template() -> Result<(), Error> where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { @@ -579,6 +582,7 @@ mod tests { fn linear_polynomial_test_template() -> Result<(), Error> where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { @@ -607,6 +611,7 @@ mod tests { fn batch_check_test_template() -> Result<(), Error> where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, for<'a, 'b> &'a P: Div<&'b P, Output = P>, { diff --git a/poly-commit/src/marlin/marlin_pc/data_structures.rs b/poly-commit/src/marlin/marlin_pc/data_structures.rs index 203e3201..351bc034 100644 --- a/poly-commit/src/marlin/marlin_pc/data_structures.rs +++ b/poly-commit/src/marlin/marlin_pc/data_structures.rs @@ -2,6 +2,7 @@ use crate::{ DenseUVPolynomial, PCCommitment, PCCommitmentState, PCCommitterKey, PCPreparedCommitment, PCPreparedVerifierKey, PCVerifierKey, Vec, }; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::pairing::Pairing; use ark_ec::AdditiveGroup; use ark_ff::{Field, PrimeField, ToConstraintField}; @@ -213,7 +214,7 @@ impl PCPreparedVerifierKey> for PreparedVerifierKey PCPreparedVerifierKey> for PreparedVerifierKey { +pub struct Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// A KZG10 commitment to the polynomial. pub comm: kzg10::Commitment, @@ -235,7 +240,7 @@ pub struct Commitment { impl ToConstraintField<::BasePrimeField> for Commitment where - E::G1Affine: ToConstraintField<::BasePrimeField>, + E::G1Affine: ToConstraintField<::BasePrimeField> + Absorb, { fn to_field_elements(&self) -> Option::BasePrimeField>> { let mut res = Vec::new(); @@ -249,7 +254,11 @@ where } } -impl PCCommitment for Commitment { +impl PCCommitment for Commitment +where + E: Pairing, + E::G1Affine: Absorb, +{ #[inline] fn empty() -> Self { Self { @@ -272,12 +281,20 @@ impl PCCommitment for Commitment { PartialEq(bound = ""), Eq(bound = "") )] -pub struct PreparedCommitment { +pub struct PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ pub(crate) prepared_comm: kzg10::PreparedCommitment, pub(crate) shifted_comm: Option>, } -impl PCPreparedCommitment> for PreparedCommitment { +impl PCPreparedCommitment> for PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// Prepare commitment to a polynomial that optionally enforces a degree bound. fn prepare(comm: &Commitment) -> Self { let prepared_comm = kzg10::PreparedCommitment::::prepare(&comm.comm); diff --git a/poly-commit/src/marlin/marlin_pc/mod.rs b/poly-commit/src/marlin/marlin_pc/mod.rs index 7fbfba07..acf63a01 100644 --- a/poly-commit/src/marlin/marlin_pc/mod.rs +++ b/poly-commit/src/marlin/marlin_pc/mod.rs @@ -12,7 +12,7 @@ use ark_std::rand::RngCore; use ark_std::{marker::PhantomData, ops::Div, vec}; mod data_structures; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; pub use data_structures::*; /// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement, batching, @@ -57,6 +57,7 @@ pub(crate) fn shift_polynomial> impl PolynomialCommitment for MarlinKZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, S: CryptographicSponge, for<'a, 'b> &'a P: Div<&'b P, Output = P>, diff --git a/poly-commit/src/marlin/marlin_pst13_pc/mod.rs b/poly-commit/src/marlin/marlin_pst13_pc/mod.rs index eee026d7..320f316c 100644 --- a/poly-commit/src/marlin/marlin_pst13_pc/mod.rs +++ b/poly-commit/src/marlin/marlin_pst13_pc/mod.rs @@ -24,7 +24,7 @@ pub use data_structures::*; mod combinations; use combinations::*; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; #[cfg(feature = "parallel")] use rayon::prelude::*; @@ -146,6 +146,7 @@ impl, S: CryptographicSponge> impl PolynomialCommitment for MarlinPST13 where E: Pairing, + E::G1Affine: Absorb, P: DenseMVPolynomial + Sync, S: CryptographicSponge, P::Point: Index, diff --git a/poly-commit/src/marlin/mod.rs b/poly-commit/src/marlin/mod.rs index d7e7f5a1..0dc9f7c0 100644 --- a/poly-commit/src/marlin/mod.rs +++ b/poly-commit/src/marlin/mod.rs @@ -4,7 +4,7 @@ use crate::{BTreeMap, BTreeSet, Debug, RngCore, String, ToString, Vec}; use crate::{BatchLCProof, LabeledPolynomial, LinearCombination}; use crate::{Evaluations, LabeledCommitment, QuerySet}; use crate::{PCCommitmentState, Polynomial, PolynomialCommitment}; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; use ark_ec::pairing::Pairing; use ark_ec::AffineRepr; use ark_ec::CurveGroup; @@ -44,6 +44,7 @@ where impl Marlin where E: Pairing, + E::G1Affine: Absorb, S: CryptographicSponge, P: Polynomial, PC: PolynomialCommitment, diff --git a/poly-commit/src/sonic_pc/data_structures.rs b/poly-commit/src/sonic_pc/data_structures.rs index 4e1cd309..2311fc6f 100644 --- a/poly-commit/src/sonic_pc/data_structures.rs +++ b/poly-commit/src/sonic_pc/data_structures.rs @@ -2,6 +2,7 @@ use crate::kzg10; use crate::{ BTreeMap, PCCommitterKey, PCPreparedCommitment, PCPreparedVerifierKey, PCVerifierKey, Vec, }; +use ark_crypto_primitives::sponge::Absorb; use ark_ec::pairing::Pairing; use ark_ec::AdditiveGroup; use ark_serialize::{ @@ -21,7 +22,11 @@ pub type Commitment = kzg10::Commitment; /// `PreparedCommitment` is the prepared commitment for the KZG10 scheme. pub type PreparedCommitment = kzg10::PreparedCommitment; -impl PCPreparedCommitment> for PreparedCommitment { +impl PCPreparedCommitment> for PreparedCommitment +where + E: Pairing, + E::G1Affine: Absorb, +{ /// prepare `PreparedCommitment` from `Commitment` fn prepare(comm: &Commitment) -> Self { let mut prepared_comm = Vec::::new(); diff --git a/poly-commit/src/sonic_pc/mod.rs b/poly-commit/src/sonic_pc/mod.rs index caf9b79c..ad6bc45d 100644 --- a/poly-commit/src/sonic_pc/mod.rs +++ b/poly-commit/src/sonic_pc/mod.rs @@ -12,7 +12,7 @@ use ark_std::rand::RngCore; use ark_std::{convert::TryInto, marker::PhantomData, ops::Div, ops::Mul, vec}; mod data_structures; -use ark_crypto_primitives::sponge::CryptographicSponge; +use ark_crypto_primitives::sponge::{Absorb, CryptographicSponge}; pub use data_structures::*; /// Polynomial commitment based on [[KZG10]][kzg], with degree enforcement and @@ -34,6 +34,7 @@ pub struct SonicKZG10, S: Crypt impl SonicKZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, S: CryptographicSponge, { @@ -137,6 +138,7 @@ where impl PolynomialCommitment for SonicKZG10 where E: Pairing, + E::G1Affine: Absorb, P: DenseUVPolynomial, S: CryptographicSponge, for<'a, 'b> &'a P: Div<&'b P, Output = P>, From a0a07004ca7288504693c353470db43725b3fff4 Mon Sep 17 00:00:00 2001 From: mmagician Date: Tue, 6 Feb 2024 13:24:56 +0100 Subject: [PATCH 3/6] temp patch to absorb-derive branch --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index bc7f3243..a8a5c9c1 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -31,7 +31,7 @@ debug = true ark-ff = { git = "https://github.com/arkworks-rs/algebra/" } ark-ec = { git = "https://github.com/arkworks-rs/algebra/" } ark-serialize = { git = "https://github.com/arkworks-rs/algebra/" } -ark-crypto-primitives = { git = "https://github.com/arkworks-rs/crypto-primitives" } +ark-crypto-primitives = { git = "https://github.com/HungryCatsStudio/crypto-primitives", branch = "absorb-derive"} ark-r1cs-std = { git = "https://github.com/arkworks-rs/r1cs-std/" } ark-bls12-377 = { git = "https://github.com/arkworks-rs/curves/" } From 7b28c0690fd7313bd21b34437710bf2b20c10928 Mon Sep 17 00:00:00 2001 From: mmagician Date: Tue, 6 Feb 2024 16:53:57 +0100 Subject: [PATCH 4/6] derive Absorb for LabaledCommitment --- Cargo.toml | 2 +- poly-commit/src/data_structures.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index a8a5c9c1..9b61d22a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -31,7 +31,7 @@ debug = true ark-ff = { git = "https://github.com/arkworks-rs/algebra/" } ark-ec = { git = "https://github.com/arkworks-rs/algebra/" } ark-serialize = { git = "https://github.com/arkworks-rs/algebra/" } -ark-crypto-primitives = { git = "https://github.com/HungryCatsStudio/crypto-primitives", branch = "absorb-derive"} +ark-crypto-primitives = { git = "https://github.com/HungryCatsStudio/crypto-primitives", branch = "absorb"} ark-r1cs-std = { git = "https://github.com/arkworks-rs/r1cs-std/" } ark-bls12-377 = { git = "https://github.com/arkworks-rs/curves/" } diff --git a/poly-commit/src/data_structures.rs b/poly-commit/src/data_structures.rs index bf523f44..c51b78d3 100644 --- a/poly-commit/src/data_structures.rs +++ b/poly-commit/src/data_structures.rs @@ -179,7 +179,7 @@ impl<'a, F: Field, P: Polynomial> LabeledPolynomial { } /// A commitment along with information about its degree bound (if any). -#[derive(Clone)] +#[derive(Clone, Absorb)] pub struct LabeledCommitment { label: PolynomialLabel, commitment: C, From 4af4d6213105dabe590883176bf3adb15fe8b202 Mon Sep 17 00:00:00 2001 From: mmagician Date: Fri, 9 Feb 2024 17:22:58 +0100 Subject: [PATCH 5/6] manually implement `Absorb` for `LabeledCommitment` --- poly-commit/src/data_structures.rs | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/poly-commit/src/data_structures.rs b/poly-commit/src/data_structures.rs index c51b78d3..acbe441c 100644 --- a/poly-commit/src/data_structures.rs +++ b/poly-commit/src/data_structures.rs @@ -179,13 +179,23 @@ impl<'a, F: Field, P: Polynomial> LabeledPolynomial { } /// A commitment along with information about its degree bound (if any). -#[derive(Clone, Absorb)] +#[derive(Clone)] pub struct LabeledCommitment { label: PolynomialLabel, commitment: C, degree_bound: Option, } +impl Absorb for LabeledCommitment { + fn to_sponge_bytes(&self, dest: &mut Vec) { + self.commitment.to_sponge_bytes(dest) + } + + fn to_sponge_field_elements(&self, dest: &mut Vec) { + self.commitment.to_sponge_field_elements(dest) + } +} + impl> ToConstraintField for LabeledCommitment { From 99cb083f02cff015d80c67d95715de6fdd032ef4 Mon Sep 17 00:00:00 2001 From: mmagician Date: Fri, 9 Feb 2024 17:27:28 +0100 Subject: [PATCH 6/6] Revert "temp patch to absorb-derive branch" This reverts commit a0a07004ca7288504693c353470db43725b3fff4. --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 9b61d22a..bc7f3243 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -31,7 +31,7 @@ debug = true ark-ff = { git = "https://github.com/arkworks-rs/algebra/" } ark-ec = { git = "https://github.com/arkworks-rs/algebra/" } ark-serialize = { git = "https://github.com/arkworks-rs/algebra/" } -ark-crypto-primitives = { git = "https://github.com/HungryCatsStudio/crypto-primitives", branch = "absorb"} +ark-crypto-primitives = { git = "https://github.com/arkworks-rs/crypto-primitives" } ark-r1cs-std = { git = "https://github.com/arkworks-rs/r1cs-std/" } ark-bls12-377 = { git = "https://github.com/arkworks-rs/curves/" }