Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Constraints #47

Open
wants to merge 63 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
63 commits
Select commit Hold shift + click to select a range
2d63406
prepared vk/commitment types, and individual opening challenges
npwardberkeley Oct 22, 2020
895e274
addressed comments
npwardberkeley Oct 23, 2020
084b4b9
removed constraints from this PR
npwardberkeley Oct 23, 2020
b3ac047
cargo fmt
npwardberkeley Oct 23, 2020
85cc789
finish some final changes
weikengchen Oct 24, 2020
8c25981
some other comments
weikengchen Oct 25, 2020
6a7bc6a
remove the dependency of nonnative for now
weikengchen Oct 25, 2020
ee10685
try to fix nostd
weikengchen Oct 25, 2020
24fd572
fix
npwardberkeley Oct 25, 2020
a467a52
constraints
npwardberkeley Oct 27, 2020
37298ab
fix Cargo toml
weikengchen Oct 27, 2020
beee357
Default, Clone, ToConstraintField impls
npwardberkeley Oct 27, 2020
fdf1668
cargo fmt
npwardberkeley Oct 27, 2020
d04a9e9
cargo fmt
npwardberkeley Nov 3, 2020
8f17d50
fixes
npwardberkeley Nov 3, 2020
5e2ac2e
used HashMap instead of BTreeMap
npwardberkeley Nov 4, 2020
1b7617f
using HashMap and HashSet
npwardberkeley Nov 4, 2020
e17ce7d
Update Cargo.toml
weikengchen Nov 4, 2020
13c2ca0
Update pc_constraints.rs
weikengchen Nov 4, 2020
f080e51
fix nostd
weikengchen Nov 4, 2020
88306f9
add density-optimized; clippy
weikengchen Nov 12, 2020
cf79c6b
add ToConstraintField
weikengchen Nov 12, 2020
87084be
tracing
weikengchen Nov 12, 2020
a641d27
Merge branch 'master' into constraints
weikengchen Nov 12, 2020
9baed3e
done
weikengchen Nov 12, 2020
132842a
Update pc_constraints.rs
weikengchen Nov 13, 2020
56e481a
fmt
weikengchen Nov 13, 2020
8d4a964
Apply suggestions from code review
npwardberkeley Nov 17, 2020
2eaed72
small fixes
npwardberkeley Nov 17, 2020
1f639eb
Merge branch 'master' into constraints
weikengchen Nov 17, 2020
7bc0da1
cleaning
weikengchen Nov 17, 2020
58896f2
fix nostd
weikengchen Nov 17, 2020
8c4641d
Merge branch 'master' into constraints
weikengchen Dec 26, 2020
77c456a
reduce the PR size
oblivious-app Dec 26, 2020
ac23b82
reduce the PR size
oblivious-app Dec 26, 2020
ee7318c
reduce the PR size
oblivious-app Dec 26, 2020
f9baf70
reduce the PR size
oblivious-app Dec 26, 2020
cc2cfc0
reduce the PR size
oblivious-app Dec 26, 2020
a005c2d
minimize the PR size
oblivious-app Dec 26, 2020
5a2ef01
Updates Marlin constraints to latest LC representation (#68)
howardwu Jan 29, 2021
ebcf462
bump digest abnd blake2
weikengchen Feb 5, 2021
417154a
Update src/marlin_pc/constraints.rs
weikengchen Feb 8, 2021
d71e8d6
Merge branch 'master' into constraints
weikengchen Feb 8, 2021
9a633fb
simplify and refactor
weikengchen Feb 8, 2021
453841b
remove density-optimized feature
weikengchen Feb 8, 2021
9f328fb
use PairingFriendlyCycle instead of CycleEngine
weikengchen Feb 8, 2021
9019c22
simplify CycleEngine
weikengchen Feb 8, 2021
b0ff531
simplify
weikengchen Feb 8, 2021
100bc57
derive Clone
weikengchen Feb 8, 2021
a757cc2
derive Clone for BatchLCProof
weikengchen Feb 8, 2021
cffd1a4
change the handling of one and minus one coeff
weikengchen Feb 9, 2021
93969dc
no std
weikengchen Feb 9, 2021
1751933
remove bench-utils
weikengchen Mar 23, 2021
38add1b
rewrote some comments
npwardberkeley Apr 14, 2021
78af43d
LCInfo type for clarity
npwardberkeley Apr 15, 2021
caa3375
update dependencies to use release versions
Will-Lin4 Apr 29, 2021
44ca5a6
fix lcitem type integration
Will-Lin4 Apr 29, 2021
afb2959
Merge branch 'master' into constraints
weikengchen Jun 16, 2021
e9d5af8
Merge branch 'master' into constraints
Pratyush Jul 26, 2021
3cfa438
Fix and update dependencies to 0.3 (#93)
vlopes11 Mar 7, 2022
7f8e2c5
Merge `master` into `constraints` (#94)
vlopes11 Mar 7, 2022
9da67e2
Merge remote-tracking branch 'origin/master' into constraints
vlopes11 Mar 8, 2022
a688fe9
Update `PC::check_combinations` to optional rng (#97)
vlopes11 Apr 25, 2022
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 15 additions & 24 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "ark-poly-commit"
version = "0.3.0"
version = "0.3.1"
authors = [
"Alessandro Chiesa <[email protected]>",
"Mary Maller <[email protected]>",
Expand All @@ -21,28 +21,29 @@ license = "MIT/Apache-2.0"
edition = "2018"

[dependencies]
ark-serialize = { version = "^0.3.0", default-features = false, features = [ "derive" ] }
ark-ff = { version = "^0.3.0", default-features = false }
ark-ec = { version = "^0.3.0", default-features = false }
ark-poly = {version = "^0.3.0", default-features = false }
ark-sponge = {version = "^0.3.0", default-features = false}
ark-serialize = { version = "0.3", default-features = false, features = [ "derive" ] }
ark-ff = { version = "0.3", default-features = false }
ark-ec = { version = "0.3", default-features = false }
ark-poly = {version = "0.3", default-features = false }
ark-sponge = {version = "0.3", default-features = false}

ark-std = { version = "^0.3.0", default-features = false }
ark-relations = { version = "^0.3.0", default-features = false, optional = true }
ark-r1cs-std = { version = "^0.3.0", default-features = false, optional = true }
ark-nonnative-field = { version = "^0.3.0", default-features = false, optional = true }
ark-std = { version = "0.3", default-features = false }
ark-relations = { version = "0.3", default-features = false, optional = true }
ark-r1cs-std = { version = "0.3", default-features = false, optional = true }
ark-nonnative-field = { version = "0.3", default-features = false, optional = true }
hashbrown = { version = "0.9", optional = true }

digest = "0.9"
rayon = { version = "1", optional = true }
derivative = { version = "2", features = [ "use_core" ] }
tracing = { version = "0.1", default-features = false, features = [ "attributes" ] }

[dev-dependencies]
ark-ed-on-bls12-381 = { version = "^0.3.0", default-features = false }
ark-bls12-381 = { version = "^0.3.0", default-features = false, features = [ "curve" ] }
ark-bls12-377 = { version = "^0.3.0", default-features = false, features = [ "curve" ] }
ark-ed-on-bls12-381 = { version = "0.3", default-features = false }
ark-bls12-381 = { version = "0.3", default-features = false, features = [ "curve" ] }
ark-bls12-377 = { version = "0.3", default-features = false, features = [ "curve" ] }
blake2 = { version = "0.9", default-features = false }
rand_chacha = { version = "0.3.0", default-features = false }
rand_chacha = { version = "0.3", default-features = false }

[profile.release]
opt-level = 3
Expand All @@ -56,16 +57,6 @@ debug-assertions = true
incremental = true
debug = true

# To be removed in the new release.
[patch.crates-io]
ark-std = { git = "https://github.com/arkworks-rs/std" }
ark-ec = { git = "https://github.com/arkworks-rs/algebra" }
ark-ff = { git = "https://github.com/arkworks-rs/algebra" }
ark-serialize = { git = "https://github.com/arkworks-rs/algebra" }
ark-bls12-381 = { git = "https://github.com/arkworks-rs/curves" }
ark-bls12-377 = { git = "https://github.com/arkworks-rs/curves" }
ark-ed-on-bls12-381 = { git = "https://github.com/arkworks-rs/curves" }

[features]
default = [ "std", "parallel" ]
std = [ "ark-ff/std", "ark-ec/std", "ark-nonnative-field/std", "ark-poly/std", "ark-std/std", "ark-relations/std", "ark-serialize/std", "ark-sponge/std"]
Expand Down
1 change: 1 addition & 0 deletions src/data_structures.rs
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ pub struct BatchLCProof<F: PrimeField, T: Clone + CanonicalSerialize + Canonical
/// Evaluation proof.
pub proof: T,
/// Evaluations required to verify the proof.
// TODO `Option<Vec<_>>` should be `Vec<_>`
pub evals: Option<Vec<F>>,
}

Expand Down
13 changes: 7 additions & 6 deletions src/ipa_pc/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ use crate::{BatchLCProof, Error, Evaluations, QuerySet, UVPolynomial};
use crate::{LabeledCommitment, LabeledPolynomial, LinearCombination};
use crate::{PCCommitterKey, PCRandomness, PCUniversalParams, PolynomialCommitment};

use ark_ec::{msm::VariableBase, AffineCurve, ProjectiveCurve};
use ark_ec::{msm::VariableBaseMSM, AffineCurve, ProjectiveCurve};
use ark_ff::{to_bytes, Field, One, PrimeField, UniformRand, Zero};
use ark_std::rand::RngCore;
use ark_std::{convert::TryInto, format, marker::PhantomData, vec};
Expand Down Expand Up @@ -65,7 +65,7 @@ where
.map(|s| s.into_repr())
.collect::<Vec<_>>();

let mut comm = VariableBase::msm(comm_key, &scalars_bigint);
let mut comm = VariableBaseMSM::multi_scalar_mul(comm_key, &scalars_bigint);

if randomizer.is_some() {
assert!(hiding_generator.is_some());
Expand Down Expand Up @@ -701,14 +701,14 @@ where
})
}

fn check<'a>(
fn check<'a, R: RngCore>(
vk: &Self::VerifierKey,
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
point: &'a P::Point,
values: impl IntoIterator<Item = G::ScalarField>,
proof: &Self::Proof,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
_rng: Option<&mut dyn RngCore>,
_rng: Option<&mut R>,
) -> Result<bool, Self::Error>
where
Self::Commitment: 'a,
Expand Down Expand Up @@ -759,11 +759,12 @@ where
values: &Evaluations<G::ScalarField, P::Point>,
proof: &Self::BatchProof,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
rng: &mut R,
rng: Option<&mut R>,
) -> Result<bool, Self::Error>
where
Self::Commitment: 'a,
{
let rng = &mut crate::optional_rng::OptionalRng(rng);
let commitments: BTreeMap<_, _> = commitments.into_iter().map(|c| (c.label(), c)).collect();
let mut query_to_labels_map = BTreeMap::new();

Expand Down Expand Up @@ -956,7 +957,7 @@ where
eqn_evaluations: &Evaluations<P::Point, G::ScalarField>,
proof: &BatchLCProof<G::ScalarField, Self::BatchProof>,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
rng: &mut R,
rng: Option<&mut R>,
) -> Result<bool, Self::Error>
where
Self::Commitment: 'a,
Expand Down
51 changes: 35 additions & 16 deletions src/kzg10/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
//! This construction achieves extractability in the algebraic group model (AGM).

use crate::{BTreeMap, Error, LabeledPolynomial, PCRandomness, ToString, Vec};
use ark_ec::msm::{FixedBase, VariableBase};
use ark_ec::msm::{FixedBaseMSM, VariableBaseMSM};
use ark_ec::{group::Group, AffineCurve, PairingEngine, ProjectiveCurve};
use ark_ff::{One, PrimeField, UniformRand, Zero};
use ark_poly::UVPolynomial;
Expand Down Expand Up @@ -58,17 +58,21 @@ where
cur *= &beta;
}

let window_size = FixedBase::get_mul_window_size(max_degree + 1);
let window_size = FixedBaseMSM::get_mul_window_size(max_degree + 1);

let scalar_bits = E::Fr::size_in_bits();
let g_time = start_timer!(|| "Generating powers of G");
let g_table = FixedBase::get_window_table(scalar_bits, window_size, g);
let powers_of_g =
FixedBase::msm::<E::G1Projective>(scalar_bits, window_size, &g_table, &powers_of_beta);
let g_table = FixedBaseMSM::get_window_table(scalar_bits, window_size, g);
let powers_of_g = FixedBaseMSM::multi_scalar_mul::<E::G1Projective>(
scalar_bits,
window_size,
&g_table,
&powers_of_beta,
);
end_timer!(g_time);
let gamma_g_time = start_timer!(|| "Generating powers of gamma * G");
let gamma_g_table = FixedBase::get_window_table(scalar_bits, window_size, gamma_g);
let mut powers_of_gamma_g = FixedBase::msm::<E::G1Projective>(
let gamma_g_table = FixedBaseMSM::get_window_table(scalar_bits, window_size, gamma_g);
let mut powers_of_gamma_g = FixedBaseMSM::multi_scalar_mul::<E::G1Projective>(
scalar_bits,
window_size,
&gamma_g_table,
Expand All @@ -95,8 +99,8 @@ where
cur /= &beta;
}

let neg_h_table = FixedBase::get_window_table(scalar_bits, window_size, h);
let neg_powers_of_h = FixedBase::msm::<E::G2Projective>(
let neg_h_table = FixedBaseMSM::get_window_table(scalar_bits, window_size, h);
let neg_powers_of_h = FixedBaseMSM::multi_scalar_mul::<E::G2Projective>(
scalar_bits,
window_size,
&neg_h_table,
Expand Down Expand Up @@ -152,8 +156,10 @@ where
skip_leading_zeros_and_convert_to_bigints(polynomial);

let msm_time = start_timer!(|| "MSM to compute commitment to plaintext poly");
let mut commitment =
VariableBase::msm(&powers.powers_of_g[num_leading_zeros..], &plain_coeffs);
let mut commitment = VariableBaseMSM::multi_scalar_mul(
&powers.powers_of_g[num_leading_zeros..],
&plain_coeffs,
);
end_timer!(msm_time);

let mut randomness = Randomness::<E::Fr, P>::empty();
Expand All @@ -175,7 +181,8 @@ where
let random_ints = convert_to_bigints(&randomness.blinding_polynomial.coeffs());
let msm_time = start_timer!(|| "MSM to compute commitment to random poly");
let random_commitment =
VariableBase::msm(&powers.powers_of_gamma_g, random_ints.as_slice()).into_affine();
VariableBaseMSM::multi_scalar_mul(&powers.powers_of_gamma_g, random_ints.as_slice())
.into_affine();
end_timer!(msm_time);

commitment.add_assign_mixed(&random_commitment);
Expand Down Expand Up @@ -226,7 +233,10 @@ where
skip_leading_zeros_and_convert_to_bigints(witness_polynomial);

let witness_comm_time = start_timer!(|| "Computing commitment to witness polynomial");
let mut w = VariableBase::msm(&powers.powers_of_g[num_leading_zeros..], &witness_coeffs);
let mut w = VariableBaseMSM::multi_scalar_mul(
&powers.powers_of_g[num_leading_zeros..],
&witness_coeffs,
);
end_timer!(witness_comm_time);

let random_v = if let Some(hiding_witness_polynomial) = hiding_witness_polynomial {
Expand All @@ -238,7 +248,10 @@ where
let random_witness_coeffs = convert_to_bigints(&hiding_witness_polynomial.coeffs());
let witness_comm_time =
start_timer!(|| "Computing commitment to random witness polynomial");
w += &VariableBase::msm(&powers.powers_of_gamma_g, &random_witness_coeffs);
w += &VariableBaseMSM::multi_scalar_mul(
&powers.powers_of_gamma_g,
&random_witness_coeffs,
);
end_timer!(witness_comm_time);
Some(blinding_evaluation)
} else {
Expand Down Expand Up @@ -308,11 +321,12 @@ where
points: &[E::Fr],
values: &[E::Fr],
proofs: &[Proof<E>],
rng: &mut R,
rng: Option<&mut R>,
) -> Result<bool, Error> {
let check_time =
start_timer!(|| format!("Checking {} evaluation proofs", commitments.len()));

let rng = &mut crate::optional_rng::OptionalRng(rng);
let mut total_c = <E::G1Projective>::zero();
let mut total_w = <E::G1Projective>::zero();

Expand Down Expand Up @@ -603,7 +617,12 @@ mod tests {
proofs.push(proof);
}
assert!(KZG10::<E, P>::batch_check(
&vk, &comms, &points, &values, &proofs, rng
&vk,
&comms,
&points,
&values,
&proofs,
Some(rng)
)?);
}
Ok(())
Expand Down
16 changes: 8 additions & 8 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -222,14 +222,14 @@ pub trait PolynomialCommitment<F: PrimeField, P: Polynomial<F>, S: Cryptographic
Self::Commitment: 'a;

/// check but with individual challenges
fn check<'a>(
fn check<'a, R: RngCore>(
vk: &Self::VerifierKey,
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
point: &'a P::Point,
values: impl IntoIterator<Item = F>,
proof: &Self::Proof,
challenge_generator: &mut ChallengeGenerator<F, S>,
rng: Option<&mut dyn RngCore>,
rng: Option<&mut R>,
) -> Result<bool, Self::Error>
where
Self::Commitment: 'a;
Expand All @@ -242,7 +242,7 @@ pub trait PolynomialCommitment<F: PrimeField, P: Polynomial<F>, S: Cryptographic
evaluations: &Evaluations<P::Point, F>,
proof: &Self::BatchProof,
challenge_generator: &mut ChallengeGenerator<F, S>,
rng: &mut R,
mut rng: Option<&mut R>,
) -> Result<bool, Self::Error>
where
Self::Commitment: 'a,
Expand Down Expand Up @@ -289,7 +289,7 @@ pub trait PolynomialCommitment<F: PrimeField, P: Polynomial<F>, S: Cryptographic
values,
&proof,
challenge_generator,
Some(rng),
rng.as_mut(),
)?;
end_timer!(proof_time);
}
Expand Down Expand Up @@ -341,7 +341,7 @@ pub trait PolynomialCommitment<F: PrimeField, P: Polynomial<F>, S: Cryptographic
eqn_evaluations: &Evaluations<P::Point, F>,
proof: &BatchLCProof<F, Self::BatchProof>,
challenge_generator: &mut ChallengeGenerator<F, S>,
rng: &mut R,
rng: Option<&mut R>,
) -> Result<bool, Self::Error>
where
Self::Commitment: 'a,
Expand Down Expand Up @@ -638,7 +638,7 @@ pub mod tests {
&values,
&proof,
&mut (challenge_gen.clone()),
rng,
Some(rng),
)?;
assert!(result, "proof was incorrect, Query set: {:#?}", query_set);
}
Expand Down Expand Up @@ -774,7 +774,7 @@ pub mod tests {
&values,
&proof,
&mut (challenge_gen.clone()),
rng,
Some(rng),
)?;
if !result {
println!(
Expand Down Expand Up @@ -955,7 +955,7 @@ pub mod tests {
&values,
&proof,
&mut (challenge_gen.clone()),
rng,
Some(rng),
)?;
if !result {
println!(
Expand Down
Loading