From 4aeb83851053f091b940c56d3f440a6587aac0b6 Mon Sep 17 00:00:00 2001
From: Vesselin Velichkov <vesselin@lancre>
Date: Fri, 22 Jul 2022 15:02:39 +0100
Subject: [PATCH] plonk: fixed functions plonk_compute_accumulator and
 plonk_compute_selector_polynomials to allocate the size of their return
 values inside of the function i.e. not to rely on the caller to pass inputs
 with correct size. addressing issue
 https://github.com/clearmatics/libsnark/issues/58, bullet 7

---
 libsnark/zk_proof_systems/plonk/prover.tcc    | 11 ++-------
 .../plonk/tests/test_plonk.cpp                | 17 ++++---------
 libsnark/zk_proof_systems/plonk/utils.hpp     | 13 +++++-----
 libsnark/zk_proof_systems/plonk/utils.tcc     | 24 +++++++++++--------
 4 files changed, 27 insertions(+), 38 deletions(-)

diff --git a/libsnark/zk_proof_systems/plonk/prover.tcc b/libsnark/zk_proof_systems/plonk/prover.tcc
index 92a860db4..1cbd6cb47 100644
--- a/libsnark/zk_proof_systems/plonk/prover.tcc
+++ b/libsnark/zk_proof_systems/plonk/prover.tcc
@@ -194,15 +194,8 @@ round_two_out_t<ppT> plonk_prover<ppT>::round_two(
         z1_blind_poly, z1_blind_poly, round_zero_out.zh_poly);
 
     // A[0] = 1; ... A[i] = computed from (i-1)
-    std::vector<Field> A_vector(srs.num_gates, Field(0));
-    plonk_compute_accumulator(
-        srs.num_gates,
-        beta,
-        gamma,
-        witness,
-        srs.H_gen,
-        srs.H_gen_permute,
-        A_vector);
+    std::vector<Field> A_vector = plonk_compute_accumulator(
+        srs.num_gates, beta, gamma, witness, srs.H_gen, srs.H_gen_permute);
 
     polynomial<Field> A_poly(srs.num_gates);
     plonk_interpolate_polynomial_from_points<Field>(A_vector, A_poly);
diff --git a/libsnark/zk_proof_systems/plonk/tests/test_plonk.cpp b/libsnark/zk_proof_systems/plonk/tests/test_plonk.cpp
index 62f3a7b65..876175c2e 100644
--- a/libsnark/zk_proof_systems/plonk/tests/test_plonk.cpp
+++ b/libsnark/zk_proof_systems/plonk/tests/test_plonk.cpp
@@ -187,9 +187,9 @@ circuit_t<ppT> plonk_circuit_description_from_example(
     // transposed gates matrix over the Lagrange basis q_poly = \sum_i
     // q[i] * L[i] where q[i] is a coefficient (a scalar Field
     // element) and L[i] is a polynomial with Field coefficients
-    std::vector<polynomial<Field>> Q_polys;
-    Q_polys.resize(num_qpolys, polynomial<Field>(num_gates));
-    plonk_compute_selector_polynomials<Field>(gates_matrix_transpose, Q_polys);
+    std::vector<polynomial<Field>> Q_polys =
+        plonk_compute_selector_polynomials<Field>(
+            num_gates, num_qpolys, gates_matrix_transpose);
 
     // omega[0] are the n roots of unity, omega[1] are omega[0]*k1,
     // omega[2] are omega[0]*k2
@@ -252,15 +252,8 @@ void test_plonk_compute_accumulator(
 {
     using Field = libff::Fr<ppT>;
     // A[0] = 1; ... A[i] = computed from (i-1)
-    std::vector<Field> A_vector(srs.num_gates, Field(0));
-    plonk_compute_accumulator(
-        srs.num_gates,
-        beta,
-        gamma,
-        witness,
-        srs.H_gen,
-        srs.H_gen_permute,
-        A_vector);
+    std::vector<Field> A_vector = plonk_compute_accumulator(
+        srs.num_gates, beta, gamma, witness, srs.H_gen, srs.H_gen_permute);
     polynomial<Field> A_poly(srs.num_gates);
     plonk_interpolate_polynomial_from_points<Field>(A_vector, A_poly);
 
diff --git a/libsnark/zk_proof_systems/plonk/utils.hpp b/libsnark/zk_proof_systems/plonk/utils.hpp
index 44a75c4ed..6e09cbce0 100644
--- a/libsnark/zk_proof_systems/plonk/utils.hpp
+++ b/libsnark/zk_proof_systems/plonk/utils.hpp
@@ -97,9 +97,9 @@ void plonk_interpolate_polynomial_from_points(
 /// values L, R, M, O and C for each gate; the number of columns is
 /// equal to the number of gates. L_basis is the Lagrange basis.
 template<typename FieldT>
-void plonk_compute_selector_polynomials(
-    const std::vector<std::vector<FieldT>> &gates_matrix_transpose,
-    std::vector<polynomial<FieldT>> &Q_polys);
+std::vector<polynomial<FieldT>> plonk_compute_selector_polynomials(
+    const size_t &num_gates,
+    const std::vector<std::vector<FieldT>> &gates_matrix_transpose);
 
 /// This function computes the sets H, k1H, k2H.  H is a
 /// multiplicative subgroup containing the n-th roots of unity in Fr,
@@ -198,14 +198,13 @@ FieldT plonk_compute_accumulator_factor(
 
 /// A: accumulatro vector
 template<typename FieldT>
-void plonk_compute_accumulator(
-    const size_t n, // num_gates
+std::vector<FieldT> plonk_compute_accumulator(
+    const size_t num_gates,
     const FieldT beta,
     const FieldT gamma,
     const std::vector<FieldT> &witness,
     const std::vector<FieldT> &H_gen, // H, Hk1, Hk2
-    const std::vector<FieldT> &H_gen_permute,
-    std::vector<FieldT> &A);
+    const std::vector<FieldT> &H_gen_permute);
 
 } // namespace libsnark
 
diff --git a/libsnark/zk_proof_systems/plonk/utils.tcc b/libsnark/zk_proof_systems/plonk/utils.tcc
index 87f8e27a3..e8700c84f 100644
--- a/libsnark/zk_proof_systems/plonk/utils.tcc
+++ b/libsnark/zk_proof_systems/plonk/utils.tcc
@@ -96,17 +96,21 @@ void plonk_interpolate_polynomial_from_points(
 /// values L, R, M, O and C for each gate; the number of columns is
 /// equal to the number of gates. L_basis is the Lagrange basis.
 template<typename FieldT>
-void plonk_compute_selector_polynomials(
-    const std::vector<std::vector<FieldT>> &gates_matrix_transpose,
-    std::vector<polynomial<FieldT>> &Q_polys)
+std::vector<polynomial<FieldT>> plonk_compute_selector_polynomials(
+    const size_t &num_gates,
+    const size_t &num_qpolys,
+    const std::vector<std::vector<FieldT>> &gates_matrix_transpose)
 {
-    assert(gates_matrix_transpose.size() == Q_polys.size());
-    assert(gates_matrix_transpose[0].size() == Q_polys[0].size());
-    size_t num_qpolys = gates_matrix_transpose.size();
+    assert(gates_matrix_transpose.size() == num_qpolys);
+    assert(gates_matrix_transpose[0].size() == num_gates);
+
+    std::vector<polynomial<FieldT>> Q_polys;
+    Q_polys.resize(num_qpolys, polynomial<FieldT>(num_gates));
     for (size_t i = 0; i < num_qpolys; ++i) {
         std::vector<FieldT> q_vec = gates_matrix_transpose[i];
         plonk_interpolate_polynomial_from_points<FieldT>(q_vec, Q_polys[i]);
     }
+    return Q_polys;
 };
 
 template<typename FieldT>
@@ -353,24 +357,24 @@ FieldT plonk_compute_accumulator_factor(
 
 // - A: accumulator vector
 template<typename FieldT>
-void plonk_compute_accumulator(
+std::vector<FieldT> plonk_compute_accumulator(
     const size_t num_gates,
     const FieldT beta,
     const FieldT gamma,
     const std::vector<FieldT> &witness,
     const std::vector<FieldT> &H_gen, // H, Hk1, Hk2
-    const std::vector<FieldT> &H_gen_permute,
-    std::vector<FieldT> &A)
+    const std::vector<FieldT> &H_gen_permute)
 {
     assert(num_gates);
     assert(witness.size() == (NUM_HSETS * num_gates));
     assert(H_gen.size() == (NUM_HSETS * num_gates));
     assert(H_gen_permute.size() == (NUM_HSETS * num_gates));
-    assert(A.size() == num_gates);
+    std::vector<FieldT> A(num_gates, FieldT(0));
     for (size_t i = 0; i < num_gates; ++i) {
         A[i] = plonk_compute_accumulator_factor(
             i, num_gates, beta, gamma, witness, H_gen, H_gen_permute, A);
     }
+    return A;
 }
 
 } // namespace libsnark