-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OrchardZSA backward compatibility using "if"s #25
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -59,6 +59,8 @@ where | |
pub(super) generator_table: GeneratorTableConfig, | ||
/// An advice column configured to perform lookup range checks. | ||
lookup_config: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>, | ||
/// FIXME: add a proper comment | ||
is_zsa_variant: bool, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Rename option: "is_zsa_variant" --> "is_Q_private". Previously, Q was public in the old version, i.e., y_q = fixed_y_q. Now, Q is private, and y_q is assigned to x_p.prev. The comment can be: is_Q_private is a boolean flag used to determine whether Q is a private point. When this flag is set to true, it indicates that Q is a private point, and y_Q is assigned to x_P. When this flag is set to false, it indicates that Q is a public point, and y_Q is assigned to fixed_y_q. |
||
_marker: PhantomData<(Hash, Commit, F)>, | ||
} | ||
|
||
|
@@ -153,7 +155,7 @@ where | |
advices: [Column<Advice>; 5], | ||
witness_pieces: Column<Advice>, | ||
fixed_y_q: Column<Fixed>, | ||
lookup: (TableColumn, TableColumn, TableColumn, TableColumn), | ||
lookup: (TableColumn, TableColumn, TableColumn, Option<TableColumn>), | ||
range_check: LookupRangeCheckConfig<pallas::Base, { sinsemilla::K }>, | ||
) -> <Self as Chip<pallas::Base>>::Config { | ||
// Enable equality on all advice columns | ||
|
@@ -181,6 +183,8 @@ where | |
table_range_check_tag: lookup.3, | ||
}, | ||
lookup_config: range_check, | ||
// FIXME: consider passing is_zsa_enabled to `configure` function explicitly | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. what's the problem? |
||
is_zsa_variant: lookup.3.is_some(), | ||
_marker: PhantomData, | ||
}; | ||
|
||
|
@@ -204,7 +208,12 @@ where | |
// https://p.z.cash/halo2-0.1:sinsemilla-constraints?partial | ||
meta.create_gate("Initial y_Q", |meta| { | ||
let q_s4 = meta.query_selector(config.q_sinsemilla4); | ||
let y_q = meta.query_advice(config.double_and_add.x_p, Rotation::prev()); | ||
|
||
let y_q = if config.is_zsa_variant { | ||
meta.query_advice(config.double_and_add.x_p, Rotation::prev()) | ||
} else { | ||
meta.query_fixed(config.fixed_y_q) | ||
}; | ||
|
||
// Y_A = (lambda_1 + lambda_2) * (x_a - x_r) | ||
let Y_A_cur = Y_A(meta, Rotation::cur()); | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -41,7 +41,11 @@ where | |
), | ||
Error, | ||
> { | ||
let (offset, x_a, y_a) = self.public_initialization(region, Q)?; | ||
let (offset, x_a, y_a) = if self.config.is_zsa_variant { | ||
self.public_initialization_zsa(region, Q)? | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. public_initialization_zsa --> private_initialization. I think the "private_initialization" would be better since Q is now a private point. |
||
} else { | ||
self.public_initialization(region, Q)? | ||
}; | ||
|
||
let (x_a, y_a, zs_sum) = self.hash_all_pieces(region, offset, message, x_a, y_a)?; | ||
|
||
|
@@ -116,6 +120,19 @@ where | |
|
||
let (x_a, y_a, zs_sum) = self.hash_all_pieces(region, offset, message, x_a, y_a)?; | ||
|
||
// FIXME: try to avoid duplication with a very similar code block in `hash_message` method | ||
// - it's basically the same code except the following lines: | ||
// | ||
// hash_message_with_private_init: | ||
// ... | ||
// .zip(Q.point()) | ||
// .assert_if_known(|((field_elems, (x_a, y_a)), Q)| { | ||
// ... | ||
// | ||
// hash_message: | ||
// ... | ||
// .assert_if_known(|(field_elems, (x_a, y_a))| { | ||
// ... | ||
#[cfg(test)] | ||
#[allow(non_snake_case)] | ||
// Check equivalence to result from primitives::sinsemilla::hash_to_point | ||
|
@@ -165,14 +182,57 @@ where | |
)) | ||
} | ||
|
||
#[allow(non_snake_case)] | ||
fn public_initialization( | ||
&self, | ||
region: &mut Region<'_, pallas::Base>, | ||
Q: pallas::Affine, | ||
) -> Result<(usize, X<pallas::Base>, Y<pallas::Base>), Error> { | ||
let config = self.config().clone(); | ||
let offset = 0; | ||
|
||
// Get the `x`- and `y`-coordinates of the starting `Q` base. | ||
let x_q = *Q.coordinates().unwrap().x(); | ||
let y_q = *Q.coordinates().unwrap().y(); | ||
|
||
// Constrain the initial x_a, lambda_1, lambda_2, x_p using the q_sinsemilla4 | ||
// selector. | ||
let y_a: Y<pallas::Base> = { | ||
// Enable `q_sinsemilla4` on the first row. | ||
config.q_sinsemilla4.enable(region, offset)?; | ||
region.assign_fixed( | ||
|| "fixed y_q", | ||
config.fixed_y_q, | ||
offset, | ||
|| Value::known(y_q), | ||
)?; | ||
|
||
Value::known(y_q.into()).into() | ||
}; | ||
|
||
// Constrain the initial x_q to equal the x-coordinate of the domain's `Q`. | ||
let x_a: X<pallas::Base> = { | ||
let x_a = region.assign_advice_from_constant( | ||
|| "fixed x_q", | ||
config.double_and_add.x_a, | ||
offset, | ||
x_q.into(), | ||
)?; | ||
|
||
x_a.into() | ||
}; | ||
|
||
Ok((offset, x_a, y_a)) | ||
} | ||
|
||
#[allow(non_snake_case)] | ||
/// Assign the coordinates of the initial public point `Q` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. public point |
||
/// | ||
/// | offset | x_A | x_P | q_sinsemilla4 | | ||
/// -------------------------------------- | ||
/// | 0 | | y_Q | | | ||
/// | 1 | x_Q | | 1 | | ||
fn public_initialization( | ||
fn public_initialization_zsa( | ||
&self, | ||
region: &mut Region<'_, pallas::Base>, | ||
Q: pallas::Affine, | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what's the problem?